www.elfcosmetics.com Open in urlscan Pro
140.174.12.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.elfcosmetics.com/
Effective URL:
https://www.elfcosmetics.com/
Submission: On February 06 via api (February 6th 2024, 7:07:15 am UTC) from US — Scanned from DE

Summary HTTP 292 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 65 IPs in 4 countries across 46 domains to perform 292 HTTP transactions. The main IP is 140.174.12.147, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 88499.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.

This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	140.174.12.225 140.174.12.225	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1 101	140.174.12.147 140.174.12.147	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1	2606:4700:440... 2606:4700:4400::6812:226c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a02:26f0:310... 2a02:26f0:3100::1735:2b10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
3	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:2251:1800:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	64.185.227.156 64.185.227.156	18450 (WEBNX) (WEBNX)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:b600:11:85b0:d600:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:7e00:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	18.66.112.128 18.66.112.128	16509 (AMAZON-02) (AMAZON-02)
1	204.2.49.54 204.2.49.54	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1	95.101.44.133 95.101.44.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
1	2a02:26f0:480... 2a02:26f0:480:33::212:40ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:224... 2600:9000:2240:6c00:13:d6f4:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:887::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
6	2.19.96.161 2.19.96.161	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:206... 2600:9000:206f:200:a:7914:b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.112.6 18.66.112.6	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.128.163.240 108.128.163.240	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	18.199.1.91 18.199.1.91	16509 (AMAZON-02) (AMAZON-02)
2	34.49.124.132 34.49.124.132	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.30.246.4 52.30.246.4	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.126.118.203 104.126.118.203	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
8	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.202.102 34.149.202.102	15169 (GOOGLE) (GOOGLE)
1	34.117.204.153 34.117.204.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.211.233 34.149.211.233	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2606:4700:440... 2606:4700:4400::6812:2a49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.214.37.10 52.214.37.10	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.54 18.66.122.54	16509 (AMAZON-02) (AMAZON-02)
13	91.235.133.113 91.235.133.113	30286 (THM) (THM)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	2600:1901:0:5... 2600:1901:0:56e0::	15169 (GOOGLE) (GOOGLE)
1	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
292	65

1 140.174.12.225 (United States) 1 redirects

ASN393259 (YOTTAA-AS-1, US)

www.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

101 140.174.12.147 (United States) 1 redirects

ASN393259 (YOTTAA-AS-1, US)

www.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:226c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.c1.amplience.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:26f0:3100::1735:2b10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.media.amplience.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn-fsly.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-pxxt4gy2ig.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:1800:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.185.227.156 (New York, United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:b600:11:85b0:d600:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.cnnx.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

10265292.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:7e00:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.112.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-128.fra56.r.cloudfront.net

async-px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.2.49.54 (United States)

ASN393259 (YOTTAA-AS-1, US)

qoe-1.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.44.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-44-133.deploy.static.akamaitechnologies.com

static.ordergroove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:33::212:40ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:6c00:13:d6f4:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:887::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.96.161 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-161.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:200:a:7914:b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-6.fra56.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.163.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-163-240.eu-west-1.compute.amazonaws.com

api.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

conversions-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.199.1.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-199-1-91.eu-central-1.compute.amazonaws.com

external-api.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.49.124.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.124.49.34.bc.googleusercontent.com

sgtm.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.246.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-246-4.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

ut.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.118.203 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-118-203.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.202.102 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 102.202.149.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.204.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.204.117.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.211.233 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 233.211.149.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:2a49 (United States)

ASN13335 (CLOUDFLARENET, US)

elfcosmetics.a.bigcontent.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.37.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-37-10.eu-west-1.compute.amazonaws.com

srm.ba.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-54.fra60.r.cloudfront.net

cdn-scripts.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 91.235.133.113 (United States)

ASN30286 (THM, US)

imgs.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

w2txo5aaynxwdj6jzdesj6dxa6p2aau572n7c47hfdfb35ff560551e0am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:56e0:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
104	elfcosmetics.com 2 redirects www.elfcosmetics.com — Cisco Umbrella Rank: 88499 sgtm.elfcosmetics.com	526 KB
25	amplience.net cdn.c1.amplience.net — Cisco Umbrella Rank: 57643 cdn.media.amplience.net — Cisco Umbrella Rank: 14699	2 MB
15	signifyd.com cdn-scripts.signifyd.com — Cisco Umbrella Rank: 8946 imgs.signifyd.com — Cisco Umbrella Rank: 7684	95 KB
13	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 364	323 KB
11	paypal.com www.paypal.com — Cisco Umbrella Rank: 3015 t.paypal.com — Cisco Umbrella Rank: 3523	239 KB
10	dynamicyield.com cdn.dynamicyield.com — Cisco Umbrella Rank: 8995 st.dynamicyield.com — Cisco Umbrella Rank: 8356 async-px.dynamicyield.com — Cisco Umbrella Rank: 8465	232 KB
9	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2171 api.bounceexchange.com — Cisco Umbrella Rank: 2497	166 KB
8	doubleclick.net 9231397.fls.doubleclick.net Failed 10742279.fls.doubleclick.net Failed 10265292.fls.doubleclick.net — Cisco Umbrella Rank: 728870 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	8 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 98 region1.analytics.google.com — Cisco Umbrella Rank: 2616	1 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	146 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6518	905 B
6	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 3655	887 B
4	bigcontent.io elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 129492	9 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 871	4 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 922 tr6.snapchat.com — Cisco Umbrella Rank: 1368	711 B
4	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3681 c.contentsquare.net — Cisco Umbrella Rank: 4361 srm.ba.contentsquare.net — Cisco Umbrella Rank: 18558	70 KB
4	yottaa.net cdn-fsly.yottaa.net — Cisco Umbrella Rank: 21801 Failed qoe-1.yottaa.net — Cisco Umbrella Rank: 9399	1 MB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 2734 w2txo5aaynxwdj6jzdesj6dxa6p2aau572n7c47hfdfb35ff560551e0am1.e.aa.online-metrix.net	16 KB
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 4810 page.cdnbasket.net — Cisco Umbrella Rank: 4821 view.cdnbasket.net — Cisco Umbrella Rank: 4825	1014 B
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2611	33 KB
3	jebbit.com js.jebbit.com — Cisco Umbrella Rank: 48268 external-api.jebbit.com — Cisco Umbrella Rank: 55964	61 KB
3	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 637	445 B
3	px-cloud.net collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 268910	1 KB
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 3905 e.cdnwidget.com — Cisco Umbrella Rank: 15188	335 B
2	reddit.com conversions-config.reddit.com — Cisco Umbrella Rank: 673835 alb.reddit.com — Cisco Umbrella Rank: 1450	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	71 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 376	13 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 869	21 KB
2	usehero.com cdn.usehero.com — Cisco Umbrella Rank: 50741 api.usehero.com — Cisco Umbrella Rank: 46701	29 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	ipify.org api.ipify.org — Cisco Umbrella Rank: 2768	444 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	215 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2898	969 B
1	linksynergy.com ut.rd.linksynergy.com — Cisco Umbrella Rank: 8108	404 B
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4513	6 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1335	9 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1260	18 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4670	12 KB
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 7583	15 KB
1	ordergroove.com static.ordergroove.com — Cisco Umbrella Rank: 28713	42 KB
1	cnnx.link js.cnnx.link — Cisco Umbrella Rank: 9292	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 567	312 B
0	rlcdn.com Failed idsync.rlcdn.com Failed
0	pointmediatracker.com Failed pixel.pointmediatracker.com Failed
292	46

	Domain	Requested by
102	www.elfcosmetics.com	2 redirects www.elfcosmetics.com cdn-fsly.yottaa.net analytics.tiktok.com
24	cdn.media.amplience.net	www.elfcosmetics.com
13	imgs.signifyd.com	www.elfcosmetics.com imgs.signifyd.com
13	cdn.cookielaw.org	cdn-fsly.yottaa.net cdn.cookielaw.org www.elfcosmetics.com
9	www.paypal.com	www.elfcosmetics.com www.paypal.com www.paypalobjects.com
8	assets.bounceexchange.com	www.elfcosmetics.com
6	analytics.tiktok.com	www.elfcosmetics.com analytics.tiktok.com
6	async-px.dynamicyield.com	cdn.dynamicyield.com
6	www.google.de	www.elfcosmetics.com
6	sdk.iad-05.braze.com	cdn-fsly.yottaa.net
5	www.google.com	1 redirects www.elfcosmetics.com
4	elfcosmetics.a.bigcontent.io
4	ct.pinterest.com	s.pinimg.com www.elfcosmetics.com
4	googleads.g.doubleclick.net	1 redirects www.elfcosmetics.com
3	www.paypalobjects.com	www.elfcosmetics.com www.paypalobjects.com
3	tr.snapchat.com	www.elfcosmetics.com sc-static.net
3	insight.adsrvr.org	www.elfcosmetics.com
3	cdn.dynamicyield.com	www.elfcosmetics.com
3	collector-pxxt4gy2ig.px-cloud.net	www.elfcosmetics.com
3	cdn-fsly.yottaa.net	www.elfcosmetics.com
2	h.online-metrix.net	imgs.signifyd.com
2	cdn-scripts.signifyd.com	www.elfcosmetics.com
2	c.contentsquare.net
2	sgtm.elfcosmetics.com	www.googletagmanager.com analytics.tiktok.com
2	t.paypal.com
2	connect.facebook.net	www.elfcosmetics.com
2	bat.bing.com	www.elfcosmetics.com
2	js.jebbit.com	www.elfcosmetics.com
2	s.pinimg.com	www.elfcosmetics.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	10265292.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.elfcosmetics.com www.google-analytics.com
2	api.ipify.org	cdn-fsly.yottaa.net
2	www.googletagmanager.com	www.elfcosmetics.com
1	e.cdnwidget.com
1	api.bounceexchange.com	www.elfcosmetics.com
1	ids.cdnwidget.com	analytics.tiktok.com
1	w2txo5aaynxwdj6jzdesj6dxa6p2aau572n7c47hfdfb35ff560551e0am1.e.aa.online-metrix.net
1	srm.ba.contentsquare.net	analytics.tiktok.com
1	tr6.snapchat.com	sc-static.net
1	view.cdnbasket.net	analytics.tiktok.com
1	page.cdnbasket.net	analytics.tiktok.com
1	data.cdnbasket.net	analytics.tiktok.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.facebook.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	ut.rd.linksynergy.com	www.elfcosmetics.com
1	external-api.jebbit.com	js.jebbit.com
1	alb.reddit.com
1	conversions-config.reddit.com	www.redditstatic.com
1	api.usehero.com	cdn.usehero.com
1	tag.wknd.ai	www.elfcosmetics.com
1	t.contentsquare.net	www.elfcosmetics.com
1	www.redditstatic.com	www.elfcosmetics.com
1	sc-static.net	www.elfcosmetics.com
1	www.googleadservices.com	www.elfcosmetics.com
1	cdn.usehero.com	www.elfcosmetics.com
1	websdk.appsflyer.com	www.elfcosmetics.com
1	tag.rmp.rakuten.com	www.elfcosmetics.com
1	static.ordergroove.com	www.elfcosmetics.com
1	qoe-1.yottaa.net	www.elfcosmetics.com
1	adservice.google.com	10265292.fls.doubleclick.net
1	st.dynamicyield.com	www.elfcosmetics.com
1	js.cnnx.link	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cdn.c1.amplience.net	www.elfcosmetics.com
0	idsync.rlcdn.com Failed
0	pixel.pointmediatracker.com Failed	www.elfcosmetics.com
0	10742279.fls.doubleclick.net Failed	www.googletagmanager.com
0	9231397.fls.doubleclick.net Failed	www.googletagmanager.com
292	70

This site contains links to these domains. Also see Links.

Domain
cdn.dynamicyield.com
st.dynamicyield.com
rcom.dynamicyield.com
www.tiktok.com
www.instagram.com
www.pinterest.com
www.facebook.com
www.youtube.com
twitter.com
www.snapchat.com
www.linkedin.com
www.elfbeauty.com
elfcosmetics.onelink.me
preferences.elfcosmetics.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.elfcosmetics.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-25` - `2024-10-25`	a year	crt.sh
c1.amplience.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-10` - `2024-10-23`	a year	crt.sh
dm.amplience.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-20` - `2024-08-14`	a year	crt.sh
*.yottaa.net GlobalSign RSA OV SSL CA 2018	`2023-09-13` - `2024-10-14`	a year	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-15` - `2024-09-13`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.dynamicyield.com Amazon RSA 2048 M02	`2023-09-03` - `2024-10-01`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.iad-05.braze.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-07-27` - `2024-08-27`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
js.cnnx.link Amazon RSA 2048 M02	`2023-07-11` - `2024-08-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.ordergroove.com Go Daddy Secure Certificate Authority - G2	`2023-08-04` - `2024-08-17`	a year	crt.sh
tag.rmp.rakuten.com GTS CA 1D4	`2024-01-31` - `2024-04-30`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-01-24` - `2024-08-21`	7 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.usehero.com Amazon RSA 2048 M02	`2023-08-28` - `2024-09-24`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.jebbit.com Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
t.contentsquare.net Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
tag.wknd.ai R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
api.usehero.com Amazon RSA 2048 M03	`2024-01-06` - `2025-02-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-15` - `2024-02-13`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
sgtm.elfcosmetics.com GTS CA 1D4	`2024-01-17` - `2024-04-16`	3 months	crt.sh
dep.ba.contentsquare.net Amazon RSA 2048 M01	`2023-03-20` - `2024-04-17`	a year	crt.sh
*.rd.linksynergy.com ZeroSSL RSA Domain Secure Site CA	`2024-01-23` - `2025-01-22`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2024-01-19` - `2024-04-18`	3 months	crt.sh
data.cdnbasket.net GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2024-01-13` - `2024-04-12`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.bigcontent.io GeoTrust TLS RSA CA G1	`2023-03-14` - `2024-04-13`	a year	crt.sh
srm.ba.contentsquare.net Amazon RSA 2048 M02	`2023-11-07` - `2024-12-06`	a year	crt.sh
cdn-scripts.signifyd.com Amazon RSA 2048 M01	`2023-07-03` - `2024-07-31`	a year	crt.sh
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2	`2023-10-20` - `2024-11-20`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2023-10-20` - `2024-10-21`	a year	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2023-10-20` - `2024-10-21`	a year	crt.sh
ids.cdnwidget.com R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh
*.wunderkind.co R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
e.cdnwidget.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.elfcosmetics.com/
Frame ID: D9D4AE73A9721BF4DFE5C8A2469369D1
Requests: 260 HTTP requests in this frame

Frame: https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=5899475585081;npa=0;auiddc=612260061.1707203225;u6=%2F;u10=undefined;u12=undefined;u8=undefined;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: 5161A35FC56DEB2D19E2ACE683604080
Requests: 1 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=5421420653598;npa=0;auiddc=612260061.1707203225;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: 43E957AA1FFDDF915500748AA69561AB
Requests: 1 HTTP requests in this frame

Frame: https://10265292.fls.doubleclick.net/activityi;dc_pre=CJm5sM6TloQDFaxLkQUdd6YEOg;src=10265292;type=conte0;cat=homep0;ord=6330182952617;npa=0;auiddc=612260061.1707203225;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: 726C1A4E36AA708313DD78581739AC69
Requests: 2 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=7907300973333;npa=0;auiddc=612260061.1707203225;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: FF3EECEF6634546D591E2E1AA9F4BE62
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.55.0&integrationType=SDK
Frame ID: D764C2AD4D70B9597783BDAD6933E0E3
Requests: 4 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=f877307b-f7b1-43fd-afa6-3bb8e3ee10a6&u_sclid=d76519f1-33a3-4884-986c-70e06b4380a4
Frame ID: 6AA50A2BCAF64770B7775E768449E1A0
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: BA6191A3953A1041B77A495EB064E327
Requests: 3 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 0455ACA222D12EFA4AB3222093A60B1A
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: A9C29BF29951C2261025D22B565E01A1
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/MUuMgOl28eaBJ0J2?28e409d6431bca59=ZjdyTJyaLODiNcOMtlYq1loxJKqNpgt4HuZ9E-kOCdcbenpPEtK9isiUWmfMi7Xq78gQvwa5F9aDCcF_I13T7QH7Rml81yWTxjh_NkCYt8qTf0QmXXyx221VQI_Ruug8IrddF2HaEpwuHsCDNLfDdTEOSE5dRNuQ0G0NkNzObMCv0RfAN3LkVYg0ghDHMWiD-3yNnxk2LPc7kJhF&jb=3d332e2460716f753757696e6e6f7d732c687367375761666e6f7f7b2f3030393926607b6a7f354162706f6d6f266a73683d4968786d6d6d2f3238393831
Frame ID: 7B8C978BC59661C064B11C3878224943
Requests: 10 HTTP requests in this frame

Frame: https://imgs.signifyd.com/hiK29c78vVdVJf0G?6bac406573eb6b9e=Izh_4veYY6fMEtyy7krqbWVmnJjIdX7eBCWZFhHz1h2NRiXqERqYxCfM1uhCs1JGIcZTm_RXcnYQFNVHZEMIhZbbKYiH5tZbFB4TN-1a5c1nqt7VgrGPA9905AlxBm8nbUfyjtCWzseH2O-PMa5ji_3bvK9xbWmp8T9Mq3V90pGkJND9uprRiZC-VEz7aP4CMCjbxA2KmvpV2JxPlDA
Frame ID: 069E49E6A7777CD20F83FABC42D73DA3
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/tHAOR_JlgyU0bgSh?17832a3ef0a249f2=ZaRJi_4TDwrdYFaQcizL7oHH7olcUdOpRItFtnZiXMfKzWiLOH7znzOXDyRmlq8ucWiH62W7w8r1PP2PcsYVTgxcJYXEDKoJK2Bkv6ZB9ifYdJkh1WH-v1M8h446V5mdnGsmgcK03Xw5EZcQ8C-uc-Q-UPjEN96IRzFsjcpp0k1X8nb9EjADanr3wXuUAuY__JcTnHj25nTrqlXzcb1q
Frame ID: 980B61479BBE95C45307D86E41214F48
Requests: 2 HTTP requests in this frame

Frame: https://imgs.signifyd.com/AJbgTcIZnnzkynQb?eb6a23bb9ada8eb1=ovm3zGCWF57RGA58UP87ooB8DONNj3qAARosSsQDDVmWhUr5LBrCPuSGm_2nuTtzfx4ZlR2a-V9WqnxLpa9NC0hRLXtjSrWD_xKi5Bs6lY4F2eo2tSIJd7O8KZ42FYWJbNHVDfEpLSwjMVaAyFNW2rEDBTRykcmE4tcUovKl_dhHgT8tw_PjMub21CozBWtZquUQFOVePnh-6AQE6y9T
Frame ID: 248BDB9B3F247ED6A47FCEC42288FE79
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

e.l.f. Cosmetics: Affordable Makeup & Skincare | Clean Beauty Products | e.l.f. CosmeticsBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://www.elfcosmetics.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Dynamic Yield (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

cdn\.dynamicyield\.\w+/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

292
Requests

96 %
HTTPS

38 %
IPv6

46
Domains

70
Subdomains

65
IPs

4
Countries

5576 kB
Transfer

16802 kB
Size

64
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://st.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://rcom.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@elfyeah/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eyeslipsfacedotcom

Search URL Search Domain Scan URL

URL: https://twitter.com/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/e-l-f-beauty

Search URL Search Domain Scan URL

URL: https://www.elfbeauty.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://elfcosmetics.onelink.me/wTtZ/AcrossSiteCosmetics

Search URL Search Domain Scan URL

URL: https://preferences.elfcosmetics.com/dont_sell
Title: Do Not Sell My Personal Info/Opt Out of Targeted Ads

Search URL Search Domain Scan URL

URL: https://preferences.elfcosmetics.com/privacy
Title: Privacy Rights Request Form

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.elfcosmetics.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=yzD4yi0jDpfBf1f8Ig_sfpV2gTfi2SdvF1g4OUTRECA HTTP 303
https://www.elfcosmetics.com/callback?usid=12dfe235-84b2-414a-89a6-f46d80f7a7c7&code=iFRlmGhNzsIrJFkdLGNe-p8E2fJ9H2VkyYSCmQ2vmCQ

Request Chain 31

https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=6330182952617;npa=0;auiddc=612260061.1707203225;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F HTTP 302
https://10265292.fls.doubleclick.net/activityi;dc_pre=CJm5sM6TloQDFaxLkQUdd6YEOg;src=10265292;type=conte0;cat=homep0;ord=6330182952617;npa=0;auiddc=612260061.1707203225;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Request Chain 113

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1874784802&cv=11&fst=1707203225090&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&npa=0&pscdl=noapi&auid=612260061.1707203225&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=mdrBZfveM-LJmLAP98Wg2Ak&sscte=1&crd=CIK9sQI&eitems=ChAIgKuCrgYQ1M_J3drP3IQhEh0AnTytrzvJnegPX590i9dWLtoR-MsISSvWrWnZJg&pscrd=Ek5DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUklsQUZLSW82RDMxdm85eDdkbWlnZWdidnpaNlFWTmV0dmg2U0YxclF4Rm1NaXA0YXFVbmcaWENoRUlnS3VDcmdZUXNlRFd1ZTNQNU5fNUFSSXRBTGxKRDREVGRfZ2RaT3RNYWg1M19Ja21FZk1HY0tXRlU2WjZka1dHVHduZThVSE5fRnNORWF0Z3QweV8iEwi7j9jOk5aEAxXiJAYAHfciCJs HTTP 302
https://www.google.com/pagead/1p-conversion/698270988/?random=1874784802&cv=11&fst=1707203225090&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&npa=0&pscdl=noapi&auid=612260061.1707203225&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUklsQUZLSW82RDMxdm85eDdkbWlnZWdidnpaNlFWTmV0dmg2U0YxclF4Rm1NaXA0YXFVbmcaWENoRUlnS3VDcmdZUXNlRFd1ZTNQNU5fNUFSSXRBTGxKRDREVGRfZ2RaT3RNYWg1M19Ja21FZk1HY0tXRlU2WjZka1dHVHduZThVSE5fRnNORWF0Z3QweV8iEwi7j9jOk5aEAxXiJAYAHfciCJs&is_vtc=1&ocp_id=mdrBZfveM-LJmLAP98Wg2Ak&cid=CAQSKQAvHhf_TbR819hlO96aH-W_1wGg_VWEMZElH1iQJeOIKLn61AWwlfNM&eitems=ChAIgKuCrgYQ1M_J3drP3IQhEh0AnTytr1-yAsn3EJyu1RaAUOaTeXBVeWFvyhHgKA&random=3703063017 HTTP 302
https://www.google.de/pagead/1p-conversion/698270988/?random=1874784802&cv=11&fst=1707203225090&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&npa=0&pscdl=noapi&auid=612260061.1707203225&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUklsQUZLSW82RDMxdm85eDdkbWlnZWdidnpaNlFWTmV0dmg2U0YxclF4Rm1NaXA0YXFVbmcaWENoRUlnS3VDcmdZUXNlRFd1ZTNQNU5fNUFSSXRBTGxKRDREVGRfZ2RaT3RNYWg1M19Ja21FZk1HY0tXRlU2WjZka1dHVHduZThVSE5fRnNORWF0Z3QweV8iEwi7j9jOk5aEAxXiJAYAHfciCJs&is_vtc=1&ocp_id=mdrBZfveM-LJmLAP98Wg2Ak&cid=CAQSKQAvHhf_TbR819hlO96aH-W_1wGg_VWEMZElH1iQJeOIKLn61AWwlfNM&eitems=ChAIgKuCrgYQ1M_J3drP3IQhEh0AnTytr1-yAsn3EJyu1RaAUOaTeXBVeWFvyhHgKA&random=3703063017&ipr=y

292 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.elfcosmetics.com/
Redirect Chain

http://www.elfcosmetics.com/
https://www.elfcosmetics.com/

897 KB
228 KB

2119ms
1744ms

Document
text/html

140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 3c24052d0918820113fbd396108cf945268b33505ffa5bad0b7d98658e654da3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, must-revalidate, s-maxage=900
content-encoding: gzip
content-length: 232305
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 07:07:03 GMT
etag: W/"c36ef-NaSyOvLE8DDCUgegq2HCdwdH0J4"
vary: Accept-Encoding
via: 1.1 66d7816e8f0605c3c3fa4274826371c4.cloudfront.net (CloudFront)
x-amz-apigw-id: Ss8XfFDCCYcERBQ=
x-amz-cf-id: yuNnkH4sPbcdsQrIlwsK4_jTr01C6zztz8MgS9bqoSAX-NxynWWWmA==
x-amz-cf-pop: ATL58-P9
x-amzn-remapped-connection: close
x-amzn-remapped-content-length: 800495
x-amzn-remapped-date: Tue, 06 Feb 2024 07:07:03 GMT
x-amzn-requestid: 6173313e-39df-49ac-bb6d-87b20897e0c0
x-amzn-trace-id: Root=1-65c1da96-652893123afe29c247eb818f;Sampled=0;lineage=2b75b0e9:0
x-cache: Miss from cloudfront
x-yottaa-metrics: 33218cae0c26/[1492,1445,-] 33D18cae0c93/[-,1535.788]
x-yottaa-optimizations: ob/1000000100001000 si/33D18cae0c93-1706895435-4346669802 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-yottaa-os: 200

Redirect headers

Age: 0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 125
Content-Type: text/html
Date: Tue, 06 Feb 2024 07:07:01 GMT
Location: https://www.elfcosmetics.com/
Via: 1.1 eca2cb3ca73b91e12ace99cdbaf6a380.cloudfront.net (CloudFront)
X-Amz-Cf-Id: aAJ_dym6IjogjuAv4Hen1kvjO6FEkAP2feFFYukhLRPrU7w4lBSbzQ==
X-Amz-Cf-Pop: ATL58-P9
X-Cache: Redirect from cloudfront
X-Yottaa-Metrics: 33218cae0ca5/[20,1,-] 33D18cae0ce1/[-,22.030]
X-Yottaa-OS: 301
X-Yottaa-Optimizations: ob/1000 si/33D18cae0ce1-1706895436-476174282 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0

GET
H2 200 init.js Show response
www.elfcosmetics.com/XT4Gy2ig/ 167 KB
75 KB 392ms
391ms Script
application/javascript 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 24c5194f7e20f1890d426c20c887991870ed49e41da7b70e1fd6cf93884d4462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:03 GMT
content-encoding: gzip
etag: "29d41-kp916GyqJYlCtFUOnyNfsfPGN/8"
active-cdn: Akamai
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
cache-control: max-age=600
x-yottaa-metrics: 33D18cae0c93/[-,185.980]
x-px-hash: YzRhNjhiZjRiMGY4YTViMTlhNDU0YTE5MDYxMmY4NjMxODhlOTcxMGNiMTFmYTcwMTkyNjViNDM4NmFhNzVlZQ==
x-yottaa-optimizations: ob/0 si/33D18cae0c93-1706895435-4346669808 tts/1707203223966 ti/0 ai/5a0c9b7632f01c35d42101b2

GET /
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/ 0
0

GET
H2 200 custom-slider-0.0.15.min Show response
cdn.c1.amplience.net/c/elfcosmetics/ 2 KB
919 B 173ms
108ms Script
application/javascript 2606:4700:4400::6812:226c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c1.amplience.net/c/elfcosmetics/custom-slider-0.0.15.min
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:226c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67eeb979f5676dccb2ec5eefcd365c69b9e03235b65c42397206264b9887c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:04 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 06 Feb 2024 06:36:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
edge-control: max-age=1800
cache-control: s-maxage=1800, max-age=120
cf-ray: 85118dd68de81cad-FRA

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 pout-clout-pen-bs-2024-01-19-image-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 44 KB
44 KB 132ms
22ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/pout-clout-pen-bs-2024-01-19-image-1_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

65222e7562d6a6d1c2c6e24c738db9114b1d36c64071a76efa2d7374a52242d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:04 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: SkzN6HvHh,l4p5bDg2e,9O3wdOit6,DtzGFM5oJ
x-req-id: Kj5IQEXWId
content-length: 44666
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Mon, 22 Jan 2024 17:53:28 GMT

GET
H2 200 vendor.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/ 2 MB
621 KB 21ms
8ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70bdc4ce00b2eb00c1a727f997e22289fe153af79db01d1fe41c9ddf93baea68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: rgMOMBtRIVnroG3EFvD3VQajPfLGk.CL
via: 1.1 771067dca4682f83a6c9963c412d66cc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
date: Tue, 06 Feb 2024 07:07:04 GMT
x-amz-cf-pop: DFW57-P1
age: 909210
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1000 si/3211a5fec6ec-1699966125-950262108 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
x-amz-meta-deploy: 655743
content-length: 635265
x-amz-meta-bundle: 10520
x-served-by: cache-fra-eddf8230055-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1707203224.137058,VS0,VE2
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 3221a5fec611/[125,47,-] 3211a5fec6ec/[-,476.338]
accept-ranges: bytes
x-amz-cf-id: zW6qb6p-L6UISOT-UwfU09mQAGeDnV-0gXNByFZDnwaf__NlGsEiXA==
x-cache-hits: 1

GET
H2 200 main.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/ 2 MB
465 KB 34ms
20ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/main.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1011c3fa4c2e065daf205546023d4ed8bef850c1c6ca5dab2cfb9773011cc0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: ZgDCU8kWsvQvcn1jJg.KQVz1Qq0EvJRU
via: 1.1 2fc202a09b4bdc2667eb43b2de8be750.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
date: Tue, 06 Feb 2024 07:07:04 GMT
x-amz-cf-pop: ORD52-C3
age: 909210
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1000 si/2611cc028372-1705519396-1683738102 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
x-amz-meta-deploy: 655743
content-length: 475099
x-amz-meta-bundle: 10520
x-served-by: cache-fra-eddf8230055-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1707203224.137248,VS0,VE2
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d587b/[78,17,-] 2611cc028372/[-,327.362]
accept-ranges: bytes
x-amz-cf-id: EHuMd49CzZp2pkKlJsP-DlvocwkIhXiAmFMXi4c8bn-HU3mAwWrxOA==
x-cache-hits: 1

GET
H2 200 pages-home.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/ 4 KB
3 KB 19ms
6ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/pages-home.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afa9753d7a61cde7238d39c93026f264ea282f128440e39f1f0589867d337387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: fAWlbmIDqd1NY.BY1yu5BULDqI5Q3tq5
via: 1.1 60b2b330807c6611e06e3923c8e315cc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
date: Tue, 06 Feb 2024 07:07:04 GMT
x-amz-cf-pop: DFW57-P1
age: 909204
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1000 si/3211a5fec6eb-1701773462-2089544135 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
x-amz-meta-deploy: 655743
content-length: 2056
x-amz-meta-bundle: 10520
x-served-by: cache-fra-eddf8230055-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1707203224.137260,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 3221a5fec610/[36,31,-] 3211a5fec6eb/[-,40.681]
accept-ranges: bytes
x-amz-cf-id: jiWVjtKQp2cbsrIEZiaHFKO1mgAB4oosN7wBgbinXd6Rmt3lx8pNXQ==
x-cache-hits: 2

POST
H2 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 540 B
787 B 59ms
32ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 8de48ecc79146e513eb5b47769c805097882cefe0457a4efd87824e642579cd4

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 07:07:03 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 540

GET
DATA 200
OK truncated
/ 37 B
37 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 valetines-day-2024-01-29-background_D-min
cdn.media.amplience.net/i/elfcosmetics/ 119 KB
119 KB 22ms
22ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-background_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

5478e51ef21aa9f24fa7e2d3f75c26ce7860893fd92c71beafee5fe7e443f8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:04 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: 3bwUT35V2,l4p5bDg2e,fpXyktect,WepA0szpz
x-req-id: f2hkEpFKg4
content-length: 121826
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1602
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H2 200 valetines-day-2024-01-29-image-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 46 KB
46 KB 59ms
58ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-1_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

5874673f915a3ec17db9e690bc64a2c33413a2e11e3bd666bb5d43131004ffdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:04 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: G0yVLSj9j,l4p5bDg2e,sKi4G9I4o,WepA0szpz
x-req-id: P6AR3Jd4AJ
content-length: 47038
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:22 GMT

GET
H2 200 0124_hptile_newarriavals_newdrops_desktop
cdn.media.amplience.net/i/elfcosmetics/ 33 KB
33 KB 51ms
51ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/0124_hptile_newarriavals_newdrops_desktop?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

f5cdac8011cc5cd8f9ea74c60de77824460b750be5cf9f50b6e18e37daf2889e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:04 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: tEkKcOB6q,l4p5bDg2e,_ISn8MOn3,DtzGFM5oJ
x-req-id: ggkeBnPfgy
content-length: 33434
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 17 Jan 2024 20:45:37 GMT

GET
H2 200 hp1-project-pro-0124-v2-FINAL_D-min
cdn.media.amplience.net/i/elfcosmetics/ 117 KB
118 KB 63ms
63ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/hp1-project-pro-0124-v2-FINAL_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

f889dbbc26896110ff404dc7b2dd90968003c110e0fc1a8d06e8446bc6631284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:04 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: MQDoy9rgf,l4p5bDg2e,TvTLWouwK,WepA0szpz
x-req-id: tVnM55tHd3
content-length: 120283
x-xss-protection: 1; mode=block
x-amp-source-height: 802
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2362
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Fri, 02 Feb 2024 05:05:56 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 1 MB
152 KB 46ms
30ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/OtAutoBlock.js

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/main.js?yocs=1u_1y_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e038dff62440b626103b2b81adcbb64b5cb3bd80433d1a710f37162cd7c0cc17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 36302
content-md5: 3CHjrTrl4YSKzn90GsMA3A==
content-length: 154812
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 13:08:00 GMT
server: cloudflare
etag: 0x8DBD9493E0E92B7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f8fafcb2-f01e-003b-4c0e-177c27000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85118dda5d854d8d-FRA
expires: Wed, 07 Feb 2024 07:07:04 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 36ms
20ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/main.js?yocs=1u_1y_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dulN1EiikhiO8GlkrdtHlg==
age: 16429
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6838
x-ms-lease-status: unlocked
last-modified: Thu, 01 Feb 2024 20:33:09 GMT
server: cloudflare
etag: 0x8DC236500E5107B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e712dae4-801e-006c-3f84-55d214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85118dda5d844d8d-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 445 KB
124 KB 62ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b3092e3e0e8bd8bd119ef438642147bdb8893115683817491fce881831ea7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126385
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Feb 2024 07:07:04 GMT

GET
H2 200 api_dynamic.js Show response
cdn.dynamicyield.com/api/8772046/ 362 KB
42 KB 499ms
441ms Script
application/javascript 2600:9000:2251:1800:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: ff66e0c134fecb094530a74dda651aeee11e8fff79cd378d56158b330691ee9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: gzip
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 20:35:06 GMT
server: DYCDN
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
etag: W/"a14e783113e4368b0a17ae5f53ac9aeb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=30
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: onw_NJjrhzotEzdjFQIJ8QdtS9yeK1Wbmk3gy1tJHrKLpP2isQkg-w==

GET
H2 200 api_static.js Show response
cdn.dynamicyield.com/api/8772046/ 389 KB
115 KB 67ms
9ms Script
application/javascript 2600:9000:2251:1800:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 4465ae539c01e67a60534fe1492cf9ef7c7d6c6afc1b5a997b3c66a007650501

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 03:07:37 GMT
content-encoding: gzip
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified: Sun, 28 Jan 2024 10:09:59 GMT
server: DYCDN
age: 14548
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
etag: W/"9bdc2cf7bb033f2f525f384251471823"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: f1FktAWMP0nNOVYiLB0buv9SJme9ullLmA1U8UzvVJoyVfmu9E0crw==

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
222 B 662ms
97ms XHR
application/json 64.185.227.156
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.156 New York, United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.1 /
Resource Hash: a04ec3b2d9529b7776095594dd263610b8d78b8428075ee9b1a561a342367541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 06 Feb 2024 07:07:05 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 22
Vary: Origin
Content-Type: application/json

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
222 B 564ms
102ms XHR
application/json 64.185.227.156
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.156 New York, United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.1 /
Resource Hash: a04ec3b2d9529b7776095594dd263610b8d78b8428075ee9b1a561a342367541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 06 Feb 2024 07:07:05 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 22
Vary: Origin
Content-Type: application/json

GET
H2

200

callback
www.elfcosmetics.com/
Redirect Chain

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=...
https://www.elfcosmetics.com/callback?usid=12dfe235-84b2-414a-89a6-f46d80f7a7c7&code=iFRlmGhNzsIrJFkdLGNe-p8E2fJ9H2VkyYSCmQ2vmCQ

0
0

319ms
319ms

Fetch
application/json

140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/callback?usid=12dfe235-84b2-414a-89a6-f46d80f7a7c7&code=iFRlmGhNzsIrJFkdLGNe-p8E2fJ9H2VkyYSCmQ2vmCQ
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
via: 1.1 4d4cefe36d361e28de9fc0829672a94a.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 0
x-amz-cf-pop: ATL58-P9
age: 0
x-amzn-remapped-connection: close
x-amzn-requestid: 7c1bd7e7-fd51-493e-9543-7389d083b5c0
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669810 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
x-amz-apigw-id: Ss8YAEJsiYcEPow=
content-length: 0
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-65c1da99-2279db964709dc0f622a0633;Sampled=0;lineage=2b75b0e9:0
content-type: application/json
cache-control: public, max-age=604800
x-yottaa-os: 200
x-yottaa-metrics: 33218cae0c70/[213,211,-] 33D18cae0c93/[-,214.390]
x-amzn-remapped-date: Tue, 06 Feb 2024 07:07:05 GMT
x-amz-cf-id: So2dCRBSgtbOTDxn6hkscxjputNusdtKEch3zQYT3f4_B7HvSVgLOg==

Redirect headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-correlation-id: 85118ddcc82605db
via: 1.1 316c0d862340b97a09ec5fe1e5934c38.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ATL58-P9
age: 0
x-yottaa-optimizations: ob/0 si/33D18cae0c93-1706895435-4346669809 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
content-length: 0
pragma: no-cache
x-ratelimit-1m-remaining: 23919, 1996145
x-ratelimit-1m-reset: 54885, 54885
x-ratelimit-1m-limit: 24000, 2000000
vary: Accept-Encoding
location: https://www.elfcosmetics.com/callback?usid=12dfe235-84b2-414a-89a6-f46d80f7a7c7&code=iFRlmGhNzsIrJFkdLGNe-p8E2fJ9H2VkyYSCmQ2vmCQ
cache-control: no-store
x-yottaa-os: 303
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=yzD4yi0jDpfBf1f8Ig_sfpV2gTfi2SdvF1g4OUTRECA
x-yottaa-metrics: 33218cae0c6f/[87,85,-] 33D18cae0c93/[-,88.326]
cf-ray: 85118ddcc82605db-IAD
x-amz-cf-id: 7I36y6daq8FQOsDtrSI6WxDEw8doqXWPElhxWBLK37fzRntEpeUoog==

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 323 B
478 B 279ms
279ms XHR
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a09824b6d7bbd0f5e82a23d14da408abfba60d02f5bdb48309d3ab6ca61bb1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/json
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-request-id: beb98c1e-fffc-44ef-8bb3-575593682379
x-served-by: cache-fra-eddf8230029-FRA
x-runtime: 0.169285
etag: W/"1a09824b6d7bbd0f5e82a23d14da408a"
access-control-max-age: 7200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 138ms
99ms Preflight 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
date: Tue, 06 Feb 2024 07:07:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230029-FRA

GET
H2 200 6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 5 KB
2 KB 36ms
22ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8a6566c7e926c37c010dc811a5e82d5eddad8b10057bf711f0f644be60707d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 71585
content-md5: 4swZDWVp4C0QChiGUbrcTg==
content-length: 1746
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 15:26:04 GMT
server: cloudflare
etag: 0x8DBE5260423F079
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 47594d34-001e-002f-61c0-213448000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85118ddbcb6a9012-FRA
expires: Wed, 07 Feb 2024 07:07:04 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 70ms
54ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 85118ddc1b019247-FRA
access-control-allow-headers: Content-Type

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 53ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Feb 2024 05:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4736
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 06 Feb 2024 07:48:09 GMT

GET activityi;src=9231397;type=retarget;cat=globa0;ord=5899475585081;npa=0;auiddc=612260061.1707203225;u6=%2F;u10=undefined;u12=undefined;u8=undefined;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3...
9231397.fls.doubleclick.net/ Frame 5161 0
0

GET activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=5421420653598;npa=0;auiddc=612260061.1707203225;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;d...
10742279.fls.doubleclick.net/ Frame 43E9 0
0

GET
H2 200 cnxtag-min.js Show response
js.cnnx.link/roi/ 2 KB
1 KB 72ms
8ms Script
text/javascript 2600:9000:21f3:b600:11:85b0:d600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b600:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:05:02 GMT
via: 1.1 google, 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
age: 123
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
cache-control: max-age=600
x-amz-cf-id: ij5ub43dHdV_kXHmqZRK9FLUmdKvTCqI_OKHO0Owz_abGe8iubC6aA==

GET
H2

200

activityi;dc_pre=CJm5sM6TloQDFaxLkQUdd6YEOg;src=10265292;type=conte0;cat=homep0;ord=6330182952617;npa=0;auiddc=612260061.1707203225;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sy... Show response
10265292.fls.doubleclick.net/ Frame 726C
Redirect Chain

https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=6330182952617;npa=0;auiddc=612260061.1707203225;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps...
https://10265292.fls.doubleclick.net/activityi;dc_pre=CJm5sM6TloQDFaxLkQUdd6YEOg;src=10265292;type=conte0;cat=homep0;ord=6330182952617;npa=0;auiddc=612260061.1707203225;pscdl=noapi;gtm=45He41v0v896...

522 B
621 B

44ms
43ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10265292.fls.doubleclick.net/activityi;dc_pre=CJm5sM6TloQDFaxLkQUdd6YEOg;src=10265292;type=conte0;cat=homep0;ord=6330182952617;npa=0;auiddc=612260061.1707203225;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

8aab40d3409873d1f104993597d9872bef2805a81a7cc0aa2d8757f5e518de47

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 07:07:05 GMT
expires: Tue, 06 Feb 2024 07:07:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 07:07:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10265292.fls.doubleclick.net/activityi;dc_pre=CJm5sM6TloQDFaxLkQUdd6YEOg;src=10265292;type=conte0;cat=homep0;ord=6330182952617;npa=0;auiddc=612260061.1707203225;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=7907300973333;npa=0;auiddc=612260061.1707203225;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;d...
10742279.fls.doubleclick.net/ Frame FF3E 0
0

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
148 B 180ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET kpi
pixel.pointmediatracker.com/ 0
0

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
149 B 178ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
148 B 180ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

POST
H2 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 600 B
655 B 121ms
120ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 082e4534f4563c41a356cc67511a832188f642c8c1b6dee3a6de73a11ab2796a

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/ 404 KB
98 KB 21ms
20ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XJk1ZZTljtwHFT3qcIJg+w==
age: 18859
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99599
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:36 GMT
server: cloudflare
etag: 0x8DB82A15D413626
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80bad15d-801e-006c-2fda-12d214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85118ddd386c4d8d-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 14ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2125459051&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=314881514&gjid=609447056&cid=1605848610.1707203225&tid=UA-432816-1&_gid=385948376.1707203225&_r=1&_slc=1&gtm=45He41v0n81WL3STMXv896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=967710727

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 112ms
19ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-432816-1&cid=1605848610.1707203225&jid=314881514&gjid=609447056&_gid=385948376.1707203225&_u=YEBAAEAAAAAAACgAI~&z=778118194

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/b3580e16-19d9-4554-ba1a-ac19abea14a3/ 199 KB
36 KB 278ms
278ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/b3580e16-19d9-4554-ba1a-ac19abea14a3/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1df881dfa3c790fb46a3ab0d0edd13cfaf25c0c369cca89ec8115cfdf338236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 31810
content-md5: bM5EAFhwhSHsrqZI9IpFVg==
content-length: 36174
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 15:26:18 GMT
server: cloudflare
etag: 0x8DBE5260C9926DA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 40ed0566-901e-0002-3b0e-17873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85118ddd7c8d9012-FRA
expires: Wed, 07 Feb 2024 07:07:05 GMT

GET
H2 200 st Show response
st.dynamicyield.com/ 114 KB
10 KB 144ms
112ms Script
text/javascript 2600:9000:2250:7e00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=odq5n1wjejmsacldf1rsy2brpkgbzsoy&ref=&scriptVersion=2.23.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7e00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 89c8ba09a0f0c872794eb4586ccd58afbe5f36897d5ad7316229553ac7b6d1b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: gzip
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: hLNocUysy10xZhzeaLSRV_dyuGkSqrfei0E2QQvD2ivAPnSzuptdmw==
expires: Tue, 06 Feb 2024 07:07:04 GMT

POST
H2 201 sync Show response
sdk.iad-05.braze.com/api/v3/content_cards/ 85 B
201 B 141ms
141ms XHR
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1066ce98b297d2d4248692846d6d957d59de66aad6bc0031e32118aceccb6b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/json
BRAZE-SYNC-RETRY-COUNT: 0
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest
X-Braze-ContentCardsRequest: true

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-request-id: 97b85ba9-bb9c-4a9b-a7f4-5f6610897e89
x-served-by: cache-fra-eddf8230029-FRA
x-runtime: 0.038679
etag: W/"1066ce98b297d2d4248692846d6d957d"
access-control-max-age: 7200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 0
0 111ms
111ms Preflight 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
date: Tue, 06 Feb 2024 07:07:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230029-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 37ms
17ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=1605848610.1707203225&jid=314881514&_u=YEBAAEAAAAAAACgAI~&z=1673560787

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 38ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=1605848610.1707203225&jid=314881514&_u=YEBAAEAAAAAAACgAI~&z=1673560787

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJm5sM6TloQDFaxLkQUdd6YEOg;src=10265292;type=conte0;cat=homep0;ord=6330182952617;npa=0;auiddc=*;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;u...
adservice.google.com/ddm/fls/z/ Frame 726C 42 B
401 B 74ms
54ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJm5sM6TloQDFaxLkQUdd6YEOg;src=10265292;type=conte0;cat=homep0;ord=6330182952617;npa=0;auiddc=*;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: 10265292.fls.doubleclick.net
URL: https://10265292.fls.doubleclick.net/activityi;dc_pre=CJm5sM6TloQDFaxLkQUdd6YEOg;src=10265292;type=conte0;cat=homep0;ord=6330182952617;npa=0;auiddc=612260061.1707203225;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10265292.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dy-coll-min.js Show response
cdn.dynamicyield.com/scripts/2.23.0/ 195 KB
65 KB 9ms
9ms Script
text/javascript 2600:9000:2251:1800:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/2.23.0/dy-coll-min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 8f44cdee26320486d6767a70e0b68dea5319b28d14fb7f7c998fbaf87ee46c9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:00:32 GMT
content-encoding: gzip
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2024 14:00:15 GMT
server: DYCDN
age: 1811194
x-amz-cf-pop: FRA60-P3
etag: W/"67debe8d5dc9559ff4efc0bb85495b15"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: _nsCRvcV_IQRJ8k4uWNBpaoFWvmPYu0Y0IkV2FT1b711zjBVFQO_Fg==

POST
H2 200 uia Show response
async-px.dynamicyield.com/ 0
383 B 130ms
100ms XHR
text/plain 18.66.112.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/uia?cnst=1&_=1707203225509
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.23.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-128.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: WHy8uKggGeHidTYlT6mbz4W_4nEyQAxeWfaw6z4rZGsoHXrUJFyiuw==
expires: 0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 13 KB
3 KB 16ms
16ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5mNZducabMgxSDzBo+ZI8w==
age: 75900
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:30 GMT
server: cloudflare
etag: 0x8DB82A159AF8EA6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0c718e4e-201e-0081-6f27-129959000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85118ddfbe339012-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/ 61 KB
12 KB 17ms
17ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: sXFDxCJwbPEMIT/8f5Prwg==
age: 66449
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:33 GMT
server: cloudflare
etag: 0x8DB82A15AFF8646
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 99943331-001e-00a9-52a5-21f8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85118ddfbe369012-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 5 KB
2 KB 19ms
19ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: v0pzgeeelPwcAOki15i3HA==
age: 59832
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:32 GMT
server: cloudflare
etag: 0x8DB82A15AB9FB83
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7a892ea0-601e-0080-09c3-13c685000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85118ddfbe379012-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 21 KB
4 KB 20ms
20ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 66449
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 05545e90-b01e-002a-0255-23e693000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85118ddfbe399012-FRA

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 106ms
106ms Fetch 18.66.112.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=301010&uid=2873296804487748249&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=016e1c622d41a4a13661409562da43d2&expSes=2883&aud=884367.884385.884387.1167402.1324059.1846919.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=7257483730841052772&cgtgDecisionId=7257483731250283838&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1707203225603&rri=102322
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.23.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-128.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: e8IFz7r-J9exrsNGcXA_PUPMCia2rvB-n9jUm9J4GC-CxxNQpIYGoQ==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 101ms
100ms Fetch 18.66.112.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=306847&uid=2873296804487748249&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=016e1c622d41a4a13661409562da43d2&expSes=2883&aud=884367.884385.884387.1167402.1324059.1846919.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=7257483731781952502&cgtgDecisionId=7257483732843829394&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1707203225604&rri=4323532
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.23.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-128.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: ckCg7S2mFugX6-09Rr14z9hWOfFBHKAgC4exbLyGhTIb5g-26KxxnA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 99ms
99ms Fetch 18.66.112.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=220988&uid=2873296804487748249&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=016e1c622d41a4a13661409562da43d2&expSes=2883&aud=884367.884385.884387.1167402.1324059.1846919.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=7257483733150488646&cgtgDecisionId=7257483730521426118&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1707203225604&rri=3213283
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.23.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-128.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: A5g9dezYWy3aEqypyIAT6p1FSkTEUbpP269x3AXEwovTw6TdWQKCZQ==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 99ms
99ms Fetch 18.66.112.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=491924&uid=2873296804487748249&sec=8772046&t=ri&e=1575901&p=1&ve=12692962&va=%5B28207095%5D&ses=016e1c622d41a4a13661409562da43d2&expSes=2883&aud=884367.884385.884387.1167402.1324059.1846919.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=7257483731254098211&cgtgDecisionId=7257483730358163022&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1707203225605&rri=122526
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.23.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-128.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: hKYwPskNHU-AKf-ig6eJiKqRRez-0rzSi96ENliANiOAmn0UoL1NUg==
expires: 0

POST
H2 200 token Show response
www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 2 KB
2 KB 200ms
200ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

9c2d687566f30e39ca5ceb2a9c2520b012f69fd711811472f9c319b1d8314554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: gzip
x-correlation-id: 85118de09c3f38af
cf-cache-status: DYNAMIC
via: 1.1 4d4cefe36d361e28de9fc0829672a94a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ATL58-P9
age: 0
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669811 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
pragma: no-cache
x-ratelimit-1m-remaining: 23909, 1995665
x-ratelimit-1m-reset: 54287, 54286
vary: Accept-Encoding, User-Agent
x-ratelimit-1m-limit: 24000, 2000000
content-type: application/json
cache-control: no-store
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics: 33218cae0c71/[94,93,-] 33D18cae0c93/[-,95.444]
cf-ray: 85118de09c3f38af-IAD
x-amz-cf-id: 4Szf12uoA5l2IronkdQBpG-3ldflNKtokICWfAtnYf9Y-WVfjjh8CQ==

POST
H2 200 batch
async-px.dynamicyield.com/ 0
382 B 114ms
101ms Ping
text/plain 18.66.112.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1707203225617_180335
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.23.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-128.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: 4YtoBPof5dDQ17iHWl78bW3mWO9bTMZAUeJ5CDWORcTtwhS2ua6hrg==
expires: 0

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
599 B 21ms
21ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 7489
x-ms-lease-status: unlocked
last-modified: Tue, 06 Feb 2024 03:58:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5fd5cf97-101e-0023-1bb8-58a340000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85118de03bb44d8d-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
515 B 20ms
19ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 78292
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 07:33:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d4be5199-e01e-006a-4d07-58e1ab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85118de03e969012-FRA

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 18ms
18ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 2929
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 08:11:12 GMT
server: cloudflare
etag: 0x8DC2622044F096E
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: c2a58162-e01e-008e-220b-58ef35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85118de04bca4d8d-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 27ms
27ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 07:07:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 1166
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 17:46:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9d8be78b-b01e-0048-4db0-5824b4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85118de05bcb4d8d-FRA

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
191 B 543ms
86ms Ping
text/json 204.2.49.54
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.2.49.54 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 07:07:06 GMT
access-control-expose-headers: X-Results-Data-Source
access-control-allow-credentials: true
cache-control: no-cache
timing-allow-origin: *
content-type: text/json

GET
H/1.1 200
OK main.js Show response
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 144 KB
42 KB 62ms
13ms Script
application/javascript 95.101.44.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.44.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-44-133.deploy.static.akamaitechnologies.com

Software

nginx / Express

Resource Hash

58da72bddd8da96edee8626efe890283621d3c23f38a2aac4911d773461ead38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Date: Tue, 06 Feb 2024 07:07:05 GMT
Server: nginx
ETag: W/"802810ef2b8ff8127ba90eb9cbbb4fb601a094cd"
X-Powered-By: Express
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=900
Connection: keep-alive
Content-Length: 42814
Expires: Tue, 06 Feb 2024 07:22:05 GMT

GET
H2 200 valetines-day-2024-01-29-image-4_D-min
cdn.media.amplience.net/i/elfcosmetics/ 171 KB
172 KB 23ms
22ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-4_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

2d20903227f36798b79adec5bbd810679d27fe0abed0d698813e8f769df046fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: qhO9uXHAy,l4p5bDg2e,1TZJXD2Ju,Cqm_p3RsQ,DtzGFM5oJ
x-req-id: uuXo0IaUDE
content-length: 175384
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H2 200 110221.ct.js Show response
tag.rmp.rakuten.com/ 47 KB
15 KB 47ms
24ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.rmp.rakuten.com/110221.ct.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.147.102.34.bc.googleusercontent.com

Software

Resource Hash

147f6c57c05b20ffc422296d90361d70008496016fd1effbf88cc65064565818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Feb 2024 07:07:05 GMT
x-cache: hit
x-samesite: secure
content-type: text/javascript
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.paypal.com/sdk/ 408 KB
113 KB 36ms
17ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f8c6ebbfbfd150bad4b5bd7158cc60bed275422878781b45bd2450f776d625b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Feb 2024 07:07:05 GMT
age: 10287
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f87382690d57d
server-timing: "traceparent;desc="00-0000000000000000000f87382690d57d-b35fa549671c1fb3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 114027
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f87382690d57d-834841a32d306e92-01
x-timer: S1707203226.730886,VS0,VE9
etag: W/"1bd6b-WsGDcd1F8OTUDL37QJoKRy1NxRA"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 pout-clout-pen-bs-2024-01-19-image-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 44 KB
44 KB 23ms
22ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/pout-clout-pen-bs-2024-01-19-image-1_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

65222e7562d6a6d1c2c6e24c738db9114b1d36c64071a76efa2d7374a52242d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: SkzN6HvHh,l4p5bDg2e,9O3wdOit6,DtzGFM5oJ
x-req-id: Kj5IQEXWId
content-length: 44666
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Mon, 22 Jan 2024 17:53:28 GMT

GET
H2 200 pout-clout-pen-bs-2024-01-19-image-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 96 KB
97 KB 25ms
25ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/pout-clout-pen-bs-2024-01-19-image-2_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

0b84574ee8a2d0530e19d393d7a2dbc713e95c1694b51e10a19f32ef556a3c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: m4Rl8_nU7,l4p5bDg2e,89YZElKgt,Cqm_p3RsQ,DtzGFM5oJ
x-req-id: rUqR5jniXT
content-length: 98494
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Mon, 22 Jan 2024 17:53:29 GMT

GET
H2 200 pout-clout-pen-bs-2024-01-19-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 30 KB
30 KB 28ms
28ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/pout-clout-pen-bs-2024-01-19-image-3_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

03966b1fc6b3f2cdef1a46df52094209b5edb7772d9dc4c70d638abbbfb1b2c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: gssoa82dq,l4p5bDg2e,vqOuqrwHe,DtzGFM5oJ
x-req-id: Z7kY9wpahy
content-length: 30848
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Mon, 22 Jan 2024 17:53:28 GMT

GET
H2 200 valetines-day-2024-01-29-image-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 46 KB
46 KB 30ms
30ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-1_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

5874673f915a3ec17db9e690bc64a2c33413a2e11e3bd666bb5d43131004ffdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: G0yVLSj9j,l4p5bDg2e,sKi4G9I4o,WepA0szpz
x-req-id: P6AR3Jd4AJ
content-length: 47038
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:22 GMT

GET
H2 200 valetines-day-2024-01-29-image-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 48 KB
48 KB 32ms
32ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-2_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

78bfaac4db8bcea12350fcfca30ebb06d21d9f4533f0e46eb96568c5cebcde1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: rZx2a-bcj,l4p5bDg2e,8f2sfnNlk,WepA0szpz
x-req-id: jnvJuQRfkL
content-length: 49035
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H2 200 valetines-day-2024-01-29-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 38 KB
38 KB 36ms
35ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-3_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

6d97ff963aee1b37773794c4dfa9f69345ad53a777a53e0c8e877f1f9932fa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: rqlI3LyEt,l4p5bDg2e,WgG9ZJtbq,WepA0szpz
x-req-id: bjA-EfPt8y
content-length: 38906
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:22 GMT

GET
H2 200 valetines-day-2024-01-29-image-5_D-min
cdn.media.amplience.net/i/elfcosmetics/ 59 KB
59 KB 38ms
37ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-5_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

9984ddd66cac2301c90a8af8df473e374a6a76a5839fd72a7483bdc8db9efbe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: XDjwBEJ8e,l4p5bDg2e,xhQ7djhcu,WepA0szpz
x-req-id: PE_37DyabP
content-length: 60073
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H2 200 valetines-day-2024-01-29-image-6_D-min
cdn.media.amplience.net/i/elfcosmetics/ 110 KB
110 KB 40ms
40ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-6_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

4640c95ead92ab52d145901f4c81171be7617504eea0d47bc74dffa50cc0b584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: nbP029mD3,l4p5bDg2e,HKFzQEt3Y,WepA0szpz
x-req-id: 6O3-Ym2bV6
content-length: 112474
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 129ms
15ms Script
application/javascript 2a02:26f0:480:33::212:40ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:33::212:40ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 07:07:05 GMT
Content-Encoding: gzip
x-amz-request-id: YNGC7PCXVN28Z00Q
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: vrDln2XCGOFSFkLE6Ln17Y/P092c846kqJOj1nLZLa1T5AvAIx9Wt+4jaFyZJcu85WAzx+0b3iU=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3205
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Tue, 06 Feb 2024 08:00:30 GMT

GET
H2 200 pout-clout-pen-bs-2024-01-19-image-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 96 KB
97 KB 22ms
22ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/pout-clout-pen-bs-2024-01-19-image-2_D-min?fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

0b84574ee8a2d0530e19d393d7a2dbc713e95c1694b51e10a19f32ef556a3c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: m4Rl8_nU7,l4p5bDg2e,89YZElKgt,Cqm_p3RsQ,DtzGFM5oJ
x-req-id: rUqR5jniXT
content-length: 98494
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Mon, 22 Jan 2024 17:53:29 GMT

GET
H2 200 valetines-day-2024-01-29-image-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 48 KB
48 KB 21ms
21ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-2_D-min?fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

78bfaac4db8bcea12350fcfca30ebb06d21d9f4533f0e46eb96568c5cebcde1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: rZx2a-bcj,l4p5bDg2e,8f2sfnNlk,WepA0szpz
x-req-id: jnvJuQRfkL
content-length: 49035
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H2 200 loader.js Show response
cdn.usehero.com/ 98 KB
28 KB 69ms
7ms Script
application/javascript 2600:9000:2240:6c00:13:d6f4:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usehero.com/loader.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6c00:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:17:00 GMT
content-encoding: gzip
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Tue, 19 Sep 2023 07:56:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 3507
x-amz-server-side-encryption: AES256
etag: W/"fbf714a58cbac38c0deea519667d9044"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: SJ4QcCbuQXcs5qPp9LuiL45Dkuj3phHwfPIkHptS5zLPxV-H4hoeXw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10812184462/ 3 KB
2 KB 81ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10812184462/?random=1707203225086&cv=11&fst=1707203225086&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&pscdl=noapi&auid=612260061.1707203225&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc186d6572a4e5f7adec82dd1f1f32e5b6c42582a5d06c3186cc6706b31670a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/698270988/ 3 KB
2 KB 85ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/698270988/?random=1707203225090&cv=11&fst=1707203225090&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=612260061.1707203225&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

491a58d07634d05a747ef2a6e4239d9032b274fa4a460e6a4f57e1a083ac615c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1710
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/ 3 KB
2 KB 81ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/?random=1707203225098&cv=11&fst=1707203225098&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&pscdl=noapi&auid=612260061.1707203225&uamb=0&uaw=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&rfmt=3&fmt=4

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3599ae3979299232ae3a5c8b0744c49ad8f61f35c14fd359ff43328a37645458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/ 3 KB
2 KB 55ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1707203225099&cv=11&fst=1707203225099&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&pscdl=noapi&auid=612260061.1707203225&uamb=0&uaw=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&rfmt=3&fmt=4

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c17b216096c3ad997ab6c7fe3bcb85b35e03bc6335e87c8e078593e4035bb8ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 58ms
23ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 90ef36e0fc9aecb01aad9a5f1a54a573c0861e2cbf485d3c187593fe1a5cf10f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17891
x-amz-cf-id: meNuzKo0Z6Wxb8Gi8O0AyxJQe30s--9qq2jOS9ipLKnjYPyQ8UmZRQ==

GET
H2 200 local Show response
www.paypal.com/credit-presentment/experiments/ Frame D764 5 KB
2 KB 12ms
12ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.55.0&integrationType=SDK

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be4b55c5d8a7ef71000d7696ba2e6a36cce9cfe71de512a9bb6a93028ae0e02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 44478
cache-control: s-maxage=86400, max-age=0
content-encoding: gzip
content-length: 1526
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 07:07:05 GMT
dc: ccg11-origin-www-1.paypal.com
edge-cache-tag: up-treatments-zoid
etag: W/"1479-hZrJEn1/I7nZxrYtD5biQSscHCo"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f200968dca12a
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f200968dca12a-21b4e1ea1b3a093a-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f200968dca12a-8dab3705fa269eee-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 10700, 0
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
x-timer: S1707203226.908801,VS0,VE5
x-xss-protection: 1; mode=block

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 11ms
11ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.com&t=xo&v=5.0.422&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2b640a7227890217527259e40d2d35cc3117f6ea19c9caa1edae8a6631dfc25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-F0oBYW+6OgY7CxYmx5Q2JewuOVi5l/kdYPsChQn/OoxWcpLw' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-F0oBYW+6OgY7CxYmx5Q2JewuOVi5l/kdYPsChQn/OoxWcpLw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Feb 2024 07:07:05 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 44141
x-cache: HIT, MISS
paypal-debug-id: f908853b89683
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4797
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f908853b89683-1e2a6dfab4bee27a-01
x-timer: S1707203226.910618,VS0,VE4
etag: W/"3691-O5DxjADlzAMI8SM+4CmRbyohXa4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 122ms
13ms Script
application/javascript 2a02:26f0:3500:887::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3e376deaeb30858026260be3d2bd058d03c0b007cb7133c0d6fea15d775afd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "ba3486175e2b68724e3b47a025fadde7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1861

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 28 KB
9 KB 112ms
6ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: eec8fb654765dfbba9b783382bfc8ecda7db21a2e24ffde27d19624ae2287d9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 30 Jan 2024 22:08:33 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "cdb613b732483a878e5e73924ee9a02f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8623

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 209ms
113ms Script
application/javascript 2.19.96.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.161 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 365a642315c654c45c18e97c78dfd48a9dd54a8bd0a477a753ff204e8a661cdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-akamai-request-id: 401676d5.13dc8845
date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402060707066D09837DA55C0A306188-7AD2692D155AD89A-00
x-cache: TCP_MISS from a2-19-96-157.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 86,2.19.96.157
server-timing: cdn-cache; desc=MISS, edge; dur=80, origin; dur=6, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202402060707066D09837DA55C0A306188
x-cache-remote: TCP_MISS from a23-48-100-179.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.48.100.179
x-tt-trace-host: 0187fbd8908e446f8b1b5e834ce4df640fdb6e906184410237c50c7aa56b929c562bb271689f2d7be808376087f972412a1f687680250da13840fe384dd6c63a1ad3b4943be6ed2210df9a76ddd2cfbd55caee2690be69c6a00217957127b66edf7830701c2d28d0bd3550ac919132658c
expires: Tue, 06 Feb 2024 07:07:06 GMT

GET
H2 200 widget.js Show response
js.jebbit.com/companion/v1/ 44 KB
45 KB 103ms
7ms Script
text/javascript 2600:9000:206f:200:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:200:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef37a0adcce8182a55abff9a5e28be02925fe56a3088a8d36a91a8cd3008c58b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: iCZS77ZG1ZPlwIXN0jcyz2UtdxRogOfI
date: Mon, 05 Feb 2024 18:44:23 GMT
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2024 18:44:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 44564
x-amz-server-side-encryption: AES256
etag: "6b2f615c6ad69ee4f7b72b4ba8130ca4"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 45233
x-amz-cf-id: IbsssVDYeG9VzfYWKcesT4lbTojmAOewRyYmJMBniW8vETQEsppx0g==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 125ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 06 Feb 2024 07:07:05 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E5AF5F68C6014D22B5CCDA2AB8F89C93 Ref B: FRAEDGE2016 Ref C: 2024-02-06T07:07:06Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1015 B
866 B 202ms
202ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9136e48faa9412b456a46255085b2f75a60e82df6ff0a3391c57996fbae46e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f7324217b2ab3
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230084-FRA, cache-fra-eddf8230084-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f7324217b2ab3-43dcac0d9cb3d7d8-01
x-timer: S1707203226.191778,VS0,VE195
etag: W/"3f7-RcsQzLYHddtHRHA1G2Ikv2KEEns"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 1a8bfa042c9c5.js Show response
t.contentsquare.net/uxa/ 286 KB
69 KB 115ms
22ms Script
application/javascript 18.66.112.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00f63146f5f2bb05846c9f1ac63f6246edd2ace8e401eff28a4940be4e77bf49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 05:46:53 GMT
content-encoding: br
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 70111
last-modified: Tue, 30 Jan 2024 12:14:16 GMT
server: AmazonS3
etag: "7d9fc560d88b4be270044e45a4b76f4d"
vary: Origin
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: EJJCMw3x3X4er_q3asOYcZwrDM7nUu1VDjn_z27WB6-cmTM_iuhrVw==

GET
H2 200 i.js Show response
tag.wknd.ai/4142/ 18 KB
6 KB 81ms
7ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/4142/i.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: aa7243da44bb290d9c99c945c12bd2e9ed85d52ec48667d78fb50d08987de883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:02:33 GMT
content-encoding: gzip
via: 1.1 google
age: 273
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5759
server: istio-envoy
etag: e43e77beb33d01
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame D764 408 KB
112 KB 11ms
10ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.55.0&integrationType=SDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f8c6ebbfbfd150bad4b5bd7158cc60bed275422878781b45bd2450f776d625b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.55.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Feb 2024 07:07:05 GMT
age: 10287
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f87382690d57d
server-timing: "traceparent;desc="00-0000000000000000000f87382690d57d-b35fa549671c1fb3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 114027
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f87382690d57d-834841a32d306e92-01
x-timer: S1707203226.954447,VS0,VE4
etag: W/"1bd6b-WsGDcd1F8OTUDL37QJoKRy1NxRA"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 258ms
231ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 06 Feb 2024 07:07:06 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f73242128ac06
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f73242128ac06-2a80f28d7bee3d4a-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230084-FRA, cache-fra-eddf8230084-FRA
x-timer: S1707203226.959782,VS0,VE225

POST
H2 204 sessions Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 0
1 KB 196ms
195ms XHR
text/plain 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
via: 1.1 c142948c36c1adb5e5c5ede51f226b02.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: ATL58-P9
age: 0
x-yottaa-optimizations: ob/0 si/33D18cae0c93-1706895435-4346669813 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
pragma: no-cache
allow: OPTIONS,POST
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics: 33218cae0c72/[91,90,-] 33D18cae0c93/[-,92.383]
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions
accept-ranges: bytes
cf-ray: 85118de2bdf37fed-IAD
x-dw-request-base-id: -dpBoJrawWUBAAB_
x-amz-cf-id: oBBnx8UdbdLtFmo1gA9yOkr_LLLeZqtezjXyyccZS-KDs2-Jz-djVw==
x-yottaa-os: 204
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 shoppercontext Show response
www.elfcosmetics.com/api/v1/ 114 B
786 B 889ms
889ms XHR
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
via: 1.1 ba1e517a4f7e2b0408d16a73e8b5ca62.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 114
x-amz-cf-pop: ATL58-P9
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669814 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 8f8c954a-6bff-4091-b8c0-abb1af910b67
x-cache: Miss from cloudfront
x-amz-apigw-id: Ss8YHFbnCYcEtiQ=
content-length: 108
etag: W/"72-HgdmTgyCF/DQfqnMU3u+4UstAzI"
x-amzn-trace-id: Root=1-65c1da9a-371e0d4a64e1b7815a830c0f;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 33218cae0c73/[782,781,-] 33D18cae0c93/[-,784.333]
x-amzn-remapped-date: Tue, 06 Feb 2024 07:07:06 GMT
x-amz-cf-id: 1z6xOT6v3VEpSpZm6SVqJv5uQ9piE-o6BY-Q9zpYNMjg7baACd3DjA==

GET
H2 200 geo-ip Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 200 B
869 B 315ms
314ms XHR
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=45.141.152.75

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

af500d45588bf70c829a8c641d1fc629efc1a9188e2b41a9901312f17d0823c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language: de-DE,de;q=0.9
x-pwa-request: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 4e52c70af243aab14f040ff8b68d2854.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
age: 0
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669818 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
allow: GET,HEAD,OPTIONS
content-type: application/json;charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=45.141.152.75
x-yottaa-metrics: 33218cae0c78/[187,187,-] 33D18cae0c93/[-,189.113]
cf-ray: 85118de3695b5788-IAD
x-dw-request-base-id: eao66prawWUBAAB_
x-amz-cf-id: nzg60jhvZ43rnsM9IguJybaT0MQ8HbrjWcVMCXo-sFc87ffemjzWWQ==

GET
H2 200 geo-ip Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 200 B
871 B 313ms
313ms XHR
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=45.141.152.75

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

af500d45588bf70c829a8c641d1fc629efc1a9188e2b41a9901312f17d0823c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language: de-DE,de;q=0.9
x-pwa-request: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
age: 0
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669819 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
allow: GET,HEAD,OPTIONS
content-type: application/json;charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=45.141.152.75
x-yottaa-metrics: 33218cae0c79/[187,185,-] 33D18cae0c93/[-,187.654]
cf-ray: 85118de36b3f81bb-IAD
x-dw-request-base-id: eao56prawWUBAAB_
x-amz-cf-id: xFfBzq6-W_NIHHwUOpt3HplcmbXdJMwTca3vZ_RUBGyfiYuIXqVcnw==

GET
H2 200 baskets Show response
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkrhIxKsWkXsRmbpGkGYYkrpF/ 11 B
816 B 229ms
228ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkrhIxKsWkXsRmbpGkGYYkrpF/baskets?siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
x-correlation-id: 85118de33ee30852
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 316c0d862340b97a09ec5fe1e5934c38.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
age: 0
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669815 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-encoding: gzip
x-cache: Miss from cloudfront
content-length: 37
allow: GET,HEAD,OPTIONS
x-ratelimit-remaining: 999
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0,no-cache,no-store
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkrhIxKsWkXsRmbpGkGYYkrpF/baskets?siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118de33ee30852-IAD
x-amz-cf-id: jez-hOVJIDdnV9pWQFi9V-7B1IRQvgeCMYXlDaPdPeG-EPYRTVBjHw==
x-yottaa-metrics: 33218cae0c75/[123,121,-] 33D18cae0c93/[-,124.672]

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 368 KB
32 KB 813ms
813ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300233%2C300211%2C300220%2C81517&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

0ad31d7012d7cbcde840c4154a2e39b517f730100cf7b3833fc4f965ee8259b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118de3382d065b
via: 1.1 12226b9ff01df10d4b735797b17a2a72.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669816 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=60
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300233%2C300211%2C300220%2C81517&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118de3382d065b-IAD
x-amz-cf-id: 12CkIHVtU1NlK46dBWFPMj4PtMyL3GyoqWFvLxRgR_x78qa0KcELwQ==
x-yottaa-metrics: 33218cae0c76/[707,705,-] 33D18cae0c93/[-,707.906]

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 494 KB
35 KB 1019ms
1018ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300237%2C300230%2C300229%2C300215%2C300199&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

591433508d85adc59a5a9cbd7695ac8051a39be2ff8b12e2f823eff10569ceda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118de33e8f080a
via: 1.1 9066ebaa8d05a90243a3382443d22da8.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669817 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=60
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300237%2C300230%2C300229%2C300215%2C300199&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118de33e8f080a-IAD
x-amz-cf-id: ljZmBppp1--3BT8RwEtZFZbwEj2ZJbiJWA42DtYnRBNUzrZttz7Zvg==
x-yottaa-metrics: 33218cae0c77/[909,908,-] 33D18cae0c93/[-,909.914]

GET
H2 200 display Show response
api.usehero.com/webplugin/ 189 B
1 KB 274ms
191ms XHR
application/json 108.128.163.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Fwww.elfcosmetics.com%2F&state=untouched&outboundFeature=

Requested by

Host: cdn.usehero.com
URL: https://cdn.usehero.com/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.163.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-163-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b9e5fd7aa715469aa3ba04e51f41b16f99c2d8203fbad68043e8b95b321e8268

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
klarna-correlation-id: 3a4acbd9-3553-410d-9857-2dceeba65b2d
cross-origin-resource-policy: same-origin
x-geo-longitude: 8.62950
pragma: no-cache
referrer-policy: same-origin
etag: W/"bd-ZX+U7klfdpaGZqlQl92xXc9qZL4"
x-frame-options: SAMEORIGIN
x-geo-zip: 60326
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-latitude: 50.10490
x-accuracy: 20
expires: 0
date: Tue, 06 Feb 2024 07:07:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
x-time-zone: Europe/Berlin
x-envoy-upstream-service-time: 15
content-length: 189
x-xss-protection: 0
x-request-id: 3a4acbd9-3553-410d-9857-2dceeba65b2d
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-country: DE
x-geo-city: Frankfurt am Main

POST
H2 201 sync Show response
sdk.iad-05.braze.com/api/v3/content_cards/ 85 B
208 B 419ms
419ms XHR
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ead9d25adb64dfbde115cd038499cd4b8c2835921093773ceb30b56617d111fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/json
BRAZE-SYNC-RETRY-COUNT: 0
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest
X-Braze-ContentCardsRequest: true

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-request-id: 1f8d6a5c-62db-4e6a-9b66-cf2da4bfa642
x-served-by: cache-fra-eddf8230029-FRA
x-runtime: 0.039926
etag: W/"ead9d25adb64dfbde115cd038499cd4b"
access-control-max-age: 7200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 0
0 102ms
102ms Preflight 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
date: Tue, 06 Feb 2024 07:07:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230029-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
91 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd6211488c0c094fdfdf4c4f979e7a6e62e008c270137165c8f982124e70fc63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92965
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Feb 2024 07:07:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 29ms
3ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Feb 2024 07:07:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 63pTk2tevRobvjvg3DR7FrM1KssoXFCnvg3HYMznTNpVdpeKIA8tORdACazwgfLX8iA21C/gKysnRixu4CtOPA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 32 B
49 B 34ms
34ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: b877311e3743367bee817ee88fca0dedf65abb663d0e8b1f64954c5bcca1846f

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H2 200 /
www.google.com/pagead/1p-user-list/10812184462/ 42 B
108 B 21ms
19ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10812184462/?random=1707203225086&cv=11&fst=1707202800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_fE5tBXy0RItR8OkEE2Yt_8ydQc5NJadIAIEH0Twq5SXCAaXS&random=3633253029&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10812184462/ 42 B
154 B 18ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10812184462/?random=1707203225086&cv=11&fst=1707202800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_fE5tBXy0RItR8OkEE2Yt_8ydQc5NJadIAIEH0Twq5SXCAaXS&random=3633253029&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/698270988/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1874784802&cv=11&fst=1707203225090&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sy...
https://www.google.com/pagead/1p-conversion/698270988/?random=1874784802&cv=11&fst=1707203225090&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/698270988/?random=1874784802&cv=11&fst=1707203225090&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_...

42 B
64 B

25ms
25ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/698270988/?random=1874784802&cv=11&fst=1707203225090&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&npa=0&pscdl=noapi&auid=612260061.1707203225&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUklsQUZLSW82RDMxdm85eDdkbWlnZWdidnpaNlFWTmV0dmg2U0YxclF4Rm1NaXA0YXFVbmcaWENoRUlnS3VDcmdZUXNlRFd1ZTNQNU5fNUFSSXRBTGxKRDREVGRfZ2RaT3RNYWg1M19Ja21FZk1HY0tXRlU2WjZka1dHVHduZThVSE5fRnNORWF0Z3QweV8iEwi7j9jOk5aEAxXiJAYAHfciCJs&is_vtc=1&ocp_id=mdrBZfveM-LJmLAP98Wg2Ak&cid=CAQSKQAvHhf_TbR819hlO96aH-W_1wGg_VWEMZElH1iQJeOIKLn61AWwlfNM&eitems=ChAIgKuCrgYQ1M_J3drP3IQhEh0AnTytr1-yAsn3EJyu1RaAUOaTeXBVeWFvyhHgKA&random=3703063017&ipr=y

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/698270988/?random=1874784802&cv=11&fst=1707203225090&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&npa=0&pscdl=noapi&auid=612260061.1707203225&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUklsQUZLSW82RDMxdm85eDdkbWlnZWdidnpaNlFWTmV0dmg2U0YxclF4Rm1NaXA0YXFVbmcaWENoRUlnS3VDcmdZUXNlRFd1ZTNQNU5fNUFSSXRBTGxKRDREVGRfZ2RaT3RNYWg1M19Ja21FZk1HY0tXRlU2WjZka1dHVHduZThVSE5fRnNORWF0Z3QweV8iEwi7j9jOk5aEAxXiJAYAHfciCJs&is_vtc=1&ocp_id=mdrBZfveM-LJmLAP98Wg2Ak&cid=CAQSKQAvHhf_TbR819hlO96aH-W_1wGg_VWEMZElH1iQJeOIKLn61AWwlfNM&eitems=ChAIgKuCrgYQ1M_J3drP3IQhEh0AnTytr1-yAsn3EJyu1RaAUOaTeXBVeWFvyhHgKA&random=3703063017&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/865242110/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/865242110/?random=1707203225098&cv=11&fst=1707202800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_RZvA0cEkogzJJPhlNfkkSLvYuXFjY9gUfo4Hi_o9D705UksP&random=2121555468&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/865242110/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/865242110/?random=1707203225098&cv=11&fst=1707202800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_RZvA0cEkogzJJPhlNfkkSLvYuXFjY9gUfo4Hi_o9D705UksP&random=2121555468&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/698270988/ 42 B
154 B 18ms
18ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698270988/?random=1707203225099&cv=11&fst=1707202800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_xH6EYZ9m4RPMa3xQn7oipYvxsSqlaqg3AqZJCGBCoiCeYQFV&random=1611305371&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/698270988/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698270988/?random=1707203225099&cv=11&fst=1707202800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_xH6EYZ9m4RPMa3xQn7oipYvxsSqlaqg3AqZJCGBCoiCeYQFV&random=1611305371&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
509 B 205ms
185ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1707203226068&g=-60&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2F&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 06 Feb 2024 07:07:06 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 12e567fc0a067
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230054-FRA
pragma: no-cache
correlation-id: 12e567fc0a067
traceparent: 00-000000000000000000012e567fc0a067-a6708192e907d95e-01
x-timer: S1707203226.109067,VS0,VE159
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 07:07:06 GMT

GET
H2 200 p
tr.snapchat.com/ 68 B
444 B 87ms
18ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&ev=PAGE_VIEW&intg=gtm&pids=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_c1=6770a12d-a253-440d-a290-a1eb72b0b174&u_sclid=d76519f1-33a3-4884-986c-70e06b4380a4&u_scsid=f877307b-f7b1-43fd-afa6-3bb8e3ee10a6&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=3351&m_fcps=3188&m_pi=3351&m_pl=4657&m_pv=2&m_rd=5217&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fwww.elfcosmetics.com%2F&trackId=dc89a8be-6b39-4031-9bb8-07dfec51b933&ts=1707203226081&v=3.9.0-2401311916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 t2_16331p_telemetry Show response
conversions-config.reddit.com/v1/pixel/config/ 86 B
424 B 54ms
32ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://conversions-config.reddit.com/v1/pixel/config/t2_16331p_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:05 GMT
nel: {"report_to":"w3-reporting-nel","max_age":14400,"include_subdomains":false,"success_fraction":0.3,"failure_fraction":0.3}
report-to: {"group":"w3-reporting-nel","max_age":14400,"include_subdomains":false,"endpoints":[{"url":"https://w3-reporting-nel.reddit.com/reports"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
content-length: 86
x-served-by: cache-fra-eddf8230092-FRA

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 29ms
6ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1707203226088&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=cb97fc55-237e-4973-9dc8-8dc21a2dbba3&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_26e8ea0f&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 widget.css
js.jebbit.com/companion/v1/ 15 KB
16 KB 7ms
7ms Stylesheet
text/css 2600:9000:206f:200:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.css
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:200:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a1fe89f11a11d89299028b565a99569e2aa5df3055ce514ba4dec2a8f0fe4fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: Z0QDj1CgW4goG86MDiwkBAynMlsfDNZh
date: Mon, 05 Feb 2024 18:44:26 GMT
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2024 18:44:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 44561
x-amz-server-side-encryption: AES256
etag: "8e754beaa7f32e405c184f00c12cece1"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 15502
x-amz-cf-id: JuZR9lflygw-s7gpTfW92BN7KpvXf07MZ6dVYlKPypMSRmIrDeb10w==

GET
H2 200 launcher_configs Show response
external-api.jebbit.com/moments/v2/ 2 B
448 B 83ms
23ms XHR
application/json 18.199.1.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZ3d3cuZWxmY29zbWV0aWNzLmNvbSUyRg==&completedLightboxCampaigns=W10=&jebbitCookies=

Requested by

Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.199.1.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-199-1-91.eu-central-1.compute.amazonaws.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 2
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options: noopen
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 hash Show response
www.paypal.com/credit-presentment/experiments/ Frame D764 40 B
2 KB 214ms
214ms Fetch
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_411a872a0d_mdc6mdc6mdy&disableSetCookie=true&features=disable-set-cookie

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.55.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Feb 2024 07:07:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
edge-cache-tag: up-treatments-hash
x-cache: MISS, MISS
paypal-debug-id: f732421b14252
server-timing: "traceparent;desc="00-0000000000000000000f732421b14252-d5a562d0581d8ce9-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 56
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f732421b14252-81c76aaf8340e7d2-01
x-timer: S1707203226.115071,VS0,VE207
etag: W/"28-xz7oeWVj/8B52QKKulWR9ZDQlKU"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: s-maxage=86400, max-age=0
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 main.b3ba56f5.js Show response
s.pinimg.com/ct/lib/ 66 KB
19 KB 13ms
13ms Script
application/javascript 2a02:26f0:3500:887::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b3ba56f5.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 45f265d91f0d046e0bf176d32af863a7e497d1c4fa27b488cb0d7a0f539c21e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "672deff0b6e5a9abcd39c208d7373098"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19203

GET
H2 204 5013978.js Show response
bat.bing.com/p/action/ 0
115 B 34ms
33ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5013978.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 06 Feb 2024 07:07:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 23A21D78CF824674B36216B985A09BC8 Ref B: FRAEDGE2016 Ref C: 2024-02-06T07:07:06Z
x-cache: CONFIG_NOCACHE

GET
H2 200 1638306756445368 Show response
connect.facebook.net/signals/config/ 64 KB
14 KB 151ms
151ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1638306756445368?v=2.9.145&r=stable&domain=www.elfcosmetics.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8255a24f4eee1cd6244471f8db9d7d185e667879d4e96cd2130f64961d94ec42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Feb 2024 07:07:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: m2vlLI1XetdOJBxg9fzxyRyddssBDrYXUpnQqUeTjxLqhE4/8Fl9xLVcAEqx0DjjVdfWbCqWagdB2spNX3RdvQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 805 B
1 KB 179ms
154ms XHR
text/plain 34.49.124.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je41v0v879088318z8896608294za200&_p=1707203224692&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1605848610.1707203225&ul=en-us&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l3l1&sst.tft=1707203224692&_s=1&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1707203226&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&en=page_view&_fv=1&_ss=2&ep.page_type=homepage&ep.page_environment=production&ep.page_country=US&ep.page_language=EN&up.custom_user_id=&up.client_id=&up.user_has_transacted=false&up.user_logged_in=false&up.user_country=US&up.user_loyalty_status=false&tfd=5438&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e5d1e1706be106f83dbc876591b8dc01d9632b0e3aa68f74984a2f8b1971ccb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET
BLOB 200
OK 66a26f34-6134-4ada-a958-d5803773a2ef
https://www.elfcosmetics.com/ 7 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.elfcosmetics.com/66a26f34-6134-4ada-a958-d5803773a2ef
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cec4707a8901d0e739b73b254330c67e1bac777e4678a036253bd109daa8fef3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 7329
Content-Type: application/javascript

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 133ms
28ms Image
text/plain 52.30.246.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?ex=&pvt=n&cvars=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&cvarp=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&la=en-US&uc=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&dr=&dw=1600&dh=5021&ww=1600&wh=1200&sw=1600&sh=1200&uu=5066bf07-eb87-a4dc-9284-7ee6c4839e36&sn=1&hd=1707203226&v=13.83.0&pid=1926&pn=1&r=329587
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.246.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-246-4.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

POST logger
www.paypal.com/xoplatform/logger/api/ Frame D764 0
0

GET
H2 200 jsp Show response
ut.rd.linksynergy.com/ 148 B
404 B 121ms
21ms Script
text/plain 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

f5aed750db64c0ad3ca084335015004f18c15f773957d575f89ddb25fc501834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Tue, 06 Feb 2024 07:07:06 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148
x-samesite: secure

GET
H2 200 main.MTU3YmJkODI0MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 399 KB
104 KB 21ms
21ms Script
application/javascript 2.19.96.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.161 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d3337c243fd2997450eada372bc50705c72d3bb2fe80bcb3c074be6e39b1ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-akamai-request-id: 13dc88b2
date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202401252008485DD782F92D1F4F70D638
x-tt-trace-id: 00-2401252008485DD782F92D1F4F70D638-697A7F1112213D14-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-19-96-157.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0122ad357bf8aaa52e38e80e04a21aa8324abddc59452fb92ae44954bf5e79301d1f419203ad60d5760f10a5a627db539ded2d9bd46351a349a017e20f98a2ed9749fc6b727b5c40770e840724c7688e6b726f9d83f9372a20f09567cc432311ed
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length: 106012

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
712 B 130ms
34ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1707203226331&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b3ba56f5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.926656b8.1707203226.65b433a4
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=600
content-length: 172
x-pinterest-rid: 1059145715508829
pin-unauth: dWlkPU16STVaV1F5WVRRdE1ETXhNQzAwT0RCaExUbG1OR0l0WTJaaFpqYzFNek01WldSag
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: cfd4e862d9e3481a2f60d0bf6fccc06d9ddb0948
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
456 B 127ms
38ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b3ba56f5%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1707203226336

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.926656b8.1707203226.65b433b3
content-type: image/gif
access-control-allow-origin: *
pinterest-version: cfd4e862d9e3481a2f60d0bf6fccc06d9ddb0948
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 1243754217121147
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 baskets Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 3 KB
2 KB 249ms
249ms XHR
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

34803870664378ed86f1be63deddab4fee4eff34a0c201effbf0e4bc89efc673

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language: de-DE,de;q=0.9
x-pwa-request: true
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
via: 1.1 506b5e1d907583941705cce32a26ed72.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 0
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669821 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
content-length: 1097
pragma: no-cache
etag: b7063a4464947edbccef6a175f5f6fbe68c8a26ff1644fb97f0a5dedc0a6df72
allow: OPTIONS,POST
content-type: application/json;charset=UTF-8
x-dw-resource-state: b7063a4464947edbccef6a175f5f6fbe68c8a26ff1644fb97f0a5dedc0a6df72
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics: 33218cae0c7b/[144,140,-] 33D18cae0c93/[-,145.467]
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets
accept-ranges: bytes
cf-ray: 85118de538cd20cf-IAD
x-dw-request-base-id: -dpSoJvawWUBAAB_
x-amz-cf-id: FWj1R9IV2HzgVoaBoCCDcjWk--MBs256wy21esMfYM8uI5L7IJHtJA==
x-yottaa-os: 200
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 105ms
29ms Image
text/plain 52.30.246.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=13.83.0&pid=1926&pn=1&sn=1&uu=5066bf07-eb87-a4dc-9284-7ee6c4839e36&dv=H4sIAAAAAAAAA0WMsQrCUAxFfyVkdnHtpq0VwVEKnUraBgnERF6DWor%2F7hOUjvdwzl1wt%2B%2Bqtjuq96RQukVyhQtPgQVWs9FNBmiFdYTD685J2AaecPPrVgbbHDSUhELc8vorZ3%2FCyYLt%2B1i6KvWesvRgqEUj53bF9wcxTAoRiQAAAA%3D%3D&ct=2&r=661080
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.246.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-246-4.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 identify_0a875.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 21ms
21ms Script
application/javascript 2.19.96.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.161 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-akamai-request-id: 13dc88e8
date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240123151538CB105E941C491498224C
x-tt-trace-id: 00-240123151538CB105E941C491498224C-1FABFF5BB1D8E736-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-19-96-157.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e83572f3e52186dc1c593befa1fab62db99c1f7153c437ec06474e07ee27c8d6bb4252a83cc74e0784f7094d3a20b41c80a3c99c7448c7993d6435b3d9e32c7b9f5e52308612f81020fc1a7b2241bf4aaea20881c32eda1b3eaaf4bd6e886b94
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10
content-length: 37008

POST
H2 200 performance_interaction
analytics.tiktok.com/api/v2/ 0
840 B 139ms
139ms Ping
text/plain 2.19.96.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/performance_interaction
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.161 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 77976366.13dc88fb
date: Tue, 06 Feb 2024 07:07:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240206070706C882B6A079F0ECC496A4-0A8046F467BBEDC4-00
x-cache: TCP_MISS from a2-19-96-157.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 94,2.19.96.157
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=14, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240206070706C882B6A079F0ECC496A4
x-cache-remote: TCP_MISS from a23-48-100-173.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.48.100.173
x-tt-trace-host: 0187fbd8908e446f8b1b5e834ce4df640fdb6e906184410237c50c7aa56b929c566e6a6da8405ecd4724c9113ece01aa73189384116003b849aa78ee700394f5432e9c309b21f9eb02823c7bd30abecd14faf272cb095f1c4ec26331c28acb63cd8052f0526f15b39e9d313e81cd849142
access-control-allow-headers: Authorization,*
expires: Tue, 06 Feb 2024 07:07:06 GMT

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
969 B 448ms
150ms Ping
text/plain 104.126.118.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.118.203 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-118-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 87dc8d4.6d19f5f3
date: Tue, 06 Feb 2024 07:07:06 GMT
x-bytefaas-request-id: 202402060707064AFEBEB31E0701C0EF34
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402060707064AFEBEB31E0701C0EF34-3D50BE267A9551E1-00
x-cache: TCP_MISS from a104-126-118-199.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
x-parent-response-time: 56,104.126.118.199
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=47, inner; dur=44
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402060707064AFEBEB31E0701C0EF34
x-cache-remote: TCP_MISS from a23-36-67-233.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 43.12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 0100825f2de55336f17e5f56eeb3099817c26ce0511c9f3fdcb4d9744b68fbdcbafa94928d654a773d019e24c6ff65cc800e756b4d07af621452dff97acb332c0649da3d3a049688dd47926689f1400edf8d33c567cccdd107b38fbd00dd3adab1c962c0525c56ecfbbbf42cbda88402ba
x-origin-response-time: 47,23.36.67.233
access-control-allow-headers: *
expires: Tue, 06 Feb 2024 07:07:06 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
840 B 231ms
231ms Ping
text/plain 2.19.96.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.161 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 679765d5.13dc88fc
date: Tue, 06 Feb 2024 07:07:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402060707064C1C70978AB20DCDB889-59F14CA172606E76-00
x-cache: TCP_MISS from a2-19-96-157.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 138,2.19.96.157
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=49, inner; dur=42
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402060707064C1C70978AB20DCDB889
x-cache-remote: TCP_MISS from a23-220-106-79.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 49,23.220.106.79
x-tt-trace-host: 0187fbd8908e446f8b1b5e834ce4df640f4650e2a766233fae61d8fc2cd210841f508b077460c404186e3a0f800c09e005f536aa7bfc6347766ac61045b86f0d61324360baf00b2e1ed2b992c8dccb0471b9fcb63c015a03ae80e33c9da12a9a1a1e44317468ef3128ef36eadff9665308
access-control-allow-headers: Authorization,*
expires: Tue, 06 Feb 2024 07:07:06 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 104ms
103ms Image
image/svg+xml 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 7d2e8c2396efd943b9c80d028e8585f6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 909159
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/33D18cae0c93-1706292485-4147431437 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cec/[3,-,1706294057079] 33D18cae0c93/[hit]
x-amz-cf-id: 4Q_Yx-3OqnvJUdmyn_rBQCnw26GjkswnUtN9JVzf4BY_G83Tx2jFfQ==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 29ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&rl=&if=false&ts=1707203226636&sw=1600&sh=1200&v=2.9.145&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1707203226633.1982582757&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1707203226254&coo=false&eid=1707204004781_17072040905018&tm=1&exp=e1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 07:07:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/s/ 0
248 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham&gtm=45j91e4250h2v879088318z8896608294z99175401888za200&_gsid=ZLYXLXNDL8UCue7QuO5pZ4vf5fXFcfUw
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=sypham&tid=G-ZLYXLXNDL8&cid=W763TUuRz%2B%2FCaruc8DpxUKxvCOIItqUJD5K0UzHC5dI%3D.1707203225&gtm=45j91e4250h2v879088318z8896608294z99175401888za200&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 17ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-ZLYXLXNDL8&cid=W763TUuRz%2B%2FCaruc8DpxUKxvCOIItqUJD5K0UzHC5dI%3D.1707203225&gtm=45j91e4250h2v879088318z8896608294z99175401888za200&aip=1&z=1170992917

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 07:07:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 135ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48DA) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 8feb6778f556b
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (ama/48DA)
traceparent: 00-00000000000000000008feb6778f556b-70fa99ceadb7c1e3-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 06 Feb 2024 08:07:06 GMT

GET
H3 200 c69c204f-fba0-4685-aea8-ad32f799fa5d.js Show response
tr.snapchat.com/config/com/ 186 B
205 B 123ms
113ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/c69c204f-fba0-4685-aea8-ad32f799fa5d.js?v=3.9.0-2401311916

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

9a35922a6b3cdd53f2dbce919d6e801174ef11b8eb275e17bba7742e1d115beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.elfcosmetics.com
x-envoy-upstream-service-time: 95
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186

GET i
tr.snapchat.com/cm/ Frame 6AA5 0
0

GET
H2 200 runtime_6459738026535cda4232dc813c61447d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 74ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 18:44:19 GMT
content-encoding: br
age: 1254167
x-guploader-uploadid: ABPtcPrZ-5KfnxFnGmQBQdcU54YVtLjDpSN7IPSeD0jKg9qjm7baIcs47nzouHpIADeauPSLcw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
last-modified: Mon, 22 Jan 2024 18:44:07 GMT
server: UploadServer
etag: "09512239cb2a22728ca9f8608dfc2181"
x-goog-generation: 1705949047694544
x-goog-hash: crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1316
accept-ranges: bytes
content-type: text/javascript

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
840 B 133ms
133ms Ping
text/plain 2.19.96.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.161 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4016831e.13dc896a
date: Tue, 06 Feb 2024 07:07:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402060707066D09837DA55C0A3061AA-3A74C7051847811A-00
x-cache: TCP_MISS from a2-19-96-157.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 102,2.19.96.157
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=22, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402060707066D09837DA55C0A3061AA
x-cache-remote: TCP_MISS from a23-48-100-179.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.48.100.179
x-tt-trace-host: 0187fbd8908e446f8b1b5e834ce4df640fdb6e906184410237c50c7aa56b929c562bb271689f2d7be808376087f972412a1f687680250da13840fe384dd6c63a1a139115899f567278ef84feecf455ee45ab67409ec42e1d89850de6c076ea54af9e03a7841725be72eaf68dd36f2a28b4
access-control-allow-headers: Authorization,*
expires: Tue, 06 Feb 2024 07:07:06 GMT

GET
H2 200 PWA-UpdateSession Show response
www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/ 56 B
1 KB 340ms
340ms XHR
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
content-encoding: gzip
via: 1.1 6c7ab75e35abaff5e641bcd368abeaf4.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: ATL58-P9
age: 0
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669823 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
pragma: no-cache
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
x-yottaa-metrics: 33218cae0c7c/[235,233,-] 33D18cae0c93/[-,236.145]
cf-ray: 85118de77a191fdd-IAD
x-dw-request-base-id: Bf00BpvawWUBAAB_
x-amz-cf-id: ZDj0vMy32l0goJkvpAO-VyMQtK1C_UprEn9hikWVK-vrwtbzyaQfhg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 main-v2_ebdc40144452b28a9e2494fb9b413c26.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 482 KB
105 KB 8ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_ebdc40144452b28a9e2494fb9b413c26.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 89b2a0533b9474d5d5c289ab743c84b54c90dd8ac0afd31dbe67de88aeabf61c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 14:32:34 GMT
content-encoding: br
age: 59672
x-guploader-uploadid: ABPtcPp-HXDMgGBfIUEwP4LXYnVMiRoI0Mzr0MR7gfXr-Sd3HOjCOKTHS2IEKcur9eDfcgYj4jA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107404
last-modified: Mon, 05 Feb 2024 14:32:16 GMT
server: UploadServer
etag: "25a4c458d8d13400c22ae2aff2beabcc"
x-goog-generation: 1707143536539182
x-goog-hash: crc32c=q4aRkg==, md5=JaTEWNjRNADCKuKv8r6rzA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 107404
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 cjs_min_1e55b565811f11b08485230cf1d150d6.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 49 KB
16 KB 13ms
13ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:23:34 GMT
content-encoding: gzip
age: 2126612
x-guploader-uploadid: ABPtcPrdxOUSHBnr880ZDF5VqySp_B518yX9pSpyVR_qlU3nSXKGlZKoYGfOqeynjKllaw7vzQE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15751
last-modified: Wed, 13 Dec 2023 16:23:11 GMT
server: UploadServer
etag: "d7dc7d7ebcc4f5af5fc2d4804e7ec737"
x-goog-generation: 1702484591435387
x-goog-hash: crc32c=3TW0yQ==, md5=19x9frzE9a9fwtSATn7HNw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15751
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame BA61 55 KB
17 KB 14ms
14ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B6) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Tue, 06 Feb 2024 07:07:06 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Tue, 06 Feb 2024 08:07:06 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: 0a5dd6d0a3c1c
server: ECAcc (ama/48B6)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000000a5dd6d0a3c1c-ab339c6816826faa-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 727ms
125ms XHR
application/json 34.149.202.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.202.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 102.202.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 8beb8e14fae48b4d27d511b3ecfd31d686862d0ae6885c19ef1c488c79dde62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:07 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 461ms
119ms XHR
application/json 34.117.204.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.204.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.204.117.34.bc.googleusercontent.com
Software: /
Resource Hash: d6680bbdc43941398c52eea3a9212959c9b86e74dbc666265ed4a70535e4bf38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:07 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 936ms
118ms XHR
application/json 34.149.211.233
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.211.233 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 233.211.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 10fa747a327edb338008a1449f0694b6dfcddceb87d73b92e1f7bbfa64db29b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:07 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 65 B
484 B 278ms
277ms XHR
text/plain 34.49.124.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je41v0v879088318z8896608294za200&_p=1707203224692&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1605848610.1707203225&ul=en-us&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l3l1&sst.tft=1707203224692&_s=2&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1707203226&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&en=page_view&ep.page_type=homepage&ep.page_environment=production&ep.page_country=US&ep.page_language=EN&ep.vendor_id=facebook&ep.event_id=1707204004781_17072040905018&ep.email=&ep.phone=&_et=2&tfd=5948&richsstsse

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET
H3 200 inbox-v2_c555afbb18897f16008370a417a91834.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 8ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_c555afbb18897f16008370a417a91834.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4c80ba44f61dd8c09ce0c57ca565f286b8bbb3f5ca6cb1fe882ad0d174eaafd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 18:43:41 GMT
content-encoding: br
age: 1254205
x-guploader-uploadid: ABPtcPouKTKh-nNAfG13actsyjsGi3oIZMNJSGuYLwvLR6aq0pup4d8Bv7xkqjZ1XAQTbeHOYkE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4860
last-modified: Mon, 22 Jan 2024 18:43:27 GMT
server: UploadServer
etag: "9f22ee70a9494b465aa6cccf0424e225"
x-goog-generation: 1705949007615648
x-goog-hash: crc32c=ugxA6Q==, md5=nyLucKlJS0ZapszPBCTiJQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 4860
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 sms-v2_e39203556bab2366e56296ce42e974a7.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
1 KB 11ms
10ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_e39203556bab2366e56296ce42e974a7.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 18:44:58 GMT
content-encoding: br
age: 1254128
x-guploader-uploadid: ABPtcPq74R34r5ge9WPid8WDwMErvAoLpXkNO1FxTrZ2oXVXrE8upb8cS_WK5AtrUgK6TTBwlAlnkyvfmQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1303
last-modified: Mon, 22 Jan 2024 18:44:14 GMT
server: UploadServer
etag: "684b816ff7fa85526ab4b729fb5f0c91"
x-goog-generation: 1705949054010429
x-goog-hash: crc32c=ikqFlg==, md5=aEuBb/f6hVJqtLcp+18MkQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1303
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 onsite-v2_1e65144eaf4e12878292a8065df4997d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 12ms
11ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_1e65144eaf4e12878292a8065df4997d.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7bcce32f4ef85233e030a2e0f1a2a81aefab5d602d45c655b1ff5f068ac8abb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 18:44:07 GMT
content-encoding: br
age: 1254179
x-guploader-uploadid: ABPtcPpb2JcPAadgHT3mx4Qs3gNVsC6_ywX678UVifWKI4494eod34oMoeOpZLdNKmaQWbhDw-z6BDWDlA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4963
last-modified: Mon, 22 Jan 2024 18:43:50 GMT
server: UploadServer
etag: "aaf913c9914c1e9a66cc88a9a0b151cd"
x-goog-generation: 1705949030274423
x-goog-hash: crc32c=jDxLwQ==, md5=qvkTyZFMHppmzIipoLFRzQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 4963
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame BA61 18 B
209 B 157ms
156ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7D8C) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: 3160831708bee
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (daa/7D8C)
traceparent: 00-00000000000000000003160831708bee-122d9bf73decba15-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 06 Feb 2024 07:07:05 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
189 B 165ms
165ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1707203226859&g=-60&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2F&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 06 Feb 2024 07:07:07 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 1f24d36774c63
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230054-FRA
pragma: no-cache
correlation-id: 1f24d36774c63
traceparent: 00-00000000000000000001f24d36774c63-ba27103b060622c8-01
x-timer: S1707203227.861608,VS0,VE159
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 07:07:06 GMT

GET
H2 200 NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/ 5 KB
5 KB 123ms
22ms Image
image/png 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
x-amz-version-id: null
cf-cache-status: HIT
age: 80027
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
content-length: 5378
last-modified: Mon, 05 Feb 2024 08:53:20 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 85118de96a432c6f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 2 KB
1 KB 121ms
20ms Image
image/svg+xml 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%203x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
age: 80027
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 05 Feb 2024 08:53:20 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
cf-ray: 85118de96a442c6f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 icon-lips
elfcosmetics.a.bigcontent.io/v1/static/ 914 B
982 B 125ms
24ms Image
image/png 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/icon-lips?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-lips?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-lips?%24Desktop%24=&fmt=auto%203x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f3989acda5131345cd5dd5f11e9c3c373fd3b09eb1a2a64fb2d6b302ea020a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
x-amz-version-id: null
cf-cache-status: HIT
age: 42157
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
content-length: 914
last-modified: Mon, 05 Feb 2024 19:24:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 85118de96a462c6f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 icon-noun-hearts-257768v2
elfcosmetics.a.bigcontent.io/v1/static/ 2 KB
1 KB 123ms
23ms Image
image/svg+xml 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-hearts-257768v2?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-hearts-257768v2?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-hearts-257768v2?%24Desktop%24=&fmt=auto%203x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ddc89ba3c2a29bf8b6a376737d491efdb8f9bcebc7c635639cda62390f45a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
age: 42157
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 05 Feb 2024 19:24:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
cf-ray: 85118de96a452c6f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 103ms
103ms Image
image/svg+xml 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 7d2e8c2396efd943b9c80d028e8585f6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 909160
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/33D18cae0c93-1706292485-4147431437 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cec/[3,-,1706294057079] 33D18cae0c93/[hit]
x-amz-cf-id: 4Q_Yx-3OqnvJUdmyn_rBQCnw26GjkswnUtN9JVzf4BY_G83Tx2jFfQ==

GET
H3 200 jquery-3.5.1.min.js Show response
assets.bounceexchange.com/assets/bounce/ 87 KB
31 KB 7ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 19:50:28 GMT
content-encoding: br
age: 213399
x-guploader-uploadid: ABPtcPpbU0WdJBsVoVXoyjdgUZ75NWFXP8IGkChS3m4PZlUsQNS-o6gN71pRHAcHYUJEXuOt3IeOTa_kyw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31589
last-modified: Tue, 30 Jan 2024 20:16:29 GMT
server: UploadServer
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-goog-generation: 1706645789533091
x-goog-hash: crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 89476
accept-ranges: none
content-type: text/javascript; charset=UTF-8

GET
H3 200 local_storage_frame17.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame 0455 2 KB
969 B 8ms
7ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 1500265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 938
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 22:22:42 GMT
etag: W/"fc893948c3efc689b5b19d8a77958e23"
last-modified: Thu, 11 Jan 2024 16:26:08 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1704990368356821
x-goog-hash: crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2408
x-guploader-uploadid: ABPtcPqIWy9o1-cPbz4ClAYYmWqTgHSWVYCP2H5_eij1c6pSj2B0tIqE7-OHD88Vw7YR6x-hu1Q

POST
H2 200 p
tr6.snapchat.com/ 0
47 B 51ms
18ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 exist Show response
srm.ba.contentsquare.net/ 2 B
94 B 108ms
34ms Fetch
application/json 52.214.37.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srm.ba.contentsquare.net/exist?v=13.83.0&pid=1926&pn=1&sn=1&uu=5066bf07-eb87-a4dc-9284-7ee6c4839e36
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.37.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-37-10.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 07:07:07 GMT
content-length: 2
content-type: application/json

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 26ms
26ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

5293e3d1f06d73bbd75b83ab1fd1e3020fd5fc1143e2d628d09cd6dc56f9b427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.926656b8.1707203227.65b43975
etag: "ac8a351969e6397350708173ca06e5ca"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
content-length: 2079

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame A9C2 565 B
626 B 43ms
43ms Document
text/html 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.926656b8.1707203227.65b43976
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 07:07:07 GMT
pinterest-version: cfd4e862d9e3481a2f60d0bf6fccc06d9ddb0948
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 5947736893585072

GET
H2 200 promotions Show response
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 3 KB
2 KB 229ms
229ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2024-02-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

cdabdca122a95c86d013bc3792c3fa8b6d610fddc9724b16360821de4c63dcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118de98813242d
via: 1.1 126003024013d7796bcff80bddb86460.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669826 tts/1697558664636 ti/5a0c9b7732f01c35d421038a ai/5a0c9b7732f01c35d4210324 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=46
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2024-02-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118de98813242d-IAD
x-amz-cf-id: 2q4fTxcYYeE0GhLL6tAIfBW-lJswMPTzVK16IIs_UNFuqrU820VafQ==
x-yottaa-metrics: 33218cae0c7e/[124,121,-] 33D18cae0c93/[-,125.012]

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame BA61 435 B
1 KB 280ms
279ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4946b4ad7626b87d1172856fd0ec2ee7bd1c7b4d2194ee890f996430ffbe4820

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-NuWz/XU/KNDwjj+G1+CAY/An4y24c1GpjBVCpVAru5UaQzCg' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-NuWz/XU/KNDwjj+G1+CAY/An4y24c1GpjBVCpVAru5UaQzCg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Feb 2024 07:07:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f655261686f6f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f655261686f6f-64f8ec8b94f12198-01
x-timer: S1707203227.246769,VS0,VE272
etag: W/"1b3-mdDApGzsunJsyXhLuAdANvZFws8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 200ms
200ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 06 Feb 2024 07:07:07 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f6552616e86d8
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f6552616e86d8-42e2e493684db26c-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-eddf8230084-FRA, cache-fra-eddf8230084-FRA
x-timer: S1707203227.045419,VS0,VE192

GET
H2 200 promotions Show response
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 1 KB
1 KB 204ms
204ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2024-02-gwp-%2435&locale=en-US

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

2de68a6dc3817d48b67a7a0c134c34ba7d02d6fe9a0380e8f1ad3501899d0ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118de99e710818
via: 1.1 8fa28ea6822ca26d5e4ee61db4a1135a.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669827 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=44
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2024-02-gwp-%2435&locale=en-US
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118de99e710818-IAD
x-amz-cf-id: QQ7j8iDLArpR2-Nppn8-cxChqtCTOb58nehL0QcDAhD1v-EJ5rdrEQ==
x-yottaa-metrics: 33218cae0c7f/[98,97,-] 33D18cae0c93/[-,99.185]

POST
H3 200 p
tr.snapchat.com/ 0
15 B 19ms
19ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.elfcosmetics.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pout-clout-pen-bs-2024-01-19-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 30 KB
30 KB 22ms
22ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/pout-clout-pen-bs-2024-01-19-image-3_D-min?fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

03966b1fc6b3f2cdef1a46df52094209b5edb7772d9dc4c70d638abbbfb1b2c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: gssoa82dq,l4p5bDg2e,vqOuqrwHe,DtzGFM5oJ
x-req-id: Z7kY9wpahy
content-length: 30848
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Mon, 22 Jan 2024 17:53:28 GMT

GET
H2 200 valetines-day-2024-01-29-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 38 KB
38 KB 23ms
23ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-3_D-min?fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

6d97ff963aee1b37773794c4dfa9f69345ad53a777a53e0c8e877f1f9932fa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: rqlI3LyEt,l4p5bDg2e,WgG9ZJtbq,WepA0szpz
x-req-id: bjA-EfPt8y
content-length: 38906
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:22 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 104ms
103ms Image
image/svg+xml 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 7d2e8c2396efd943b9c80d028e8585f6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 909160
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/33D18cae0c93-1706292485-4147431437 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cec/[3,-,1706294057079] 33D18cae0c93/[hit]
x-amz-cf-id: 4Q_Yx-3OqnvJUdmyn_rBQCnw26GjkswnUtN9JVzf4BY_G83Tx2jFfQ==

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 297 B
840 B 613ms
613ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d7c18238ac5c33c43cd363223425513a8573588a44c56bd69254c644b70ac5fd

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
via: 1.1 126003024013d7796bcff80bddb86460.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 297
x-amz-cf-pop: ATL58-P9
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669830 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 27e4acea-aea2-4727-bd73-341a8717b3f0
x-cache: Miss from cloudfront
x-amz-apigw-id: Ss8YVEK5CYcErJA=
content-length: 159
etag: W/"129-e42/HIeyKwXIaEcUQD0elNdPJJI"
x-amzn-trace-id: Root=1-65c1da9b-01c7d0bd2361abbf297e5a73;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 33218cae0c81/[508,507,-] 33D18cae0c93/[-,509.395]
x-amzn-remapped-date: Tue, 06 Feb 2024 07:07:07 GMT
x-amz-cf-id: PvoYOjZjEO7DXX6pS4nUmksWK_-d6e-OmlvkRZQOnc_wVcL7zxXbbw==

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 296 B
838 B 642ms
641ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 3846e6e40dbd48c5e84c21ea9273db969b6f87d9b1f4ce3b6a0c26dddb29ba5a

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
via: 1.1 eff9b403ff1afb509ff28dd4b9bdc7f0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 296
x-amz-cf-pop: ATL58-P9
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669831 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: bd4f242b-589c-42dc-9683-af5fab463008
x-cache: Miss from cloudfront
x-amz-apigw-id: Ss8YVExmiYcEvaQ=
content-length: 156
etag: W/"128-bhJZIgPvBgcQgPIldJPqiBXlVM4"
x-amzn-trace-id: Root=1-65c1da9b-7777c8067834d2842407ab53;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 33218cae0c82/[536,535,-] 33D18cae0c93/[-,537.819]
x-amzn-remapped-date: Tue, 06 Feb 2024 07:07:07 GMT
x-amz-cf-id: HdTiTQS2a0n9uaG-9UYZSnBsqOgj52O9bwjNWiMbvsKSv5s9-NwCLA==

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 10 KB
3 KB 41ms
7ms Script
application/javascript 18.66.122.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-54.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68f6710cb2cc63e278cd3be6a0593c700b3ac346e36c1d636c5c13374dc20e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:51:50 GMT
content-encoding: gzip
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jan 2024 11:26:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 918
x-amz-server-side-encryption: AES256
etag: W/"d34fe38d39e71cd6ace9ab1bfc0bb10a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: bgY8inNcaVx3nurBnWsgY64yrKh1tnqSdBWYV1OCj1rFF9ut61CDnQ==

GET
H2 200 company_toolkit.js Show response
cdn-scripts.signifyd.com/api/ 4 KB
2 KB 7ms
7ms Script
application/javascript 18.66.122.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-54.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:59:53 GMT
content-encoding: gzip
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
last-modified: Tue, 30 May 2023 10:18:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 435
x-amz-server-side-encryption: AES256
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: eLkcfb63Hga8xB7eMDw57PUjk20tAL2sjZzQ4t0PCGa2Itu_KUrXpA==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 106ms
106ms Image
image/svg+xml 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:07 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 7d2e8c2396efd943b9c80d028e8585f6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 909160
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/33D18cae0c93-1706292485-4147431437 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cec/[3,-,1706294057079] 33D18cae0c93/[hit]
x-amz-cf-id: 4Q_Yx-3OqnvJUdmyn_rBQCnw26GjkswnUtN9JVzf4BY_G83Tx2jFfQ==

GET
H/1.1 200
OK uulfjc3j5dhyj2bb.js Show response
imgs.signifyd.com/ 95 KB
14 KB 52ms
16ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/uulfjc3j5dhyj2bb.js?go5c1wbazsw1nvcs=w2txo5aa&gv4ykmh677vq3pq8=LzY2NWU5OTQ0OTk4ZGUxNDlhNDIxOWQxYTJi

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

99b99d06d31e2e47eb6e9d79073d8234de93298a7fb0dd0b54e8ba7ffe8c29b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 07:07:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK MUuMgOl28eaBJ0J2 Show response
imgs.signifyd.com/ Frame 7B8C 272 KB
46 KB 22ms
21ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/MUuMgOl28eaBJ0J2?28e409d6431bca59=ZjdyTJyaLODiNcOMtlYq1loxJKqNpgt4HuZ9E-kOCdcbenpPEtK9isiUWmfMi7Xq78gQvwa5F9aDCcF_I13T7QH7Rml81yWTxjh_NkCYt8qTf0QmXXyx221VQI_Ruug8IrddF2HaEpwuHsCDNLfDdTEOSE5dRNuQ0G0NkNzObMCv0RfAN3LkVYg0ghDHMWiD-3yNnxk2LPc7kJhF&jb=3d332e2460716f753757696e6e6f7d732c687367375761666e6f7f7b2f3030393926607b6a7f354162706f6d6f266a73683d4968786d6d6d2f3238393831

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/uulfjc3j5dhyj2bb.js?go5c1wbazsw1nvcs=w2txo5aa&gv4ykmh677vq3pq8=LzY2NWU5OTQ0OTk4ZGUxNDlhNDIxOWQxYTJi

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

89f94df59a253fc0235224eb3f05fb74e284f181efbe9b9948489c140957aa7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 07:07:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: fdfb35ff560551e0
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK CcOgjiWrjC_03D2Q
imgs.signifyd.com/ Frame 7B8C 81 B
475 B 35ms
12ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/CcOgjiWrjC_03D2Q?c74eda377e61b1fa=vEAU5OQ96NWjJbOQrsrIm1-TugRPid7-1-rX9HsCL9_qqY-W2LZx8cHrGWVLHnd6UzK3Jr7clInxj-EeAy545rIHLy4IWJZAMynfoA2Nm0AH8i_4NnjLIEtcd68xJllt7RsOLdjLeFMMFtMXEumaAB40r6C5U3OLzZ59U04

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 13wxqShsesU7sdD0
imgs.signifyd.com/ Frame 7B8C 81 B
475 B 36ms
12ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/13wxqShsesU7sdD0?14cff632cae1ddf3=C3XeOh3J5DxIYq35Ba82rSo6Avzzv6v5fdwfanM9QjKG75FwptsCzm_pI3tmMRDwwkLLeYinH2k853dgKOKAkK_Sc9sGAZug0avRlx1w47u6jvLU8Bw_Ck6Smh5vEeqFm0xel3q_vSBVMTP7HIxM9VUMaSY5lZ94ZtoUF9U

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET 458359.gif
idsync.rlcdn.com/ 0
0

GET
H/1.1 200
OK clear.png Show response
imgs.signifyd.com/fp/ Frame 7B8C 81 B
536 B 37ms
12ms XHR
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/MUuMgOl28eaBJ0J2?28e409d6431bca59=ZjdyTJyaLODiNcOMtlYq1loxJKqNpgt4HuZ9E-kOCdcbenpPEtK9isiUWmfMi7Xq78gQvwa5F9aDCcF_I13T7QH7Rml81yWTxjh_NkCYt8qTf0QmXXyx221VQI_Ruug8IrddF2HaEpwuHsCDNLfDdTEOSE5dRNuQ0G0NkNzObMCv0RfAN3LkVYg0ghDHMWiD-3yNnxk2LPc7kJhF&jb=3d332e2460716f753757696e6e6f7d732c687367375761666e6f7f7b2f3030393926607b6a7f354162706f6d6f266a73683d4968786d6d6d2f3238393831

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, w2txo5aa/fdfb35ff560551e0lzy2nwu5otq0otk4zguxndlhndixowqxytji
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 07:07:07 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 06 Feb 2024 07:07:07 GMT
Server: Apache
Etag: da5e887ed3354a83b0d272b40651dee6
Content-Type: image/png
Access-Control-Allow-Origin: https://www.elfcosmetics.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sun, 04 Feb 2029 07:07:07 GMT

GET
H/1.1 200
OK hiK29c78vVdVJf0G Show response
imgs.signifyd.com/ Frame 069E 90 KB
14 KB 15ms
15ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/hiK29c78vVdVJf0G?6bac406573eb6b9e=Izh_4veYY6fMEtyy7krqbWVmnJjIdX7eBCWZFhHz1h2NRiXqERqYxCfM1uhCs1JGIcZTm_RXcnYQFNVHZEMIhZbbKYiH5tZbFB4TN-1a5c1nqt7VgrGPA9905AlxBm8nbUfyjtCWzseH2O-PMa5ji_3bvK9xbWmp8T9Mq3V90pGkJND9uprRiZC-VEz7aP4CMCjbxA2KmvpV2JxPlDA

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

50833b357bad5fd7e0c2788a0f13752119ece20a8187fa62446664ebc711be1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 06 Feb 2024 07:07:07 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content tHi7HKC6l6B2mHD5 Show response
imgs.signifyd.com/ Frame 7B8C 0
387 B 13ms
12ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK tHAOR_JlgyU0bgSh Show response
h.online-metrix.net/ Frame 980B 103 KB
15 KB 51ms
15ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/tHAOR_JlgyU0bgSh?17832a3ef0a249f2=ZaRJi_4TDwrdYFaQcizL7oHH7olcUdOpRItFtnZiXMfKzWiLOH7znzOXDyRmlq8ucWiH62W7w8r1PP2PcsYVTgxcJYXEDKoJK2Bkv6ZB9ifYdJkh1WH-v1M8h446V5mdnGsmgcK03Xw5EZcQ8C-uc-Q-UPjEN96IRzFsjcpp0k1X8nb9EjADanr3wXuUAuY__JcTnHj25nTrqlXzcb1q

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

b1b1392ef0e1dce87748f06d6839cb8b1490ba69f5f7a35b861e4dc75536c8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 06 Feb 2024 07:07:07 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK AJbgTcIZnnzkynQb Show response
imgs.signifyd.com/ Frame 248B 90 KB
13 KB 15ms
15ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/AJbgTcIZnnzkynQb?eb6a23bb9ada8eb1=ovm3zGCWF57RGA58UP87ooB8DONNj3qAARosSsQDDVmWhUr5LBrCPuSGm_2nuTtzfx4ZlR2a-V9WqnxLpa9NC0hRLXtjSrWD_xKi5Bs6lY4F2eo2tSIJd7O8KZ42FYWJbNHVDfEpLSwjMVaAyFNW2rEDBTRykcmE4tcUovKl_dhHgT8tw_PjMub21CozBWtZquUQFOVePnh-6AQE6y9T

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

591965eaf257ec1a56f9d96013a93c5590e2188a781a8d21bb4d25c41592a15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 06 Feb 2024 07:07:07 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 tHi7HKC6l6B2mHD5 Show response
imgs.signifyd.com/ Frame 7B8C 0
218 B 13ms
13ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/tHi7HKC6l6B2mHD5?4dce9017ddced1ad=d4gmjI-ZRb3CTKVpmjkgq_lRj5vZBGhTM6IztAdRAvHKTCdlObxyr8jOMVhj1bRNu06CFOTt8syk-RTo5cpFKzwf0ChrRoBzk0QrI1faWBzBK02KOBvFQAgut7QYAZzbnthPwF-Muf37IIGaWTiKmyrzhNU&ja=39323d312c24633d3c30267a37363a266c3f313e3a3070393830382e6b643d393e303a70393838322c717879373078302c647a7237332c393c3038243b32383826333638382c3b3a383a24333c32302c3b32303026313c303a2e313a3a30243826302e657e3f613030326b6a6b6e6b353d6664666e6639656b383e313b3637383c6231693d612e65643f342e7b636e353a3e2e6e623f68747e70732539412f324c27324e7d777f266f6c6e6b65716d6d7c69697b2669676f2f3046267a6c3d332c70623d3d3a663a3261693e68636e6a6f33313b6a3739303f6b6d326e316264683264342c68623d6e64383b6b36306a39303d6a3c37633e3c393a3131336961693165316b6365612c6a796f375569666e6f7f7b2f3238393b246a7b6a3d49607a6565672f3030313831266a796f7f3d5d6b6e6c65777b2e60736a7d3741687a676d6f2e66626b3f3e246e64673d3826646d7e703732267c7064354d7f7267786f27324e4a65786461642e6f6b7668723734303039643b633860656b3a326d3e69633d3e3a32383a69643b3d3d3e38336c663435323831343b643c656b63323c6e63313c6b666a6c3d3033393b31333e692c6c70376a74747a7325334b2538462f30467f7d77266d66666b67796f657c616379266b6565273844267037706c756d69645f6c6e617b62253d4d6c61647b6f2370647d676366577d616c6e6d7773556d6564636155706663796d78253d4d6c61647b6f2370647d676366576b6c6d68675f6169726f626b742f354f6461647965297866756f61645d717d6163617c61676d273f476661667365217a6c7f67636c5f7b626f6b637d617e6d2f37456e696c796d297a64776d6b6e5f7865616c7a6c6b796f70253d4f6669647965297866776761665f7c646b55786e6b7b65722f3545666b6c79652b726c7d6d6966576e657e696674722d3d456c6964796d237a6e7567636e5f737c6755766367776d78253d4d6c61647b6f2370647d676366576069746b2735456c616c736f266d6c55613d7f6f626f645d656a4f46273238392e3a2d3a3a204d7a676e47462532304f532f323a302e382f32384b6272676563776d215f65684f442f3a324d4e534c2f323045592538303b2c302d383020477a65664f462732384d532f3a384d4451462732304f5325323a3124302f30304b62726765637565215d67624361745d6d6a4161762f3030576f62474c4b4e4d4c4f5d69667974696669656c576b70726971732f3b4a2f3a324f5a545f686c656e6e5f6769646f61702f334a2d38304d505e5d6367646f78576a7f6e646f705f686b6c665f6c6c65617e27334a2f32384d5254576c6f72746057636669657a2d31482732304f58545f6c6c65617e5d62646f6e6c2d39422d3a3a47585c576678696f556c677a766825394225323a455254557168696e657a577e65707c7f706557646f6e2d3b482d303a475854557465787e75786555616f657a726d7b796967665560707c6b25394a2d38384752565f746f78747578655563656f707a6f737b61656e577a6d76632d3b422f3a384f5056557665787e7572655566636c7e6772576b6e617b65747a677a6b632d3b422f3a384f505655715247482533422f323a4f4f515f6d6665656d6474576164666570577563667c2f3b402f30304f4f535f66686f55726f6c646d785f65617a6d69782f31422d3a30454d5b557b766b6c646178645f646f7263766b76697e6f732d3b48253a38454753577c65727c7d786d5d6c6e6f617e2533422f323a4f4f515f7c6f787c7d7865576e666d617c576c63666d6b7a27394025323a4f455355746f787e77726d556869646c5f6e646563742d3b422f3a38454d51557665787e75726555686b6c6c5d666465617c576669666d6b70253b4a253838474f5b5d7c6772746f785f6178726b79556d62626f637c2d39422d3a3a55454a4f4c556b67666770556075666c65725f6c6c65617e27334a2f32385f4f424f4455616f6578726f7b7b6f6c5d7e6778747f72655f6b737e632f31422d38305f4d48474457696d6d787a65797b6d6e57766f7a747578655f657e632f33482732385d454a4f465f6b676772726d7b736f6c577e6d7a7e777265556574633b2539422f30305f4f424f44556367657a70657b7b656e577c6f70767f70655f793374632f3348253832574d48474457696f65787867737b6d64557c6d727c7778675f733974635f79726d622f31422d38305f4d484744576e67627d6f5f786d666e6d706f705f6964666f2539422f323a55454a4d4c576c6f707c60557665707c75786d2d394a273832574548474c5f6e726b775560756e6c657a7b2f334a2d3832574d4a47465764657b6755616f6e7e6578742f3348253832574d484744576775647c635d647a69772f3b4a2f3a325d474247465f706f66796d6f645d6d676e65393e2c676457623f343d3f6333383f3a6e336b3265643a6134356f316e346f61396c3366306b3a636b3c6861646a69392c7f6f667e3f436c746566253230436e692e2c756764783d41667e65642d3832497a61732f3a3845786764454c253830456e6d6964652c61636c3730&jb=393f3d2466733d4d657a696c66612f324c372e382f3238205d69666c6575732d3a30445c2d3838333a2c3025394225323a57636e3c36253b48253a3872363c212f3030497870666d5f6f6a49637625324c35333724333c2538322843425445442f324b2d38326c6163652f3a384d6d61616d292538304368786f67652f304639383126382436393e3d2c313b312538385b6b6e63786b25324c35333724333c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 07:07:07 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK WMix1MkxpPiLVRht
w2txo5aaynxwdj6jzdesj6dxa6p2aau572n7c47hfdfb35ff560551e0am1.e.aa.online-metrix.net/ Frame 7B8C 81 B
438 B 68ms
12ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w2txo5aaynxwdj6jzdesj6dxa6p2aau572n7c47hfdfb35ff560551e0am1.e.aa.online-metrix.net/WMix1MkxpPiLVRht?ecb5683c8cfaf36f=tlXNN5JFE9t4_joyYVwWWPpONTRMMjo2OMOh5DxIfZA33qIfted17Ns-uRwem6EGp8RNgj5PEhTwKKZaFp4NEnUQ1GGkbvNNNComMrZa15IHy0AJMxiTBFrT2_NOGUR9D-oyWNpYUbB8USlObVcyRjtQ9H9aCjdu9F5q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content 3ccmFoUurEm5SgGy Show response
imgs.signifyd.com/ Frame 069E 0
387 B 12ms
12ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/3ccmFoUurEm5SgGy?65aee36e9fec44f8=Ju6zdEIhIgE6WaK122NIERI-N81XyrDfq2o5C7EwziupbAjkFp6lpYK7QQbjQo988BryH0CRlsUJx9y1fzNtH13EYzXk6FzAJHXbTnIrRqRsYrBI5zABmd3r9fEeuzYKOa_bo-QFHIj9uGBmMuBNaylNBc4&jf=3b3c2e6e79603d376b6136383e613b313e33313c6b6430313f64313c3361323f6c356f3a693e3d

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/hiK29c78vVdVJf0G?6bac406573eb6b9e=Izh_4veYY6fMEtyy7krqbWVmnJjIdX7eBCWZFhHz1h2NRiXqERqYxCfM1uhCs1JGIcZTm_RXcnYQFNVHZEMIhZbbKYiH5tZbFB4TN-1a5c1nqt7VgrGPA9905AlxBm8nbUfyjtCWzseH2O-PMa5ji_3bvK9xbWmp8T9Mq3V90pGkJND9uprRiZC-VEz7aP4CMCjbxA2KmvpV2JxPlDA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgs.signifyd.com/hiK29c78vVdVJf0G?6bac406573eb6b9e=Izh_4veYY6fMEtyy7krqbWVmnJjIdX7eBCWZFhHz1h2NRiXqERqYxCfM1uhCs1JGIcZTm_RXcnYQFNVHZEMIhZbbKYiH5tZbFB4TN-1a5c1nqt7VgrGPA9905AlxBm8nbUfyjtCWzseH2O-PMa5ji_3bvK9xbWmp8T9Mq3V90pGkJND9uprRiZC-VEz7aP4CMCjbxA2KmvpV2JxPlDA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 104ms
103ms Image
image/svg+xml 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 7d2e8c2396efd943b9c80d028e8585f6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 909161
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/33D18cae0c93-1706292485-4147431437 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cec/[3,-,1706294057079] 33D18cae0c93/[hit]
x-amz-cf-id: 4Q_Yx-3OqnvJUdmyn_rBQCnw26GjkswnUtN9JVzf4BY_G83Tx2jFfQ==

GET
H2 200 82292 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 74 KB
7 KB 320ms
319ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82292?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

761fbc0379aab589a42e73101da2b1b40a34f1a9ba70c2f4d2f1ec5092d01779

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118df0d8ba056d
via: 1.1 97b305844cde7654074bc07393573ad0.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669834 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=12
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82292?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118df0d8ba056d-IAD
x-amz-cf-id: vyyCAvApSixt_Dszu11QI3q693kYzy8E6VVZh4Jm6BA3N888g0vkoQ==
x-yottaa-metrics: 33218cae0c83/[116,115,-] 33D18cae0c93/[-,117.679]

GET
H2 200 22092 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 72 KB
7 KB 320ms
320ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/22092?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

a489731ada7854359a101cf042a12d606196d394a3398bbad401ba5ffc08fb75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118df0ddf48232
via: 1.1 eff9b403ff1afb509ff28dd4b9bdc7f0.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669835 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=12
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/22092?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118df0ddf48232-IAD
x-amz-cf-id: y0QbVyuhgxCeIwb1SYWG_jLgb9WX4X3TAARjpVFD-nH_BxzS_mTiUA==
x-yottaa-metrics: 33218cae0c84/[130,130,-] 33D18cae0c93/[-,132.246]

GET
H2 200 82004 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 69 KB
7 KB 467ms
466ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82004?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

44c5ebeaad7221daeca8337bd2c99016040fca028d360058a9ffde3d3d025b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118df0d96b3ae7
via: 1.1 126003024013d7796bcff80bddb86460.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669836 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=60
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82004?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118df0d96b3ae7-IAD
x-amz-cf-id: vLO3PMz4bdX4Plq5ct9s62SPOT0u34r0Z7JrawNz6DytTxasKFi-3Q==
x-yottaa-metrics: 33218cae0c85/[361,360,-] 33D18cae0c93/[-,361.276]

GET
H2 200 81789 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 209 KB
13 KB 422ms
422ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/81789?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

d6a27215c16c90e005ae9fd54059735d3fe9d6a0fde511ac193309669ad319b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118df0dab459c2
via: 1.1 66f329715210d11f7f450b703957691a.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669837 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=11
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/81789?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118df0dab459c2-IAD
x-amz-cf-id: 5jImQcESNntatObnhk-29wa6xGSUavf_rPgHVrlMfklrYIiVGzDCWw==
x-yottaa-metrics: 33218cae0c87/[150,149,-] 33D18cae0c93/[-,151.575]

GET
H2 200 85960 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 45 KB
6 KB 216ms
216ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/85960?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

293c1373e31fe0457047ec438820c60a54faa4344cd7a7119ea768860ce1a7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118df0da573b96
via: 1.1 97b305844cde7654074bc07393573ad0.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669838 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=12
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/85960?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118df0da573b96-IAD
x-amz-cf-id: F8VylEAZAsmUd3bgNoqCLuSJApCBHJgElDEQtgtT-y3N_eXenqjfMw==
x-yottaa-metrics: 33218cae0c86/[109,108,-] 33D18cae0c93/[-,110.266]

GET
H2 200 82292_d77759_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdb8d957b/2023/PoutCloutLipPlumpingPen/PinkyOut/ 309 B
936 B 115ms
104ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdb8d957b/2023/PoutCloutLipPlumpingPen/PinkyOut/82292_d77759_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 72d481f7a20131369585280bca5d51f098c22cf79a2dfe11bb5d4ce0e814c7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 ae8b72a635cf1b2a87cd55853de0b1a4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ATL56-C3
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1705527385-9293475185 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1550047
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 309
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Tue, 18 Feb 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c27/[3,-,1705651372668] 33D18cae0c93/[hit]
cf-ray: 847d8ed6cd82b0bb-ATL
x-amz-cf-id: D6qpEnwD1QbAoBpRVwJ0wGZJswXRwdOKts_c19hHUrCqozHDmRhdXw==

GET
H2 200 82290_efeee9_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1904084f/2023/PoutCloutLipPlumpingPen/InTheClear/ 289 B
915 B 116ms
105ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1904084f/2023/PoutCloutLipPlumpingPen/InTheClear/82290_efeee9_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 76cdc759e378fa1ef1f13fc5e60edbcc0670fab791b76e61d65bd74961e84d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 e9ccfc64a258a54713bd10d2909e5b7a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ATL56-C3
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1705527385-9293475186 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1550047
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Tue, 18 Feb 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c26/[3,-,1705651372647] 33D18cae0c93/[hit]
cf-ray: 847d8ed6c9367bdb-ATL
x-amz-cf-id: vJCANgC1W7uu73t7IAc3CRtFCq8p2RDODX6ZdgTZ-cKzNZlRB5-A5A==

GET
H2 200 82291_efeee9_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw22a61a5d/2023/PoutCloutLipPlumpingPen/JustPeachy/ 303 B
929 B 116ms
105ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw22a61a5d/2023/PoutCloutLipPlumpingPen/JustPeachy/82291_efeee9_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: fc69e12a63b78030d4236815d85bce291387c1b845927d50cd6fb71ba64109d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 16c1a730ec70b427e8459874cc1e98e8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ATL56-C3
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1705527385-9293475187 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1550047
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 303
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Tue, 18 Feb 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c2e/[4,-,1705651372653] 33D18cae0c93/[hit]
cf-ray: 847d8ed6d9bf1387-ATL
x-amz-cf-id: uIulf8KjzEfhKDDTjH8EGgrItwFkPQjpCYEHvUBXwcMdr_NqtMtLtA==

GET
H2 200 82293_b15c42_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw316cf920/2023/PoutCloutLipPlumpingPen/Toasted/ 309 B
936 B 220ms
209ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw316cf920/2023/PoutCloutLipPlumpingPen/Toasted/82293_b15c42_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 72d481f7a20131369585280bca5d51f098c22cf79a2dfe11bb5d4ce0e814c7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 43fc8b1935ca7c32b49d8686f356f3c0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ATL56-C3
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1705527385-9293475188 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1550047
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 309
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Tue, 18 Feb 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6b/[4,-,1705651372647] 33D18cae0c93/[hit]
cf-ray: 847d8ed6dadcb11e-ATL
x-amz-cf-id: fsPwNYqUlIL2hN9HtVKq4mdGav7c8PIRyGMmGnm_RIIKAKSXy4BFkw==

GET
H2 200 82294_6f4335_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw05471bf3/2023/PoutCloutLipPlumpingPen/BustaMauve/ 310 B
908 B 220ms
210ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw05471bf3/2023/PoutCloutLipPlumpingPen/BustaMauve/82294_6f4335_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 521b556af81f230eb308ac3dacc6848e359a524f58ad9b31bc7f218664d7ee7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 b7b65c42276ffc2575e86d10c2876348.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: ATL56-C3
age: 1550047
x-amzn-requestid: d4f9fe9e-1c4e-4208-bdf8-30dea2e40c1f
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1705527385-9293475189 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: RxvftGMuIAMEX3w=
content-length: 310
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-65aa2c64-5d85383937ac686800792934;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6c/[3,-,1705651372653] 33D18cae0c93/[hit]
cf-ray: 847d8ed6daf953c3-ATL
x-amz-cf-id: SiuHdEuydPzggk19reg3_mSvP5imLk6ZS3blKAXvsgoeoe-WTWyMjg==

GET
H2 200 82295_902939_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5509677c/2023/PoutCloutLipPlumpingPen/PlumOnOver/ 312 B
909 B 221ms
211ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5509677c/2023/PoutCloutLipPlumpingPen/PlumOnOver/82295_902939_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b6045de830d5a1427b1d82ad89e8719f0679efa99be8aae15ab76cef2fa9d60e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 a53c5eb15bcdaa306b21a04e191f78de.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: ATL56-C3
age: 1550047
x-amzn-requestid: ad1a69d0-cc84-41a3-8e68-922856bff24a
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1705527385-9293475190 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: RxvfjFBNoAMEa5g=
content-length: 312
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-65aa2c63-7497ec812c7a30f34ce486bd;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6d/[3,-,1705651372660] 33D18cae0c93/[hit]
cf-ray: 847d8ed6ebe47be2-ATL
x-amz-cf-id: O-dLF-miwKke_XJ-sTF4_vZRiwpyeYH-1VPcK48AoRgP2c1F5CJDWg==

GET
H2 200 82296_cc262f_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw41aced7b/2023/PoutCloutLipPlumpingPen/RedMyMind/ 311 B
910 B 221ms
212ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw41aced7b/2023/PoutCloutLipPlumpingPen/RedMyMind/82296_cc262f_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d9f35b91794a215842c6dd0689adc9a714a9a321e368b1b4cbcfcad98113c6f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 e779e6690108fc19727694cd1f90461a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: ATL56-C3
age: 1550047
x-amzn-requestid: 2b21a53c-0d00-41cd-8c6f-09667ee64619
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1705527385-9293475191 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: RxvfhFe_IAMEnSg=
content-length: 311
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-65aa2c63-0566b25b391d0c94180c6724;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6e/[3,-,1705651372665] 33D18cae0c93/[hit]
cf-ray: 847d8ed6eef153bc-ATL
x-amz-cf-id: dHYlIeXVS7l-Vh8UibCnDLz8SPk51fUb0FfGO983fjY5zFCvWmRwrQ==

GET
H2 200 82297_561f10_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw76cf3bb1/2023/PoutCloutLipPlumpingPen/WickedCherry/ 315 B
914 B 222ms
212ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw76cf3bb1/2023/PoutCloutLipPlumpingPen/WickedCherry/82297_561f10_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f524d22c03b99f5dac2d22e9987e41bbf29c83972ec1f023e2fdb3f7c374333f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 2c65bede0f52554bf32fd64f7dfa83d0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: ATL56-C3
age: 1550047
x-amzn-requestid: 183bd5c8-5447-4355-9af3-39c3ccb18869
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1705527385-9293475192 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: RxvfhFmKoAMEP7A=
content-length: 315
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-65aa2c63-3cfa5f3d6a40923612f2fa1e;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6f/[3,-,1705651372676] 33D18cae0c93/[hit]
cf-ray: 847d8ed6eddc0703-ATL
x-amz-cf-id: 2q_knHKrWJ34QF2VArWBBAvBNdli-Mp-X2jfD8AyUgDUFaCEUVNkZg==

GET
H2 200 22092_c27b75_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw094bb7a8/2023/CreamGlideLipLiner/ 303 B
907 B 223ms
214ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw094bb7a8/2023/CreamGlideLipLiner/22092_c27b75_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 1b054a2373ab46b72eac91fa53871f6fdd4469ec90e9aae0fcbb46342e9c69b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 8a1c6fc7799866e8dd40e6d19e78d394.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781387 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091645
content-length: 303
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c28/[3,-,1701106397096] 33D18cae0c93/[hit]
cf-ray: 82cc1d85be19b045-ATL
x-amz-cf-id: xPYsSoPwvSKhTT0Jb5KIKKVePYSCzXiu2wzpXVdSgJDnVa505hTAWQ==

GET
H2 200 22090_8b645c_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw95683555/2023/CreamGlideLipLiner/ 306 B
908 B 225ms
215ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw95683555/2023/CreamGlideLipLiner/22090_8b645c_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 7edc838de142afdde6ee28ab5df6c24df48525959a77805928b7673357040953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 a53c5eb15bcdaa306b21a04e191f78de.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781388 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091645
content-length: 306
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c27/[2,-,1701106397099] 33D18cae0c93/[hit]
cf-ray: 82cc1d85ce51b0c4-ATL
x-amz-cf-id: tEIsV0yb10Z07zIczseghCmUv9MKSGXNOOFb3jpU2GXoS4rfNolZ7g==

GET
H2 200 22091_be7472_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dweac2d3e5/2023/CreamGlideLipLiner/ 303 B
906 B 222ms
213ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dweac2d3e5/2023/CreamGlideLipLiner/22091_be7472_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 5398968be9f49371bc4215a9cb5cad38269ab93075b72dac187f45ae3ba04ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 795fca0399f361701665c0d9fab45324.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781389 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091645
content-length: 303
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c26/[2,-,1701106397105] 33D18cae0c93/[hit]
cf-ray: 82cc1d85c82fb103-ATL
x-amz-cf-id: SaJsD3ZCjpmr8dU_R7DtI7UtSRR7fnNXVKbnRanmr4kf7AbvGK-YUQ==

GET
H2 200 22094_9e5755_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2dd0c30c/2023/CreamGlideLipLiner/ 310 B
913 B 224ms
215ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2dd0c30c/2023/CreamGlideLipLiner/22094_9e5755_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 2e72d5ff50ff3eacfa59b2ffad79b937577aeabfbacfe9a0b4f68192c4b3cfe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 7a220a3092d83b83525989666566c488.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781390 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091645
content-length: 310
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c2e/[3,-,1701106397101] 33D18cae0c93/[hit]
cf-ray: 82cc1d85c97eb172-ATL
x-amz-cf-id: t6SDn_NBGpg2Yy7fUrBqTtvTE0_IEw2-aQv6IYuU5cTPL7jp2rp3vQ==

GET
H2 200 22095_a57368_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5f33333b/2023/CreamGlideLipLiner/ 303 B
905 B 321ms
313ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5f33333b/2023/CreamGlideLipLiner/22095_a57368_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 5e7fa7d432773d5968e98fe4118396e67e1ebe4085a5bee83b57bce0bbf5e8f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 19c90aaf264c1d4a8a4998c655a5243e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781391 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091646
content-length: 303
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6b/[2,-,1701106397094] 33D18cae0c93/[hit]
cf-ray: 82cc1d85ca24b06a-ATL
x-amz-cf-id: 8eCaS_u9qROxcxuEZB0n-qa-y4vBZbrLHM7AWe-Dv87oto_0aLQRlA==

GET
H2 200 22096_92674c_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwa98a9212/2023/CreamGlideLipLiner/ 302 B
906 B 322ms
314ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwa98a9212/2023/CreamGlideLipLiner/22096_92674c_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: e823d829f383704a61c26381c7010a9af9851c52cb93c831a8c73a0127f04e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 5f96bc4a22f6baa91bf4a4bb246e4ff8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781393 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091646
content-length: 302
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6c/[3,-,1701106397104] 33D18cae0c93/[hit]
cf-ray: 82cc1d85ce6569f7-ATL
x-amz-cf-id: CfDPTNrfZdjY5Ro0BDHGx4y8jUfD9141Y5ks95APwqsDXIn4Zf-8BA==

GET
H2 200 22097_f54b4a_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbc79dfb4/2023/CreamGlideLipLiner/ 303 B
906 B 323ms
212ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbc79dfb4/2023/CreamGlideLipLiner/22097_f54b4a_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 644369dc2f4a20a6681cdc05e12af7d050996a4da8bc083b0bb12ae2cde7b3cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 f3ee8ae60de459e8972313e578c7addc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781394 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091646
content-length: 303
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6d/[3,-,1701106397111] 33D18cae0c93/[hit]
cf-ray: 82cc1d85db7a53d4-ATL
x-amz-cf-id: lI0TAoPAxUbLg9MOPUtlHJX6mLZIpSmzgdNo3V85F0B35dbnOiWOAw==

GET
H2 200 22098_793454_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1e170385/2023/CreamGlideLipLiner/ 315 B
918 B 323ms
213ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1e170385/2023/CreamGlideLipLiner/22098_793454_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: ed569a029a60a5accbcc447951f2958f4dbd7037fb721a60d3b91d8cd71ee8e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 fff6a70a81914898c2756daea39344e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781395 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091646
content-length: 315
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6e/[3,-,1701106397299] 33D18cae0c93/[hit]
cf-ray: 82cc1d85d9a1450f-ATL
x-amz-cf-id: Y-5IEnxzGKQU7HDs1d_jD5LH6eHTeSs-wb9l-XAuily07zlhDTcZ3A==

GET
H2 200 82004_edbec6_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw878b70f1/2023/GlowReviverLipOil/ 290 B
893 B 324ms
214ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw878b70f1/2023/GlowReviverLipOil/82004_edbec6_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 701923e7612fdd51b1ae0ea1009d390d0685c9a261def001e1e534848ce61349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 53e7d5540d02f579ad97fd6ddc7756a8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781348 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091647
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c92/[4,-,1701106396029] 33D18cae0c93/[hit]
cf-ray: 82cc1d7f0bfd6753-ATL
x-amz-cf-id: rsqWl72IlhKegWtqGGCHy5h3jhWene4zWxGQsgSmUVkkGpXaalApBQ==

GET
H2 200 82005_834f42_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3bddec38/2023/GlowReviverLipOil/ 289 B
893 B 325ms
214ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3bddec38/2023/GlowReviverLipOil/82005_834f42_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 22b8be33763fcc8bbd3b4aef547439cd7e7159f9cb384e131d35d235d4b9c682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 119a6678daa8460130f2575d73df9ee6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781349 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091647
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c91/[2,-,1701106396021] 33D18cae0c93/[hit]
cf-ray: 82cc1d7f0c14450d-ATL
x-amz-cf-id: f_mIEpFPXzbakVpraEkOC8Y_AM5ZQvn7VGHKTGCcUuFgl6wnhNtVSA==

GET
H2 200 82006_c73840_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2843e53e/2023/GlowReviverLipOil/ 290 B
894 B 325ms
215ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2843e53e/2023/GlowReviverLipOil/82006_c73840_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 7094e19560bf043abd04be7f51dc7d27886f902d377efb7c07718f6133438fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 b3e6aa6408d9b27acff39fa80612846a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781350 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091647
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0ca2/[14,-,1701106396021] 33D18cae0c93/[hit]
cf-ray: 82cc1d7f0d45b17e-ATL
x-amz-cf-id: _O9Y1MzxFvAeCECEGQ8nDFwOGlmdTbFFj3HiJyDjX0X_893_JUbWMw==

GET
H2 200 82007_ffc2b4_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw58337410/2023/GlowReviverLipOil/ 290 B
892 B 326ms
216ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw58337410/2023/GlowReviverLipOil/82007_ffc2b4_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 39fff1d57d4226f0cb30a7f938b3ed28f1e48dcf2b92b8da1dee9de6afd47317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781351 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091647
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0ca3/[2,-,1701106396026] 33D18cae0c93/[hit]
cf-ray: 82cc1d7f0ba5070d-ATL
x-amz-cf-id: bcFKrLg88O1myVRzTUqOgF8SSyljBYxi1WdsQiKEcUhE4rD1BC8zjA==

GET
H2 200 82008_ed3959_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw9eef22b8/2023/GlowReviverLipOil/ 290 B
894 B 326ms
217ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw9eef22b8/2023/GlowReviverLipOil/82008_ed3959_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 9f3932674ce8ead7ddc5fe72934f296a637d9da3784b5eb0aaceff52bed4fea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 b7b65c42276ffc2575e86d10c2876348.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781352 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091647
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0ca4/[3,-,1701106396039] 33D18cae0c93/[hit]
cf-ray: 82cc1d7f1a1f672e-ATL
x-amz-cf-id: yqIQsswRRePR7cQex-BvOjX7dX_oKC4xV6qjISbBPoCCLIIgXGnyNA==

GET
H2 200 82009_892b33_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwba1f3dc8/2023/GlowReviverLipOil/ 290 B
892 B 423ms
314ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwba1f3dc8/2023/GlowReviverLipOil/82009_892b33_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 181e93bf2e7a124cdd270932c1c6d7470ced40d6e6eea76092c6ae5a8df764ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 a30317448118591e4932ae10a5a31262.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL58-P8
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781353 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091647
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0ca6/[2,-,1701106396042] 33D18cae0c93/[hit]
cf-ray: 82cc1d7f2c82457c-ATL
x-amz-cf-id: zO82-o2-Em-EP10TfXMK7JfJJeLyFCc3drBX5a2iqKGESN_E82uFww==

GET
H2 200 82010_efefef_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdc8c726c/2023/GlowReviverLipOil/ 162 B
766 B 327ms
217ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdc8c726c/2023/GlowReviverLipOil/82010_efefef_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: cfa5c45522b2dd9681f2f6096c44b4818c1de789e03624fa89571f26cd845cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 c95c58c776c7077b19a10e3445dd9bb6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL58-P8
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8667781354 tts/1700255508242 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
age: 6091647
content-length: 162
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0ca5/[2,-,1701106396045] 33D18cae0c93/[hit]
cf-ray: 82cc1d7f1de444fd-ATL
x-amz-cf-id: PNW4AFlSS_sb28cANBVxwFPzKJMS6jHIMX_oHsgD4yCXcoBaMc9GOw==

GET
H2 200 81789_923836_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw72f8ede1/2023/OFaceSatinLipstick/ 290 B
892 B 327ms
218ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw72f8ede1/2023/OFaceSatinLipstick/81789_923836_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 256e37934c207356811c6351ca463f0b711ecf706b52137b5e76f3b068860cc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD53-C1
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669284970 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c30/[2,-,1701190250579] 33D18cae0c93/[hit]
cf-ray: 82d41cba0ae7ad80-ATL
x-amz-cf-id: SCvXZKC676pyvX2YI1OOd0J1HhKCMPbd8BendlbH-2L1-P34z8_dFA==

GET
H2 200 81781_a65e4f_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw06b8b34a/2023/OFaceSatinLipstick/ 290 B
892 B 328ms
217ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw06b8b34a/2023/OFaceSatinLipstick/81781_a65e4f_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 48ef0dc66a8a286b38d5944718583de3e545a21cc76a68be63a50b5466baa5cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 cdebf0009712844928e9487620fe17f6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669284971 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c2f/[1,-,1701191606366] 33D18cae0c93/[hit]
cf-ray: 82d43dd3af23b160-ATL
x-amz-cf-id: 3AYDW4E5WYlElM0KF0otCJov5eWh86JCwYgR33Np98oSuplQfz5ZvA==

GET
H2 200 81785_cc7e79_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7eaa8780/2023/OFaceSatinLipstick/ 290 B
892 B 328ms
218ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7eaa8780/2023/OFaceSatinLipstick/81785_cc7e79_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f77ae8b7ccd1e3fe3fe4d25f86895c30af899b8ca2b97efa5ce7faec4e111542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 2e8c2e7cad8a51072f754f4edb4b5714.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669284972 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c29/[1,-,1701191606371] 33D18cae0c93/[hit]
cf-ray: 82d43dd3aa351359-ATL
x-amz-cf-id: _6arOjdoRMYUqJBQujGav3szJBqhDebezb88z7qBH9bu6BcoC4MpXQ==

GET
H2 200 81786_8b5437_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe1f13951/2023/OFaceSatinLipstick/ 290 B
893 B 424ms
314ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe1f13951/2023/OFaceSatinLipstick/81786_8b5437_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 96c3df039232309bcd492159531e5f842a518033b80257d12a41cf11f2406b60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 915092a962e63573a018390dfbdde6a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669284973 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007292
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c28/[2,-,1701191055709] 33D18cae0c93/[hit]
cf-ray: 82d430621b5406fa-ATL
x-amz-cf-id: HAMZd17CNJ8h1rDoRT4aoReOKEpbM_FUOzgQjAKEtUj5qsEDjUMupw==

GET
H2 200 81787_985b65_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw02195ef7/2023/OFaceSatinLipstick/ 290 B
893 B 425ms
315ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw02195ef7/2023/OFaceSatinLipstick/81787_985b65_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dd465d2dec1267933c3b50dfea44c34c81c76c7c411c13154486ef85e8c3a128

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 282c7063f0dcd150a1ec354174c83f68.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8669284974 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007292
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c26/[2,-,1701193422113] 33D18cae0c93/[hit]
cf-ray: 82d46a281acb6765-ATL
x-amz-cf-id: mQoSZuFLRDTgspAoORBUgnzD2_QwH-9v3aUdEwr0J5S3YuAbvuvnzA==

GET
H2 200 81790_af5340_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw000126c6/2023/OFaceSatinLipstick/ 290 B
891 B 426ms
316ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw000126c6/2023/OFaceSatinLipstick/81790_af5340_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f0cee144505e4df51da3ec75c5a3dee2264d201c32bc80df1969b2082d019eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 1eff65ab809ac1c235584ba542e062e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL58-P8
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8669284975 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c2e/[2,-,1701190962465] 33D18cae0c93/[hit]
cf-ray: 82d42e1b497ab178-ATL
x-amz-cf-id: kGKtlQ6LtBwA0Q5uW8p0rxwmd1w438gPZ9-HTseROWhl1jYmheKdBQ==

GET
H2 200 81791_85474b_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5ad87613/2023/OFaceSatinLipstick/ 290 B
893 B 427ms
317ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5ad87613/2023/OFaceSatinLipstick/81791_85474b_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d8f63055f392b204f4fb9e9ec7f4d03f17c6b235182bfa62621396a76d3a0d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 0769c43e773ddeccf7eb122161fafdea.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8669284976 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6c/[2,-,1701191055752] 33D18cae0c93/[hit]
cf-ray: 82d430625ab907e6-ATL
x-amz-cf-id: Bqxap0SnMxNx1yCbcum583aRBVzHE_2XbiXsZSOhmMdTRPwfjP4zgQ==

GET
H2 200 81793_d6a483_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7feacfa4/2023/OFaceSatinLipstick/ 290 B
894 B 427ms
318ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7feacfa4/2023/OFaceSatinLipstick/81793_d6a483_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 58f8b28f51a6cf18779d85e9760aff99a636b0cc770634252f56fd1224445ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 795fca0399f361701665c0d9fab45324.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669284977 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6b/[1,-,1701190042518] 33D18cae0c93/[hit]
cf-ray: 82d417a5ad1bad86-ATL
x-amz-cf-id: -NiFDsYCvJU60chCB9YXFV2SDxoHsUUfpQEz5DX-B1uLd4DaMDUCuQ==

GET
H2 200 85960_b78066_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1bcce985/2021/ 290 B
894 B 428ms
319ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1bcce985/2021/85960_b78066_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f79eb41c3a197f45707f482b689b7845fd9c069519a1edb610230a4870a9122d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 ae8b72a635cf1b2a87cd55853de0b1a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8669284991 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c7b/[3,-,1701193414392] 33D18cae0c93/[hit]
cf-ray: 82d469f7d8cb53f9-ATL
x-amz-cf-id: FsEaIUIo4wbila4bTke9QTxTXa8JTzrbndBDUKjBqHok6HhO1ZW3ZQ==

GET
H2 200 85961_c1827e_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw4379c720/2021/ 290 B
892 B 429ms
319ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw4379c720/2021/85961_c1827e_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: a2fc4569fdc0b5d60e03c34a75957431a6c6e06d7af7b599876068d61e2f8d86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669284993 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c7d/[1,-,1701180338533] 33D18cae0c93/[hit]
cf-ray: 82d32abbbd96672d-ATL
x-amz-cf-id: e635W1-18F1XXKMq2SUdSD_P32VsnZn1VdEpNoOcjdOxHCLQ5EjVVQ==

GET
H2 200 85962_916366_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw6fc01785/2021/ 290 B
893 B 430ms
320ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw6fc01785/2021/85962_916366_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d0a088110f86dbad05069f5026219709675de2936b9b494ffe598cc50e3c8b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 e2deefdf2f2c76b24ee4785b69116006.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8669284994 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c7c/[3,-,1701193556980] 33D18cae0c93/[hit]
cf-ray: 82d46d73097e1383-ATL
x-amz-cf-id: tyvIgl4yj47vMbHQ6TfttTCHyA7UQx7IVPTz7sS6LV0IedbewNQB3w==

GET
H2 200 85963_8d5c44_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb29c0f5d/2021/ 289 B
893 B 430ms
321ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb29c0f5d/2021/85963_8d5c44_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 8fee9c64f65dab04c91790f9086e3bffd10136cf0ac1c0de4bd15fc2a7f7788d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 1b58e1b656a13c9733b75ae4afaa6100.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL58-P8
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669284995 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c7e/[1,-,1701192116105] 33D18cae0c93/[hit]
cf-ray: 82d44a457de4457b-ATL
x-amz-cf-id: CCoR_q0YLCwilT7gjGTJvbTbvSb391Fd6I0VDSMTWmJR4zF91R8iEQ==

GET
H2 200 85964_cc5152_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0da40873/2021/ 290 B
893 B 431ms
322ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0da40873/2021/85964_cc5152_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 7baac448a67e8eac98e1bcba93f75d5bf3fb0c5c5fd5742fc5419eb187520ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 915092a962e63573a018390dfbdde6a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669284996 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c81/[2,-,1701186690356] 33D18cae0c93/[hit]
cf-ray: 82d3c5ceaad8add2-ATL
x-amz-cf-id: kcxMNkVcDIglLn0SdtZx-dAPCawax8eR2YHm5X9oTb7KHViFhCakBA==

GET
H2 200 85965_c33253_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe10c3691/2021/ 290 B
894 B 432ms
323ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe10c3691/2021/85965_c33253_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: aaa0521eb89dcca04567e4f63e71a3ccc04075391ad07b06e4362c7428e0fd50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 1b58e1b656a13c9733b75ae4afaa6100.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL58-P8
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669284997 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c82/[1,-,1701187079874] 33D18cae0c93/[hit]
cf-ray: 82d3cf511c046789-ATL
x-amz-cf-id: MvY5F5kn34HSTGVnzOnRACDb7U4QkX1Es24KKkn4jDHi8xm64mVeuQ==

GET
H2 200 85966_963a51_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw481cfdba/2021/ 290 B
892 B 432ms
324ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw481cfdba/2021/85966_963a51_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: db3d9630fdd0f8c1c751ea3f4c70b80ece69c13450fbba151972d8a2d98d057d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 b55a7d50bfc196de78d5b7d366e896e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669284998 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007291
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c80/[1,-,1701193671934] 33D18cae0c93/[hit]
cf-ray: 82d470417adf673f-ATL
x-amz-cf-id: wfC46tssfjR54Kv9o74-M-O7AgdaZOtmm1sucSycRqpsxvK8fnxWHA==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 289ms
222ms Image
image/svg+xml 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 7d2e8c2396efd943b9c80d028e8585f6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 909161
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/33D18cae0c93-1706292485-4147431437 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cec/[3,-,1706294057079] 33D18cae0c93/[hit]
x-amz-cf-id: 4Q_Yx-3OqnvJUdmyn_rBQCnw26GjkswnUtN9JVzf4BY_G83Tx2jFfQ==

GET
H2 200 new-9FAEE5
cdn.media.amplience.net/i/elfcosmetics/ 178 KB
178 KB 42ms
42ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/new-9FAEE5?%24Desktop%24=&fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

774750eac984a3f73fcf8aef4926b4ed999600b51caf9b635cf6d5617e4cae90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: HTw69uaP-,l4p5bDg2e,mF-g78ke7,tJjh4FgGa,Cqm_p3RsQ,DtzGFM5oJ
x-req-id: RERVo9jp90
content-length: 182202
x-xss-protection: 1; mode=block
x-amp-source-height: 96
server: Unknown
x-frame-options: DENY
x-amp-source-width: 112
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Sun, 10 Sep 2023 03:38:07 GMT

GET
H2 200 BestofBeauty_2023
cdn.media.amplience.net/i/elfcosmetics/ 217 KB
217 KB 47ms
47ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/BestofBeauty_2023?%24Desktop%24=&fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

c62eb4f0c14c8b5734e56be81f06374ca9171415d6dde6d87f2812d916055bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: _UGy8lvte,l4p5bDg2e,mF-g78ke7,Pkjy1BsHj,Cqm_p3RsQ,DtzGFM5oJ
x-req-id: b2BCzzyqfK
content-length: 221764
x-xss-protection: 1; mode=block
x-amp-source-height: 422
server: Unknown
x-frame-options: DENY
x-amp-source-width: 421
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Tue, 19 Sep 2023 21:22:09 GMT

GET
H2 200 badge-gone-viral
cdn.media.amplience.net/i/elfcosmetics/ 100 KB
100 KB 41ms
41ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/badge-gone-viral?%24Desktop%24=&fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

11bda28dd29d065faff41cdb718b856ca5e49f3022115bff4788b0542ba9d3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: 1Q08kBn2T,l4p5bDg2e,mF-g78ke7,3i2hWg6BQ,Cqm_p3RsQ,DtzGFM5oJ
x-req-id: HPUKjaJu_u
content-length: 102504
x-xss-protection: 1; mode=block
x-amp-source-height: 1404
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1404
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Sun, 10 Sep 2023 03:00:01 GMT

GET
H2 200 82421 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 76 KB
7 KB 555ms
545ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82421?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

8895510557c4cdc81dccc9cf4e752efe6e62312b044d98196d5dbab0c87b60a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118df4de8c078c
via: 1.1 316c0d862340b97a09ec5fe1e5934c38.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669878 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=60
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82421?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118df4de8c078c-IAD
x-amz-cf-id: dcrKI9ec2G8FjbETUbmgBXSKGrDR8GPkvNBeOHuzNkmAfABC1QiTbw==
x-yottaa-metrics: 33218cae0c88/[439,438,-] 33D18cae0c93/[-,440.396]

GET
H2 200 81588G Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 39 KB
6 KB 333ms
322ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/81588G?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

37ab83a61d8a51fcc14a74f7af911190420164e7472e84f5eeb892dcbc8fc15c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118df3993b7009
via: 1.1 03c76f41c7551fa29cffd38a109c9dc2.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669879 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=60
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/81588G?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118df3993b7009-IAD
x-amz-cf-id: 819VhjUZbH8xY1nMQHEElGZ1aIDinKJe34m4L-qUXVHwk1Avqwph0A==
x-yottaa-metrics: 33218cae0c89/[216,215,-] 33D18cae0c93/[-,217.885]

GET
H2 200 83567 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 142 KB
10 KB 453ms
443ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/83567?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

019108e142119b2052c6046aa7874434b9262fb570a4bde08fcd67a53edabb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118df39be70615
via: 1.1 eff9b403ff1afb509ff28dd4b9bdc7f0.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669880 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=60
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/83567?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118df39be70615-IAD
x-amz-cf-id: jnB7hqHgRWycOd2PT7mKSgq0BKnLLABm9h4VXSQEz50OGSuenBlxtA==
x-yottaa-metrics: 33218cae0c8a/[336,335,-] 33D18cae0c93/[-,337.978]

GET
H2 200 84700 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 73 KB
8 KB 397ms
387ms Fetch
application/json 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/84700?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

ec23f3d08a00062c9199ca9cec396f024929a2a2e9fe5c5818d85c2cf9b84a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 85118df39b6e07e4
via: 1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-yottaa-optimizations: ob/1000 si/33D18cae0c93-1706895435-4346669881 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=60
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/84700?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 85118df39b6e07e4-IAD
x-amz-cf-id: hqh13FdW1f7eLk4VsBs_YFzYNMiV7IVmh1Eopocj8TdNlJsl13Esjg==
x-yottaa-metrics: 33218cae0c8b/[281,279,-] 33D18cae0c93/[-,281.858]

GET
H2 200 82421_8a1227_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5b6d6050/2023/CamoLiquidBlush/ 317 B
921 B 121ms
113ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5b6d6050/2023/CamoLiquidBlush/82421_8a1227_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: e44d9f1131ad40d59d181647ff28fe44048f8634d9edc98434d20eb0c486103b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 dbadc6c5154c582e1982923a1c4354f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1702588990-2034554333 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4315307
content-length: 317
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cd8/[3,-,1702883484769] 33D18cae0c93/[hit]
cf-ray: 83759773bde26775-ATL
x-amz-cf-id: p-1nSs4VD2tC5aEY1KmuREsogwWRvQxZAZEEVJNhO69dLdJp4uOKZw==

GET
H2 200 82415_ed9170_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw50c1d8e1/2023/CamoLiquidBlush/ 297 B
901 B 122ms
114ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw50c1d8e1/2023/CamoLiquidBlush/82415_ed9170_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 668aa9986154c66db7b479ade413370fec61bdc181337553f80f5fdc01990c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 b7b65c42276ffc2575e86d10c2876348.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1702588990-2034554334 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4315307
content-length: 297
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cf4/[4,-,1702883484765] 33D18cae0c93/[hit]
cf-ray: 83759773b9d712ee-ATL
x-amz-cf-id: sH5XtEnnHA4s0PNkLStWvWpetDEF2DTY1ZXQdX0sV0CK1SyC8TGA0A==

GET
H2 200 82416_c97261_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw73f9861a/2023/CamoLiquidBlush/ 304 B
907 B 122ms
115ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw73f9861a/2023/CamoLiquidBlush/82416_c97261_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6b02f9e36822c74ddfebf00ddefddc4e0de3eccf0561ee9957f66e6db9b189d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 eec18dadf208b762f519cab1e8369c3c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1702588990-2034554335 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4315307
content-length: 304
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cf3/[2,-,1702883484764] 33D18cae0c93/[hit]
cf-ray: 83759773b8a753ba-ATL
x-amz-cf-id: kZKXs6kRGBAeCSGHA-mG_vPj332yOwijbrq_JsAYXcMzUrO0u9TFkA==

GET
H2 200 82417_934848_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2eb56abe/2023/CamoLiquidBlush/ 314 B
906 B 123ms
116ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2eb56abe/2023/CamoLiquidBlush/82417_934848_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 53a267fda006f16d6fdb54ee764922a3fe61a8b6ef2972ae8c60d93e306bb1eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 cdebf0009712844928e9487620fe17f6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ATL56-C3
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1702588990-2034554336 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4315307
content-length: 314
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cf2/[2,-,1702883484807] 33D18cae0c93/[hit]
cf-ray: 83759773f9fe1359-ATL
x-amz-cf-id: QdMwuafHXk9UyeGB9FoYepd6w7gw0ujGqctfaKLZ6OqPc30yMXcX-A==

GET
H2 200 82418_ea5d4e_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2947a163/2023/CamoLiquidBlush/ 306 B
909 B 124ms
117ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2947a163/2023/CamoLiquidBlush/82418_ea5d4e_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: be26eb3fda8ce26fcf39cabb2d7d4f56a8524e31a343f6db6b1c4e255c4c89d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 d8637b73bee5bf30932e15ee62bd60dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1702588990-2034554337 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4315307
content-length: 306
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cf1/[3,-,1702883484803] 33D18cae0c93/[hit]
cf-ray: 83759773ee6312de-ATL
x-amz-cf-id: -cPPba6XCk_mS6VehJXmebsGStSBSOrp8V2lJxgbxRH7geu42vrtZQ==

GET
H2 200 82419_d8295f_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbf823553/2023/CamoLiquidBlush/ 307 B
899 B 124ms
117ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbf823553/2023/CamoLiquidBlush/82419_d8295f_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 55245d1dbef4c5307f1e4b89913f51d27a2bd76d9d4130bcfc48c1438ce27232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 a53c5eb15bcdaa306b21a04e191f78de.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ATL56-C3
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1702588990-2034554339 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4315307
content-length: 307
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cf0/[3,-,1702883484814] 33D18cae0c93/[hit]
cf-ray: 83759773e8fa44f6-ATL
x-amz-cf-id: EK7hmmy3S7TRDKat5KSnTRZFSPhmH4AsXdHSIABHW79Zd_Qzivva2g==

GET
H2 200 82420_d52e1c_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0bcb7171/2023/CamoLiquidBlush/ 313 B
904 B 125ms
118ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0bcb7171/2023/CamoLiquidBlush/82420_d52e1c_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 4358d95ed843273750f6301a75ad4282b7f32fbf25d9bfc0d7c1ed220f526673

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 684812801fd7e26ff0924d8ea79cb92c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ATL56-C3
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1702588990-2034554340 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4315307
content-length: 313
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cef/[3,-,1702883484803] 33D18cae0c93/[hit]
cf-ray: 83759773eb9eb08b-ATL
x-amz-cf-id: 4FFiciTdWLFPkN64BCmgs5wrpUrUIRsSTniMvAZDqishbBwUVu-DZw==

GET
H2 200 82422_81382b_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwd690c536/2023/CamoLiquidBlush/ 314 B
905 B 126ms
119ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwd690c536/2023/CamoLiquidBlush/82422_81382b_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 57b5fadea258092c47cb3ad1f5ca816ed7a03c194c96b14a59e3bd606284616a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 e779e6690108fc19727694cd1f90461a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ATL56-C3
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1702588990-2034554342 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4315307
content-length: 314
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cee/[3,-,1702883484808] 33D18cae0c93/[hit]
cf-ray: 83759773e9b01353-ATL
x-amz-cf-id: UXnLtHfbugLD7_wivToUOsNkxOUbUNE6KAcOhDl0SopaeoMLw47vSA==

GET
H2 200 81588_212531_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwc11cce39/2023/LashXtndrMascara/ 315 B
917 B 127ms
120ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwc11cce39/2023/LashXtndrMascara/81588_212531_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 4dd4735601c7db12d49dc38c46dfef3a663db36321689bcb34aea889bd0db001

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 200c95b73c59ce451775f143027d4164.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL58-P8
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1701461947-2120723353 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 5439505
content-length: 315
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Sat, 04 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cee/[2,-,1701763403956] 33D18cae0c93/[hit]
cf-ray: 830ac5ba9927ad9a-ATL
x-amz-cf-id: KVSok3kb86tkGanLse1h6gYC2zFb-QeP-UqDHKcb2jUg9SCJJoK5IA==

GET
H2 200 81587_303030_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwac631f56/2023/LashXtndrMascara/ 186 B
778 B 127ms
121ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwac631f56/2023/LashXtndrMascara/81587_303030_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: a57278ff3f6a270785706b6fa0185dd06bb2357e5ae950698989483ebc43d6c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 10533111e76e446d754c52f7cf138336.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ATL58-P8
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1701461947-2120723354 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 5439505
content-length: 186
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Sat, 04 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0ced/[2,-,1701763404082] 33D18cae0c93/[hit]
cf-ray: 830ac5bb68451399-ATL
x-amz-cf-id: HqofmFlL9Qo889s98MV4ykLxi8GBDYzXDcn-H8RDqE3Yq-1OA0a22Q==

GET
H2 200 81589_664847_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw09f003fc/2023/LashXtndrMascara/ 312 B
915 B 128ms
122ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw09f003fc/2023/LashXtndrMascara/81589_664847_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d8eecca6704326f8db5486946d33420fdc588c6d519774e39df570883c4e3d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 ff93e48fe7dee8b857796f1349d27cf8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/33D18cae0c93-1700755748-8669284874 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007295
content-length: 312
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Sat, 28 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0ced/[2,-,1701191454446] 33D18cae0c93/[hit]
cf-ray: 82d43a1e2ecd53b1-ATL
x-amz-cf-id: iyT2Kb9Zb7assqrMJd-jpUiGru7p40xGfCFO0ziuGyMbVvr-xK2VDQ==

GET
H2 200 83567_c39b69_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2d6f4aac/2023/HaloGlowLiquidFilterSHADEEXT/ 304 B
906 B 129ms
123ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2d6f4aac/2023/HaloGlowLiquidFilterSHADEEXT/83567_c39b69_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 8a04baac1bb2ecbbd8c34d07662c8d2ed56ed1b5145f9da4b9df0d93c5fc12f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 c640b1afa51b342db4c4d96d404a1eda.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283922 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007337
content-length: 304
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cd5/[1,-,1701180409822] 33D18cae0c93/[hit]
cf-ray: 82d32c7949314575-ATL
x-amz-cf-id: kdOaARh68dxF-R3aFNFSLbUBUEsxW3R6t_h7l6gVSRsdFjH1QryW2g==

GET
H2 200 83565_e4bc97_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0c47e8be/2023/HaloGlowLiquidFilterSHADEEXT/ 291 B
893 B 129ms
124ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0c47e8be/2023/HaloGlowLiquidFilterSHADEEXT/83565_e4bc97_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 06f7a62ff765add60b19a7594e3cd59f4f243c718a07ce5d2e13f72dfffae406

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 a33c43ec5f596f8992d13ecf79c120a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283923 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007337
content-length: 291
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c32/[2,-,1701118139693] 33D18cae0c93/[hit]
cf-ray: 82cd3c34fa9a455d-ATL
x-amz-cf-id: 98MiY4T4V376dfwMyjtc-cyytJqjG3ZNoYIWa308t9fSwWmAOkNv6w==

GET
H2 200 83566_e4c6a7_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw08c83b35/2023/HaloGlowLiquidFilterSHADEEXT/ 289 B
890 B 130ms
125ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw08c83b35/2023/HaloGlowLiquidFilterSHADEEXT/83566_e4c6a7_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: a5a7fc32d089a7db4a8a51c3b0144e8571b63162c4db338cb169c668f9aa6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 684812801fd7e26ff0924d8ea79cb92c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283924 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007337
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c31/[1,-,1701194554742] 33D18cae0c93/[hit]
cf-ray: 82d485cf08d453d4-ATL
x-amz-cf-id: d5bonUiP71-K0pOT2DSNBvmSRbZCQo_2G8z0g9wC0RnQQMM6zmbecg==

GET
H2 200 82113_eac6ac_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw60089524/2022/HaloGlowLiquidFilter/82113_Halo_Glow_Liquid_Filter_Fair/ 289 B
890 B 132ms
126ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw60089524/2022/HaloGlowLiquidFilter/82113_Halo_Glow_Liquid_Filter_Fair/82113_eac6ac_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 988939b24208fa548397468433e51d44f04cfad29107321fb4332d075c2c3ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 e9a0863c3aa85d921b20ebfa4cdea5e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283925 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007337
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c30/[2,-,1701172800606] 33D18cae0c93/[hit]
cf-ray: 82d272b3afb8673b-ATL
x-amz-cf-id: _z6bNBkTe0oftvxsIDvubgYV4SUZehlm9yxuran5idS4EFI3wRHW4w==

GET
H2 200 82114_ddc1a6_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7184145d/2022/HaloGlowLiquidFilter/82114_Halo_Glow_Liquid_Filter_Fair/Light/ 289 B
891 B 132ms
127ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7184145d/2022/HaloGlowLiquidFilter/82114_Halo_Glow_Liquid_Filter_Fair/Light/82114_ddc1a6_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b0b16d044e600df5f3d5bcbe66b812b91169ac8c6f6394b52b94ec568e6d7232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 90702f7d29c8c5cb637fb12f7452bdaa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283926 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007337
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c2f/[1,-,1701180656128] 33D18cae0c93/[hit]
cf-ray: 82d3327cad081833-ATL
x-amz-cf-id: cUkG-S51nk5AMoU3w_tEJJGYRL3Gh7I96qCrXS4LWtahGrpouchDSA==

GET
H2 200 82115_d7ad91_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe43236fc/2022/HaloGlowLiquidFilter/82115_Halo_Glow_Liquid_Filter_Light/Medium/ 289 B
891 B 130ms
125ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe43236fc/2022/HaloGlowLiquidFilter/82115_Halo_Glow_Liquid_Filter_Light/Medium/82115_d7ad91_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 5a1b7fbff7841e65b48c6f566b3f7c5a3d030c790f1de3e7e2ab760bb769082a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 6e5576b120c81986215d5e2dd5676fe8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283927 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront
age: 6007337
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c29/[1,-,1701180695730] 33D18cae0c93/[hit]
cf-ray: 82d333742eb669f3-ATL
x-amz-cf-id: HOj7rHsV07b8eGfC3EPCwpcgGeCze3CPW9biqaalwzCnR2qrsbmrDw==

GET
H2 200 82116_bf926e_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw992ade67/2022/HaloGlowLiquidFilter/82116_Halo_Glow_Liquid_Filter_Medium/ 289 B
891 B 134ms
129ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw992ade67/2022/HaloGlowLiquidFilter/82116_Halo_Glow_Liquid_Filter_Medium/82116_bf926e_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 77563c3d31b3bd929f455be38d45d87449f2441007a1ae54c2ec4f644c767630

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 b7b65c42276ffc2575e86d10c2876348.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283928 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007337
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c28/[1,-,1701181032232] 33D18cae0c93/[hit]
cf-ray: 82d33bab58162447-ATL
x-amz-cf-id: QSwblIt5-c9FPHEmtqsDgqFWd6qujr0jM5EjEJ59yt5VBTlJE43avA==

GET
H2 200 82117_bf9667_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwc8c0121f/2022/HaloGlowLiquidFilter/82117_Halo_Glow_Liquid_Filter_Medium/Tan/ 290 B
893 B 134ms
130ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwc8c0121f/2022/HaloGlowLiquidFilter/82117_Halo_Glow_Liquid_Filter_Medium/Tan/82117_bf9667_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: a7dc26bff5b4a6ceb621fc58cb8e8b4f19619064e20d2a63d10d89d7649f3310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 6696921eeaa7b7fae0b83a6871ab0f4c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283931 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007337
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6b/[1,-,1701187117151] 33D18cae0c93/[hit]
cf-ray: 82d3d03a0a8b0807-ATL
x-amz-cf-id: 4vgRhYuflhWHwuQNwZQpLvMaDaX3RYWMgVOmp1yzStIE7_i3KA8PnQ==

GET
H2 200 84700_a3494a_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwcc80c0c8/2023/HaloGlowWandBlush/ShadeExtensions/ 290 B
891 B 222ms
218ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwcc80c0c8/2023/HaloGlowWandBlush/ShadeExtensions/84700_a3494a_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: c72643964544332aff431b6a1b00c2196ce9eb194f196ad05e14982d3b08321c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 e9a0863c3aa85d921b20ebfa4cdea5e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD79-C2
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283563 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007350
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c27/[1,-,1701188162477] 33D18cae0c93/[hit]
cf-ray: 82d3e9bf5ba9b048-ATL
x-amz-cf-id: 3QL7AvpuxtOAq6UznycAVuqOtFKcffHlkwHK2kM0Kobft7tMl625Rw==

GET
H2 200 sku84696_hex_bc8974.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb5b2ba85/2023/HaloGlowWandBlush/ 289 B
892 B 221ms
216ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb5b2ba85/2023/HaloGlowWandBlush/sku84696_hex_bc8974.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 84c5d15e1a01e75f1164ada1359c5cc113b3aa3a85e43259b137d090b35c8072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 a33c43ec5f596f8992d13ecf79c120a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283564 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007350
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c26/[1,-,1701187964022] 33D18cae0c93/[hit]
cf-ray: 82d3e4e6fd6944e4-ATL
x-amz-cf-id: kOhLyXw5hNiILAbY0YQoniM1etnPczxbBjbckSL6A2QHbnjN7kxOwg==

GET
H2 200 sku84697_hex_9b504f.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7db85a30/2023/HaloGlowWandBlush/ 290 B
893 B 221ms
217ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7db85a30/2023/HaloGlowWandBlush/sku84697_hex_9b504f.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: c7800792e17ae1f204a586d14ec62c93d478bf0e9201e75eb7bb54b3a3068a04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 3553b0fd7e74e2b8ad09f7eb3c954e5a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283565 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007350
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c2e/[1,-,1701191090773] 33D18cae0c93/[hit]
cf-ray: 82d4313d3cf1b093-ATL
x-amz-cf-id: EY1H_OG65LS7tOSGic4LeoklHCCTW4LB47fBAopU9PFo0P85vSraOA==

GET
H2 200 sku84698_hex_956141.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb8a78ca2/2023/HaloGlowWandBlush/ 290 B
893 B 222ms
218ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb8a78ca2/2023/HaloGlowWandBlush/sku84698_hex_956141.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6d346ba132593213cba9bfa6b9ae595d953d5ce8ca748f4d31ded1b8f4f1e1ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 d8637b73bee5bf30932e15ee62bd60dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283569 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007350
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6e/[1,-,1701182154716] 33D18cae0c93/[hit]
cf-ray: 82d35712ec9d24b3-ATL
x-amz-cf-id: bq9dDvj2DnmgcBHOkBlxoHxrjo19SDzlegQ3_Kt7ofj_XTP9kMhNDg==

GET
H2 200 sku84699_hex_864c52.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw11e3ba07/2023/HaloGlowWandBlush/ 290 B
892 B 219ms
215ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw11e3ba07/2023/HaloGlowWandBlush/sku84699_hex_864c52.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 9193ab03db75dc48eac7f6387304991f7c6e794e4f13163dae47280f91d2210a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 a33c43ec5f596f8992d13ecf79c120a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283570 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007350
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c6f/[1,-,1701178290137] 33D18cae0c93/[hit]
cf-ray: 82d2f8b94db453aa-ATL
x-amz-cf-id: FGEiNb1QsrjdQIdRrrfJWFTV-tl6-y_r2vQhWb2QfFU-z_9blV3NDA==

GET
H2 200 84701_833123_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3e276ea6/2023/HaloGlowWandBlush/ShadeExtensions/ 290 B
892 B 132ms
128ms Image
image/jpeg 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3e276ea6/2023/HaloGlowWandBlush/ShadeExtensions/84701_833123_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 97b684ae93653983b3f22e0b74288e8b1ac19025ee91d4e17c60aa3c722cc8fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 ff93e48fe7dee8b857796f1349d27cf8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ATL56-C3
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/33D18cae0c93-1700755748-8669283571 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 6007350
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c70/[1,-,1701177758794] 33D18cae0c93/[hit]
cf-ray: 82d2ebc05e4369ef-ATL
x-amz-cf-id: vzAmTwoglrB40F5C4_EI-7Y1zER1CMFDvBjlTp-XoDFP9NsMJhz0hw==

GET
H2 200 c Show response
ids.cdnwidget.com/ 61 B
235 B 146ms
123ms XHR
application/json 2600:1901:0:56e0::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=224198070&GCS2=MTMzOGU0NmUtMjlmZC00MGU5LTllYjMtZTY3MWNkZTU0ODVjLmxvY2FsLGQyNGEzMjkwLTZmYmQtNGViNC04MmMzLWY5MWJmZThmMDIzNC5sb2NhbA==&pe=false&wsid=4142&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A4142%2C%22loadID%22%3A%22ixxgnMcGANL9Riy%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A3%2C%22IDStageStart%22%3A3%2C%22netComplete%22%3A249%2C%22obsReqpage%22%3A466%2C%22obsReqdata%22%3A732%2C%22obsReqview%22%3A941%2C%22IDStagePrefire%22%3A941%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A1%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%22141886956115641945%22%2C%22visitid%22%3A%221707203227049815%22%7D
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:56e0:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61

GET
H/1.1 204
No Content tHi7HKC6l6B2mHD5 Show response
imgs.signifyd.com/ Frame 7B8C 0
387 B 12ms
12ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 120ms
120ms Image
image/svg+xml 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:08 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 7d2e8c2396efd943b9c80d028e8585f6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 909161
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/33D18cae0c93-1706292485-4147431437 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cec/[3,-,1706294057079] 33D18cae0c93/[hit]
x-amz-cf-id: 4Q_Yx-3OqnvJUdmyn_rBQCnw26GjkswnUtN9JVzf4BY_G83Tx2jFfQ==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 104ms
104ms Image
image/svg+xml 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:09 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 7d2e8c2396efd943b9c80d028e8585f6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 909162
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/33D18cae0c93-1706292485-4147431437 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cec/[3,-,1706294057079] 33D18cae0c93/[hit]
x-amz-cf-id: 4Q_Yx-3OqnvJUdmyn_rBQCnw26GjkswnUtN9JVzf4BY_G83Tx2jFfQ==

GET
H/1.1 204
204 ET2kTpe0fsZa5OpP
imgs.signifyd.com/ Frame 7B8C 0
400 B 15ms
15ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/ET2kTpe0fsZa5OpP?da7b060f97035cea=44xtglidiQUjzX6VyDLbPsnGDsKYVoNwaXyr-oG0lwYtSAICzH3k6VsBuREgOtzbNo_ZpmA2uJ95v3Q5iqKN0k7ROJvNPHMov7btvUY8O_cg2pe44r5UPHpT9wOqOLUR5L_mTigIcP3y7OHe8Oo2EUr0mYloJoIApb0xG4en2UttLjJOlgD0WpRuljCcS6KpRl5UGcAFq_NvfeP_qwg&jf=3c3b3024796b645f786e643d7e64785f6e31663e7b5a3e5f5a4f61476f7b515e2e73636c576e69766f3f31373a373230393238382c71696c557471786f3d7f6d6838656b6c736b2e7b636c5d6167793d3930353939303b333a34303f3861303e3e386b6d3966303a38313a3e38323a6332343438696533643a333a313a35303b3e3238383a34393d3b37623d30386b306b6869313f3a63313936356133396832323462306b666c6e6e636c393c66356969373f6d31686e376b3b35383b6137306e633e313f30643b3a633a396b623c3b386739313f303e386c3b6e373f6038303d64313068646c626c3b38693e386a6c3c32303b6f35626e3f356e693d6e3c323a6035373c3726736364557363653d3b3a343e38383239383a64373b3e316e696a3a6e61693231333a3237633f616c666c37353c3e376e6b3b64396e693530306d65696a31336b363d676663683565666f666c303a6066696f303a3a3b30386e333430316a663a6e3d396e606c3531623864306239373e653a3a633f3d63393f6e323b386e36323a3e346b3d69326d666f6438626f383264323233376835632e79696e7a3730

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
333 B 77ms
39ms Script
text/html 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=872&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYAGQgJmIGYyyBOAFmIA5NgAvEKAWgDZjMA7gFMARjlTAhAfVQATKPXz0ymAE5CcIADZw0GAn2IAPfBX7qYQ1etVRsAQy1bUCAOZS4qrVAAWwYAAOOACklACCwWQAYpFRAvEAdEJaMEggOAC2QmhIOAlpGbGYAG6o4sBSaSAA1qhCUMGEAEKRZFoBraERNH6BIWQArOGRA9Ej0fECSSlpmdmoufkghYNjNJEAwq2qncPr64QAItggNXUNza2ycrvdZEr4TEw8tAM8+PhvigwDnWRbNFKsluRFIFGoZBI9FoTE+m1axVujRaNC0IFcriEshkCFuMEcOCE8JoQmKVikaIxWJxeIJRP+rSQ9lUFQAjsAAJ63YjEshMllSYqOOD0shdHkMmg4OAiDISSTYjDlUVdfFaQm8ymY7EuGSyIQINAwOrA9bhNUayV85kVQnAWnq+kA60sh0ao682SuKKoVQ4YAAGRA9lNYvCwFUIsaxyFfoA2lrqS4ALqwOklZk4OOk8mJnUIVMWoQZ+P8tmc1P8WNZsuC4VCSslrMBVQgbEthYNtOOptxlttqQIexZQvp6tx3X+kBIaqjnvj6Wy+XUpUSLtF3tVWrSDJtxxSFsaA3AOeE3t5nF64+oY1Y0-F8e1u333sBWQBKQ4apwF+Pm2-zM+3UYpP2-X99RgONayFHQuyrCCE3RbVLzka9b1kcChEgp9shfLc6ikUAQApZlMW7M8RACKB+GyKi4wAIjLeiABpGPsSRXBAVQORYxifCEGcQF0XifGWIReP7WQ4BQXjCWZJAfHo5NMACYA8FErITgyAJnHsZBpBgLR7FcOxih8ewoCAA
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date: Tue, 06 Feb 2024 07:07:09 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 17
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 142ms
119ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520DE&cookieID=&deviceID=&BXWID=4142&warpspeed=2%5EHIykD&loadID=ixxgnMcGANL9Riy&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 104ms
104ms Image
image/svg+xml 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:09 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 7d2e8c2396efd943b9c80d028e8585f6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 909162
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/33D18cae0c93-1706292485-4147431437 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cec/[3,-,1706294057079] 33D18cae0c93/[hit]
x-amz-cf-id: 4Q_Yx-3OqnvJUdmyn_rBQCnw26GjkswnUtN9JVzf4BY_G83Tx2jFfQ==

GET
H2 200 valetines-day-2024-01-29-image-4_D-min
cdn.media.amplience.net/i/elfcosmetics/ 171 KB
172 KB 22ms
22ms Image
image/webp 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-4_D-min?fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

2d20903227f36798b79adec5bbd810679d27fe0abed0d698813e8f769df046fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:09 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: qhO9uXHAy,l4p5bDg2e,1TZJXD2Ju,Cqm_p3RsQ,DtzGFM5oJ
x-req-id: uuXo0IaUDE
content-length: 175384
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 106ms
105ms Image
image/svg+xml 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:09 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 7d2e8c2396efd943b9c80d028e8585f6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 909162
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/33D18cae0c93-1706292485-4147431437 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cec/[3,-,1706294057079] 33D18cae0c93/[hit]
x-amz-cf-id: 4Q_Yx-3OqnvJUdmyn_rBQCnw26GjkswnUtN9JVzf4BY_G83Tx2jFfQ==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 105ms
104ms Image
image/svg+xml 140.174.12.147
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.12.147 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:10 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 7d2e8c2396efd943b9c80d028e8585f6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
age: 909163
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/33D18cae0c93-1706292485-4147431437 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cec/[3,-,1706294057079] 33D18cae0c93/[hit]
x-amz-cf-id: 4Q_Yx-3OqnvJUdmyn_rBQCnw26GjkswnUtN9JVzf4BY_G83Tx2jFfQ==

GET
H/1.1 204
204 7XAP8nFy5YHkWIaT
h.online-metrix.net/ Frame 980B 0
401 B 39ms
15ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/7XAP8nFy5YHkWIaT?f3d4fbbe7e8ca23f=sfY7xqADKva0Z64g90NTowNjE8H38M6uBDJwfYUD0h5MOoyOw6Vd9rC4TUxdvRDZ59hjkXXw2_UYRZeo_z-7qwtcOJIBXBnDSOIUa2i2dw5e4iXi0iaNnTboTc5YBNjdYmc9WjRaL3aQCh0If3VN_i8-SL8qqidV2q5zXam3a8J-RHA7Qqnb-BWcS7SYsQJBIRCxG8L3s55VQIInIkc&jf=3c3b3e24796b645f786e643d7e64785f43717450703378785f577d6b584e657e2e73636c576e69766f3f31373a373230393238382c71696c557471786f3d7f6d6838656b6c736b2e7b636c5d6167793d3930353939303b333a34303f3861303e3e386b6d3966303a38313a3e38323a6332343438696533643a333a313a35303b3e3238383a343d6b6f3034396c366b31386c3b313d6061626b3164316f353d356c34393d33613a316e336e69323a306c6e303c3b6b3c6a6033663366326535366e653e353b3738303a333038396630696837336938333e6a3e333a36333266346b6263626c626b666e34363a6f663d313d38303b3e30613c31353a386a6b3060693037666c3826736364557363653d3b3a343d38383239383a63313069333b316c696a32696139666b65396633383a633966333f3a32306c38663b693c37306a31386f6d386b6e353d6137666c3834343e3833613d30376a6e303a3a3a376e696c67343b6c336938696c3d373f3462613d6432653a343234383531693a35316a6c62693d3e3165693a663d38386c383a6b6462643339343832336b376e2473616c723539

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/tHAOR_JlgyU0bgSh?17832a3ef0a249f2=ZaRJi_4TDwrdYFaQcizL7oHH7olcUdOpRItFtnZiXMfKzWiLOH7znzOXDyRmlq8ucWiH62W7w8r1PP2PcsYVTgxcJYXEDKoJK2Bkv6ZB9ifYdJkh1WH-v1M8h446V5mdnGsmgcK03Xw5EZcQ8C-uc-Q-UPjEN96IRzFsjcpp0k1X8nb9EjADanr3wXuUAuY__JcTnHj25nTrqlXzcb1q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content tHi7HKC6l6B2mHD5 Show response
imgs.signifyd.com/ Frame 7B8C 0
387 B 12ms
12ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 07:07:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 valetines-day-2024-01-29-image-5_D-min
cdn.media.amplience.net/i/elfcosmetics/ 59 KB
59 KB 21ms
21ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-5_D-min?fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

9984ddd66cac2301c90a8af8df473e374a6a76a5839fd72a7483bdc8db9efbe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:10 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: XDjwBEJ8e,l4p5bDg2e,xhQ7djhcu,WepA0szpz
x-req-id: PE_37DyabP
content-length: 60073
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H2 200 valetines-day-2024-01-29-image-6_D-min
cdn.media.amplience.net/i/elfcosmetics/ 110 KB
110 KB 22ms
22ms Image
image/avif 2a02:26f0:3100::1735:2b10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-6_D-min?fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

4640c95ead92ab52d145901f4c81171be7617504eea0d47bc74dffa50cc0b584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:07:11 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: nbP029mD3,l4p5bDg2e,HKFzQEt3Y,WepA0szpz
x-req-id: 6O3-Ym2bV6
content-length: 112474
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/

Domain: 9231397.fls.doubleclick.net
URL: https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=5899475585081;npa=0;auiddc=612260061.1707203225;u6=%2F;u10=undefined;u12=undefined;u8=undefined;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Domain: 10742279.fls.doubleclick.net
URL: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=5421420653598;npa=0;auiddc=612260061.1707203225;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Domain: 10742279.fls.doubleclick.net
URL: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=7907300973333;npa=0;auiddc=612260061.1707203225;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Domain: pixel.pointmediatracker.com
URL: https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=ec132707-7c22-4037-b34a-bce68ff1a6b5&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1002495100

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Domain: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=f877307b-f7b1-43fd-afa6-3bb8e3ee10a6&u_sclid=d76519f1-33a3-4884-986c-70e06b4380a4

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/458359.gif?partner_uid=2e937ece-c59a-4258-85bc-c52676101620

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 18:14:49	Name: X-AB Value: 33eab0fa79c342aca6dee3eee3c90d77
.elfcosmetics.com/	1970-01-21 02:58:59	Name: _pxvid Value: 54de7099-c4be-11ee-9387-7ec8abd4342e
.elfcosmetics.com/	1969-12-31 23:59:59	Name: pxcts Value: 54de7f53-c4be-11ee-9387-72ca567de5d4
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: initAuthComplete Value: true
.elfcosmetics.com/	1970-01-21 03:49:23	Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Value: %7B%22g%22%3A%22dfe6d55a-a28f-0ce9-2b34-78ac3eb5cb6e%22%2C%22e%22%3A1707205024701%2C%22c%22%3A1707203224701%2C%22l%22%3A1707203224701%7D
.elfcosmetics.com/	1970-01-21 03:49:23	Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Value: %7B%22g%22%3A%22a0b7a76a-1a1e-b908-9d13-5c4f46fbb183%22%2C%22c%22%3A1707203224702%2C%22l%22%3A1707203224702%7D
.elfcosmetics.com/	1970-01-20 20:22:59	Name: _gcl_au Value: 1.1.612260061.1707203225
www.elfcosmetics.com/	1970-01-20 18:23:28	Name: FPC Value: ec132707-7c22-4037-b34a-bce68ff1a6b5
.elfcosmetics.com/	1970-01-20 18:14:49	Name: _gid Value: GA1.2.385948376.1707203225
.elfcosmetics.com/	1970-01-20 18:13:23	Name: _gat_UA-432816-1 Value: 1
.elfcosmetics.com/	1970-01-20 18:56:35	Name: _dyjsession Value: odq5n1wjejmsacldf1rsy2brpkgbzsoy
.elfcosmetics.com/	1969-12-31 23:59:59	Name: dy_fs_page Value: www.elfcosmetics.com
.elfcosmetics.com/	1970-01-20 18:56:35	Name: _dy_csc_ses Value: odq5n1wjejmsacldf1rsy2brpkgbzsoy
.elfcosmetics.com/	1970-01-20 18:56:35	Name: _dy_c_exps Value:
.elfcosmetics.com/	1970-01-20 18:13:23	Name: _px3 Value: 75076257e2f6a757d806975e459876666cfac4ab751cc93c6063414a6fdff356:wcnnEW3QTY/NPPuxHUw7vnoIBaQ+7i3OrImDTocXjaqi3r3pSE98VP7QgE1A/ELWhZEOT4YL5Q8BE705z8BiwQ==:1000:FaP4GdQ5Bn40so6cmeSwMa6+aDlLM1nzjwydRlTG01dMz/OJsxNpU9tOeXcjNSsw4EuTCC5O2MxGWvbVLwGkFjWMHEchSBaf9y2lseNXAlbniwWjgsHrJ1UquisQKFoaF/evgKczCD1jo0EGzsfIJQme9MiYm5RcdW5pL7UE9y5Rkc/SSaaT8gg2ehzvQMQw+PucoP6QrdsOdX1CyK15mteqFVeJa223Gvq9E1cROZo=
.doubleclick.net/	1970-01-20 22:32:35	Name: receive-cookie-deprecation Value: 1
.dynamicyield.com/	1970-01-21 03:00:25	Name: DYID Value: 2873296804487748249
.elfcosmetics.com/	1970-01-20 18:56:35	Name: _dycnst Value: dg
.elfcosmetics.com/	1970-01-20 18:56:35	Name: _dyid Value: 2873296804487748249
.elfcosmetics.com/	1969-12-31 23:59:59	Name: _dyfs Value: 1707203225477
.elfcosmetics.com/	1970-01-20 18:56:35	Name: _dycst Value: dk.w.c.ws.
.elfcosmetics.com/	1970-01-20 18:56:35	Name: _dy_geo Value: DE.EU.DE_HE.DE_HE_Frankfurt%20am%20Main
.elfcosmetics.com/	1970-01-20 18:56:35	Name: _dy_df_geo Value: Germany..Frankfurt%20am%20Main
.elfcosmetics.com/	1970-01-20 18:56:35	Name: _dy_toffset Value: 0
.elfcosmetics.com/	1970-01-21 02:58:59	Name: _dy_soct Value: 647796.1248068.1707203225.odq5n1wjejmsacldf1rsy2brpkgbzsoy836603.1652212.1707203225837245.1654610.1707203225*861617.1750272.1707203225
.elfcosmetics.com/	1970-01-21 02:58:59	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Feb+06+2024+08%3A07%3A05+GMT%2B0100+(Central+European+Standard+Time)&version=202306.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=2624f67f-5b1f-4ad0-8bfb-1bed30db8641&interactionCount=0&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
.elfcosmetics.com/	1970-01-20 18:56:35	Name: rmStore Value: dmid:9097
.doubleclick.net/	1970-01-21 03:34:59	Name: IDE Value: AHWqTUkoEN7Pp_SvmprVSBfRge0mVUB0Yp3WD030k4Uy4HDOxk1sMSxEf4284Jko
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: scapi Value: prd:12dfe235-84b2-414a-89a6-f46d80f7a7c7:eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjEyZGZlMjM1LTg0YjItNDE0YS04OWE2LWY0NmQ4MGY3YTdjNyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzIwMzE5NSwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrcmhJeEtzV2tYc1JtYnBHa0dZWWtycEY6OmNoaWQ6ICIsImV4cCI6MTcwNzIwNTAyNSwiaWF0IjoxNzA3MjAzMjI1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxNjA1NTc1NzczNTU5NjA5In0.AUYC2gGhwjUeE7RImG-Xn3_HHxG9GA9T2yy_G8k_1-6Qhw_pt5C7CK50qHRD9mFS8ThaszV1BPm-o-bxWzGF5Q
.elfcosmetics.com/	1970-01-21 03:43:09	Name: _scid Value: 6770a12d-a253-440d-a290-a1eb72b0b174
.elfcosmetics.com/	1970-01-21 03:43:09	Name: _scid_r Value: 6770a12d-a253-440d-a290-a1eb72b0b174
.elfcosmetics.com/	1970-01-20 20:22:59	Name: _rdt_uuid Value: 1707203226084.cb97fc55-237e-4973-9dc8-8dc21a2dbba3
.tiktok.com/	1970-01-21 03:34:59	Name: _ttp Value: 2bz1jIHLhGohk3BJhKnE3KqJPK4
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: cSRHeqaUoilRFY1qKMCCb6fYYGc57BdleEJAf7OQYCSaPPZT9OH0j7avDH4fY-E22g4ZN4U64mzfLz-2whm6_Q==
www.elfcosmetics.com/	1970-01-20 22:32:35	Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92 Value: abkrhIxKsWkXsRmbpGkGYYkrpF
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
.snapchat.com/	1970-01-21 03:34:59	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIQgEsIlIDk5FxnmITMHw3waZ9RCC1pB1qyTut8W7qax8enJGHW6g2Rn8C8LRADIAAAA=
.elfcosmetics.com/	1970-01-20 18:14:49	Name: _uetsid Value: 560ea7b0c4be11eeaef7895824be5017
.elfcosmetics.com/	1970-01-21 03:34:59	Name: _uetvid Value: 560ea5a0c4be11eead0d91286576cb60
.elfcosmetics.com/	1970-01-21 03:49:23	Name: _ga Value: GA1.1.1605848610.1707203225
.elfcosmetics.com/	1970-01-21 03:49:23	Name: _ga_ZLYXLXNDL8 Value: GS1.1.1707203226.1.1.1707203226.0.0.0
.elfcosmetics.com/	1970-01-21 03:42:47	Name: _cs_c Value: 0
.elfcosmetics.com/	1970-01-21 03:42:47	Name: _cs_id Value: 5066bf07-eb87-a4dc-9284-7ee6c4839e36.1707203226.1.1707203226.1707203226.1558384338.1741367226319.1
.elfcosmetics.com/	1970-01-21 02:58:59	Name: hero-session-efcf9631-4c6b-4874-9f76-51f71464249a Value: author=client&expires=1738739226333&visitor=735241a7-a8c5-4d61-9916-5dfab3629da5
.linksynergy.com/	1970-01-21 02:58:59	Name: rmuid Value: 2e937ece-c59a-4258-85bc-c52676101620
.elfcosmetics.com/	1970-01-21 03:34:59	Name: _tt_enable_cookie Value: 1
.pinterest.com/	1970-01-21 02:58:59	Name: ar_debug Value: 1
.elfcosmetics.com/	1970-01-21 03:34:59	Name: _ttp Value: ksh5K9O2JLa-tbEj7XHxsumQhcG
.elfcosmetics.com/	1970-01-21 02:58:59	Name: _pin_unauth Value: dWlkPU16STVaV1F5WVRRdE1ETXhNQzAwT0RCaExUbG1OR0l0WTJaaFpqYzFNek01WldSag
.elfcosmetics.com/	1970-01-21 03:49:23	Name: FPID Value: FPID2.2.W763TUuRz%2B%2FCaruc8DpxUKxvCOIItqUJD5K0UzHC5dI%3D.1707203225
.elfcosmetics.com/	1970-01-20 18:13:25	Name: FPGSID Value: 1.1707203226.1707203226.G-ZLYXLXNDL8.UCue7QuO5pZ4vf5fXFcfUw
.elfcosmetics.com/	1970-01-20 20:22:59	Name: _fbp Value: fb.1.1707203226633.1982582757
.elfcosmetics.com/	1970-01-20 18:13:25	Name: _cs_s Value: 1.5.0.1707205026800
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.currency Value: USD
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: AeD1xv8vdUTCSXs3pHHk8tcc0ttgV8AI6x4
www.elfcosmetics.com/	1970-01-21 02:59:20	Name: _dyid_server Value: 2873296804487748249
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.InternationalUser Value: ""
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.location Value: US
www.elfcosmetics.com/	1970-01-20 18:14:49	Name: currentLocale Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.sessionid Value: abkrhIxKsWkXsRmbpGkGYYkrpF
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.LanguageIsoCode Value: en_US
.elfcosmetics.com/	1970-01-20 18:14:35	Name: FPLC Value: S4%2B5n1tQoEInwO4PsOcXFJl5KwhI5NgWFc8XhkWrrjBYnIrKQGoJAwHezQ0HvBrrROeBSuf2%2Bu%2BNIZMoGUGdtI35NaraK%2FChAAli1F2Kmw4SIUNpXf%2BjzKfx%2Fyv%2BoQ%3D%3D
imgs.signifyd.com/	1970-01-21 03:49:23	Name: thx_guid Value: e3c296bddbaf4a575e2d5bb1ef50037b

50 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.elfcosmetics.com/(Line 362) Message: Access to image at 'https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_' from origin 'https://www.elfcosmetics.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=ec132707-7c22-4037-b34a-bce68ff1a6b5&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1002495100 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1638306756445368?v=2.9.145&r=stable&domain=www.elfcosmetics.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 109) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://www.elfcosmetics.com/ Message: The resource https://cdn.media.amplience.net/i/elfcosmetics/pout-clout-pen-bs-2024-01-19-image-1_D-min?fmt=auto was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.elfcosmetics.com/ Message: The resource https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-1_D-min?fmt=auto was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10265292.fls.doubleclick.net
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
adservice.google.com
alb.reddit.com
analytics.pangle-ads.com
analytics.tiktok.com
api.bounceexchange.com
api.ipify.org
api.usehero.com
assets.bounceexchange.com
async-px.dynamicyield.com
bat.bing.com
c.contentsquare.net
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
cdn.usehero.com
collector-pxxt4gy2ig.px-cloud.net
connect.facebook.net
conversions-config.reddit.com
ct.pinterest.com
data.cdnbasket.net
e.cdnwidget.com
elfcosmetics.a.bigcontent.io
external-api.jebbit.com
geolocation.onetrust.com
googleads.g.doubleclick.net
h.online-metrix.net
ids.cdnwidget.com
idsync.rlcdn.com
imgs.signifyd.com
insight.adsrvr.org
js.cnnx.link
js.jebbit.com
page.cdnbasket.net
pixel.pointmediatracker.com
qoe-1.yottaa.net
region1.analytics.google.com
s.pinimg.com
sc-static.net
sdk.iad-05.braze.com
sgtm.elfcosmetics.com
srm.ba.contentsquare.net
st.dynamicyield.com
static.ordergroove.com
stats.g.doubleclick.net
t.contentsquare.net
t.paypal.com
tag.rmp.rakuten.com
tag.wknd.ai
tr.snapchat.com
tr6.snapchat.com
ut.rd.linksynergy.com
view.cdnbasket.net
w2txo5aaynxwdj6jzdesj6dxa6p2aau572n7c47hfdfb35ff560551e0am1.e.aa.online-metrix.net
websdk.appsflyer.com
www.elfcosmetics.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
www.redditstatic.com
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
cdn-fsly.yottaa.net
idsync.rlcdn.com
pixel.pointmediatracker.com
tr.snapchat.com
www.paypal.com
104.126.118.203
104.75.88.209
108.128.163.240
140.174.12.147
140.174.12.225
142.250.186.162
142.250.186.70
143.204.207.250
151.101.1.140
151.101.1.21
151.101.129.35
151.101.130.133
151.101.193.140
18.199.1.91
18.66.112.128
18.66.112.6
18.66.122.54
192.229.221.25
2.19.96.161
2001:4860:4802:34::36
204.2.49.54
2600:1901:0:56e0::
2600:9000:206f:200:a:7914:b00:93a1
2600:9000:21f3:b600:11:85b0:d600:93a1
2600:9000:2240:6c00:13:d6f4:3240:93a1
2600:9000:2250:7e00:15:ad21:c740:93a1
2600:9000:2251:1800:a:b89d:a6c0:93a1
2606:4700:4400::6812:226c
2606:4700:4400::6812:2a49
2606:4700:4400::ac40:9b77
2606:4700::6812:82ec
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9b
2a02:26f0:3100::1735:2b10
2a02:26f0:3500:887::1931
2a02:26f0:480:33::212:40ca
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::396
34.102.147.248
34.102.193.48
34.111.8.32
34.117.204.153
34.120.253.250
34.149.202.102
34.149.211.233
34.49.124.132
34.98.67.3
34.98.72.95
35.190.10.96
35.190.43.134
52.214.37.10
52.223.40.198
52.30.246.4
64.185.227.156
91.235.132.130
91.235.133.113
91.235.134.131
95.101.44.133
00f63146f5f2bb05846c9f1ac63f6246edd2ace8e401eff28a4940be4e77bf49
019108e142119b2052c6046aa7874434b9262fb570a4bde08fcd67a53edabb09
03966b1fc6b3f2cdef1a46df52094209b5edb7772d9dc4c70d638abbbfb1b2c7
04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470
06f7a62ff765add60b19a7594e3cd59f4f243c718a07ce5d2e13f72dfffae406
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
082e4534f4563c41a356cc67511a832188f642c8c1b6dee3a6de73a11ab2796a
0ad31d7012d7cbcde840c4154a2e39b517f730100cf7b3833fc4f965ee8259b3
0b84574ee8a2d0530e19d393d7a2dbc713e95c1694b51e10a19f32ef556a3c98
1011c3fa4c2e065daf205546023d4ed8bef850c1c6ca5dab2cfb9773011cc0bb
1066ce98b297d2d4248692846d6d957d59de66aad6bc0031e32118aceccb6b58
10fa747a327edb338008a1449f0694b6dfcddceb87d73b92e1f7bbfa64db29b2
11bda28dd29d065faff41cdb718b856ca5e49f3022115bff4788b0542ba9d3c1
147f6c57c05b20ffc422296d90361d70008496016fd1effbf88cc65064565818
181e93bf2e7a124cdd270932c1c6d7470ced40d6e6eea76092c6ae5a8df764ed
1a09824b6d7bbd0f5e82a23d14da408abfba60d02f5bdb48309d3ab6ca61bb1f
1a1fe89f11a11d89299028b565a99569e2aa5df3055ce514ba4dec2a8f0fe4fa
1b054a2373ab46b72eac91fa53871f6fdd4469ec90e9aae0fcbb46342e9c69b6
1ddc89ba3c2a29bf8b6a376737d491efdb8f9bcebc7c635639cda62390f45a06
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
22b8be33763fcc8bbd3b4aef547439cd7e7159f9cb384e131d35d235d4b9c682
24c5194f7e20f1890d426c20c887991870ed49e41da7b70e1fd6cf93884d4462
256e37934c207356811c6351ca463f0b711ecf706b52137b5e76f3b068860cc1
293c1373e31fe0457047ec438820c60a54faa4344cd7a7119ea768860ce1a7d0
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d20903227f36798b79adec5bbd810679d27fe0abed0d698813e8f769df046fe
2de68a6dc3817d48b67a7a0c134c34ba7d02d6fe9a0380e8f1ad3501899d0ccb
2e72d5ff50ff3eacfa59b2ffad79b937577aeabfbacfe9a0b4f68192c4b3cfe2
2f3989acda5131345cd5dd5f11e9c3c373fd3b09eb1a2a64fb2d6b302ea020a6
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
34803870664378ed86f1be63deddab4fee4eff34a0c201effbf0e4bc89efc673
3599ae3979299232ae3a5c8b0744c49ad8f61f35c14fd359ff43328a37645458
365a642315c654c45c18e97c78dfd48a9dd54a8bd0a477a753ff204e8a661cdd
37ab83a61d8a51fcc14a74f7af911190420164e7472e84f5eeb892dcbc8fc15c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3846e6e40dbd48c5e84c21ea9273db969b6f87d9b1f4ce3b6a0c26dddb29ba5a
39fff1d57d4226f0cb30a7f938b3ed28f1e48dcf2b92b8da1dee9de6afd47317
3b3092e3e0e8bd8bd119ef438642147bdb8893115683817491fce881831ea7fe
3c24052d0918820113fbd396108cf945268b33505ffa5bad0b7d98658e654da3
3e376deaeb30858026260be3d2bd058d03c0b007cb7133c0d6fea15d775afd86
4358d95ed843273750f6301a75ad4282b7f32fbf25d9bfc0d7c1ed220f526673
4465ae539c01e67a60534fe1492cf9ef7c7d6c6afc1b5a997b3c66a007650501
44c5ebeaad7221daeca8337bd2c99016040fca028d360058a9ffde3d3d025b88
45f265d91f0d046e0bf176d32af863a7e497d1c4fa27b488cb0d7a0f539c21e3
4640c95ead92ab52d145901f4c81171be7617504eea0d47bc74dffa50cc0b584
48ef0dc66a8a286b38d5944718583de3e545a21cc76a68be63a50b5466baa5cd
491a58d07634d05a747ef2a6e4239d9032b274fa4a460e6a4f57e1a083ac615c
4946b4ad7626b87d1172856fd0ec2ee7bd1c7b4d2194ee890f996430ffbe4820
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
4c80ba44f61dd8c09ce0c57ca565f286b8bbb3f5ca6cb1fe882ad0d174eaafd1
4d3337c243fd2997450eada372bc50705c72d3bb2fe80bcb3c074be6e39b1ffe
4dd4735601c7db12d49dc38c46dfef3a663db36321689bcb34aea889bd0db001
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50833b357bad5fd7e0c2788a0f13752119ece20a8187fa62446664ebc711be1b
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
521b556af81f230eb308ac3dacc6848e359a524f58ad9b31bc7f218664d7ee7b
5293e3d1f06d73bbd75b83ab1fd1e3020fd5fc1143e2d628d09cd6dc56f9b427
5398968be9f49371bc4215a9cb5cad38269ab93075b72dac187f45ae3ba04ca6
53a267fda006f16d6fdb54ee764922a3fe61a8b6ef2972ae8c60d93e306bb1eb
5478e51ef21aa9f24fa7e2d3f75c26ce7860893fd92c71beafee5fe7e443f8b4
55245d1dbef4c5307f1e4b89913f51d27a2bd76d9d4130bcfc48c1438ce27232
57b5fadea258092c47cb3ad1f5ca816ed7a03c194c96b14a59e3bd606284616a
5874673f915a3ec17db9e690bc64a2c33413a2e11e3bd666bb5d43131004ffdf
58da72bddd8da96edee8626efe890283621d3c23f38a2aac4911d773461ead38
58f8b28f51a6cf18779d85e9760aff99a636b0cc770634252f56fd1224445ec5
591433508d85adc59a5a9cbd7695ac8051a39be2ff8b12e2f823eff10569ceda
591965eaf257ec1a56f9d96013a93c5590e2188a781a8d21bb4d25c41592a15d
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5a1b7fbff7841e65b48c6f566b3f7c5a3d030c790f1de3e7e2ab760bb769082a
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e7fa7d432773d5968e98fe4118396e67e1ebe4085a5bee83b57bce0bbf5e8f9
5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
644369dc2f4a20a6681cdc05e12af7d050996a4da8bc083b0bb12ae2cde7b3cb
65222e7562d6a6d1c2c6e24c738db9114b1d36c64071a76efa2d7374a52242d7
668aa9986154c66db7b479ade413370fec61bdc181337553f80f5fdc01990c4f
68f6710cb2cc63e278cd3be6a0593c700b3ac346e36c1d636c5c13374dc20e91
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b02f9e36822c74ddfebf00ddefddc4e0de3eccf0561ee9957f66e6db9b189d0
6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d
6d346ba132593213cba9bfa6b9ae595d953d5ce8ca748f4d31ded1b8f4f1e1ee
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6d97ff963aee1b37773794c4dfa9f69345ad53a777a53e0c8e877f1f9932fa9c
701923e7612fdd51b1ae0ea1009d390d0685c9a261def001e1e534848ce61349
7094e19560bf043abd04be7f51dc7d27886f902d377efb7c07718f6133438fae
70bdc4ce00b2eb00c1a727f997e22289fe153af79db01d1fe41c9ddf93baea68
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
72d481f7a20131369585280bca5d51f098c22cf79a2dfe11bb5d4ce0e814c7b9
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
761fbc0379aab589a42e73101da2b1b40a34f1a9ba70c2f4d2f1ec5092d01779
76cdc759e378fa1ef1f13fc5e60edbcc0670fab791b76e61d65bd74961e84d0e
774750eac984a3f73fcf8aef4926b4ed999600b51caf9b635cf6d5617e4cae90
77563c3d31b3bd929f455be38d45d87449f2441007a1ae54c2ec4f644c767630
78bfaac4db8bcea12350fcfca30ebb06d21d9f4533f0e46eb96568c5cebcde1e
7baac448a67e8eac98e1bcba93f75d5bf3fb0c5c5fd5742fc5419eb187520ab2
7bcce32f4ef85233e030a2e0f1a2a81aefab5d602d45c655b1ff5f068ac8abb8
7edc838de142afdde6ee28ab5df6c24df48525959a77805928b7673357040953
8255a24f4eee1cd6244471f8db9d7d185e667879d4e96cd2130f64961d94ec42
84c5d15e1a01e75f1164ada1359c5cc113b3aa3a85e43259b137d090b35c8072
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8895510557c4cdc81dccc9cf4e752efe6e62312b044d98196d5dbab0c87b60a6
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
89b2a0533b9474d5d5c289ab743c84b54c90dd8ac0afd31dbe67de88aeabf61c
89c8ba09a0f0c872794eb4586ccd58afbe5f36897d5ad7316229553ac7b6d1b8
89f94df59a253fc0235224eb3f05fb74e284f181efbe9b9948489c140957aa7c
8a04baac1bb2ecbbd8c34d07662c8d2ed56ed1b5145f9da4b9df0d93c5fc12f0
8aab40d3409873d1f104993597d9872bef2805a81a7cc0aa2d8757f5e518de47
8beb8e14fae48b4d27d511b3ecfd31d686862d0ae6885c19ef1c488c79dde62f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de48ecc79146e513eb5b47769c805097882cefe0457a4efd87824e642579cd4
8f44cdee26320486d6767a70e0b68dea5319b28d14fb7f7c998fbaf87ee46c9d
8fee9c64f65dab04c91790f9086e3bffd10136cf0ac1c0de4bd15fc2a7f7788d
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90ef36e0fc9aecb01aad9a5f1a54a573c0861e2cbf485d3c187593fe1a5cf10f
9136e48faa9412b456a46255085b2f75a60e82df6ff0a3391c57996fbae46e10
9193ab03db75dc48eac7f6387304991f7c6e794e4f13163dae47280f91d2210a
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
96c3df039232309bcd492159531e5f842a518033b80257d12a41cf11f2406b60
97b684ae93653983b3f22e0b74288e8b1ac19025ee91d4e17c60aa3c722cc8fd
9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77
988939b24208fa548397468433e51d44f04cfad29107321fb4332d075c2c3ce5
9984ddd66cac2301c90a8af8df473e374a6a76a5839fd72a7483bdc8db9efbe9
99b99d06d31e2e47eb6e9d79073d8234de93298a7fb0dd0b54e8ba7ffe8c29b2
9a35922a6b3cdd53f2dbce919d6e801174ef11b8eb275e17bba7742e1d115beb
9be4b55c5d8a7ef71000d7696ba2e6a36cce9cfe71de512a9bb6a93028ae0e02
9c2d687566f30e39ca5ceb2a9c2520b012f69fd711811472f9c319b1d8314554
9f3932674ce8ead7ddc5fe72934f296a637d9da3784b5eb0aaceff52bed4fea7
9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4
a04ec3b2d9529b7776095594dd263610b8d78b8428075ee9b1a561a342367541
a2b640a7227890217527259e40d2d35cc3117f6ea19c9caa1edae8a6631dfc25
a2fc4569fdc0b5d60e03c34a75957431a6c6e06d7af7b599876068d61e2f8d86
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a489731ada7854359a101cf042a12d606196d394a3398bbad401ba5ffc08fb75
a57278ff3f6a270785706b6fa0185dd06bb2357e5ae950698989483ebc43d6c9
a5a7fc32d089a7db4a8a51c3b0144e8571b63162c4db338cb169c668f9aa6d5d
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a7dc26bff5b4a6ceb621fc58cb8e8b4f19619064e20d2a63d10d89d7649f3310
aa7243da44bb290d9c99c945c12bd2e9ed85d52ec48667d78fb50d08987de883
aaa0521eb89dcca04567e4f63e71a3ccc04075391ad07b06e4362c7428e0fd50
ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af500d45588bf70c829a8c641d1fc629efc1a9188e2b41a9901312f17d0823c8
afa9753d7a61cde7238d39c93026f264ea282f128440e39f1f0589867d337387
b0b16d044e600df5f3d5bcbe66b812b91169ac8c6f6394b52b94ec568e6d7232
b1b1392ef0e1dce87748f06d6839cb8b1490ba69f5f7a35b861e4dc75536c8db
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22
b6045de830d5a1427b1d82ad89e8719f0679efa99be8aae15ab76cef2fa9d60e
b877311e3743367bee817ee88fca0dedf65abb663d0e8b1f64954c5bcca1846f
b9e5fd7aa715469aa3ba04e51f41b16f99c2d8203fbad68043e8b95b321e8268
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc186d6572a4e5f7adec82dd1f1f32e5b6c42582a5d06c3186cc6706b31670a8
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
be26eb3fda8ce26fcf39cabb2d7d4f56a8524e31a343f6db6b1c4e255c4c89d2
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c17b216096c3ad997ab6c7fe3bcb85b35e03bc6335e87c8e078593e4035bb8ab
c62eb4f0c14c8b5734e56be81f06374ca9171415d6dde6d87f2812d916055bd9
c72643964544332aff431b6a1b00c2196ce9eb194f196ad05e14982d3b08321c
c7800792e17ae1f204a586d14ec62c93d478bf0e9201e75eb7bb54b3a3068a04
c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdabdca122a95c86d013bc3792c3fa8b6d610fddc9724b16360821de4c63dcdc
cec4707a8901d0e739b73b254330c67e1bac777e4678a036253bd109daa8fef3
cfa5c45522b2dd9681f2f6096c44b4818c1de789e03624fa89571f26cd845cfd
d0a088110f86dbad05069f5026219709675de2936b9b494ffe598cc50e3c8b93
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d6680bbdc43941398c52eea3a9212959c9b86e74dbc666265ed4a70535e4bf38
d6a27215c16c90e005ae9fd54059735d3fe9d6a0fde511ac193309669ad319b4
d7c18238ac5c33c43cd363223425513a8573588a44c56bd69254c644b70ac5fd
d8a6566c7e926c37c010dc811a5e82d5eddad8b10057bf711f0f644be60707d3
d8eecca6704326f8db5486946d33420fdc588c6d519774e39df570883c4e3d87
d8f63055f392b204f4fb9e9ec7f4d03f17c6b235182bfa62621396a76d3a0d1d
d9f35b91794a215842c6dd0689adc9a714a9a321e368b1b4cbcfcad98113c6f6
db3d9630fdd0f8c1c751ea3f4c70b80ece69c13450fbba151972d8a2d98d057d
dd465d2dec1267933c3b50dfea44c34c81c76c7c411c13154486ef85e8c3a128
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
e038dff62440b626103b2b81adcbb64b5cb3bd80433d1a710f37162cd7c0cc17
e1df881dfa3c790fb46a3ab0d0edd13cfaf25c0c369cca89ec8115cfdf338236
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44d9f1131ad40d59d181647ff28fe44048f8634d9edc98434d20eb0c486103b
e5d1e1706be106f83dbc876591b8dc01d9632b0e3aa68f74984a2f8b1971ccb1
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e823d829f383704a61c26381c7010a9af9851c52cb93c831a8c73a0127f04e24
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ead9d25adb64dfbde115cd038499cd4b8c2835921093773ceb30b56617d111fb
ec23f3d08a00062c9199ca9cec396f024929a2a2e9fe5c5818d85c2cf9b84a31
ed569a029a60a5accbcc447951f2958f4dbd7037fb721a60d3b91d8cd71ee8e8
eec8fb654765dfbba9b783382bfc8ecda7db21a2e24ffde27d19624ae2287d9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef37a0adcce8182a55abff9a5e28be02925fe56a3088a8d36a91a8cd3008c58b
f0cee144505e4df51da3ec75c5a3dee2264d201c32bc80df1969b2082d019eef
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f524d22c03b99f5dac2d22e9987e41bbf29c83972ec1f023e2fdb3f7c374333f
f5aed750db64c0ad3ca084335015004f18c15f773957d575f89ddb25fc501834
f5cdac8011cc5cd8f9ea74c60de77824460b750be5cf9f50b6e18e37daf2889e
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6
f67eeb979f5676dccb2ec5eefcd365c69b9e03235b65c42397206264b9887c07
f77ae8b7ccd1e3fe3fe4d25f86895c30af899b8ca2b97efa5ce7faec4e111542
f79eb41c3a197f45707f482b689b7845fd9c069519a1edb610230a4870a9122d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f889dbbc26896110ff404dc7b2dd90968003c110e0fc1a8d06e8446bc6631284
f8c6ebbfbfd150bad4b5bd7158cc60bed275422878781b45bd2450f776d625b8
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fc69e12a63b78030d4236815d85bce291387c1b845927d50cd6fb71ba64109d5
fd6211488c0c094fdfdf4c4f979e7a6e62e008c270137165c8f982124e70fc63
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616
ff66e0c134fecb094530a74dda651aeee11e8fff79cd378d56158b330691ee9e

www.elfcosmetics.com Open in urlscan Pro 140.174.12.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

292 Requests

96 %HTTPS

38 %IPv6

46 Domains

70 Subdomains

65 IPs

4 Countries

5576 kBTransfer

16802 kBSize

64 Cookies

16 Outgoing links

Page URL History

Redirected requests

292 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.elfcosmetics.com Open in urlscan Pro
140.174.12.147 Public Scan

Screenshot
Live screenshot

Full Image

292
Requests

96 %
HTTPS

38 %
IPv6

46
Domains

70
Subdomains

65
IPs

4
Countries

5576 kB
Transfer

16802 kB
Size

64
Cookies

292 HTTP transactions
3 data transactions