urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmetics.com Open in urlscan Pro
165.254.198.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.elfcosmetics.com/mobile-app.html
Effective URL: https://www.elfcosmetics.com/mobile-app
Submission: On May 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 3 countries across 26 domains to perform 120 HTTP transactions. The main IP is 165.254.198.117, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 80089.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 165.254.198.117 393259 (YOTTAA-AS-1)
3 2a02:26f0:310... 20940 (AKAMAI-ASN1)
3 151.101.66.133 54113 (FASTLY)
10 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 35.190.10.96 15169 (GOOGLE)
5 2606:4700:440... 13335 (CLOUDFLAR...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:275... 16509 (AMAZON-02)
2 172.67.74.152 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 1 142.250.181.228 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
6 18.172.112.91 16509 (AMAZON-02)
4 216.239.34.178 15169 (GOOGLE)
1 204.2.133.133 393259 (YOTTAA-AS-1)
1 34.102.147.248 396982 (GOOGLE-CL...)
5 192.229.221.25 15133 (EDGECAST)
1 95.100.65.127 16625 (AKAMAI-AS)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 18.244.18.53 16509 (AMAZON-02)
2 142.250.181.232 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
3 34.49.124.132 396982 (GOOGLE-CL...)
2 4 142.250.186.34 15169 (GOOGLE)
2 54.229.140.92 16509 (AMAZON-02)
2 151.101.193.35 54113 (FASTLY)
1 34.98.67.3 396982 (GOOGLE-CL...)
2 34.252.198.165 16509 (AMAZON-02)
1 52.48.171.109 16509 (AMAZON-02)
1 35.244.174.68 396982 (GOOGLE-CL...)
2 108.138.26.43 16509 (AMAZON-02)
12 91.235.133.113 30286 (THM)
1 91.235.132.130 30286 (THM)
1 91.235.134.131 30286 (THM)
120 37
16    165.254.198.117 (United States)

ASN393259 (YOTTAA-AS-1, US)
www.elfcosmetics.com
3    2a02:26f0:3100::1735:2b21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.media.amplience.net
3    151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn-fsly.yottaa.net
10    2a02:26f0:480:21::217:d116 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
elfcosmetics.a.bigcontent.io
4    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxxt4gy2ig.px-cloud.net
5    2606:4700:4400::ac40:965f (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
12    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:9000:275d:de00:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.dynamicyield.com
2    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2600:9000:2250:f200:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
st.dynamicyield.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
googleads.g.doubleclick.net
6    18.172.112.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-91.fra60.r.cloudfront.net
async-px.dynamicyield.com
4    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    204.2.133.133 (United States)

ASN393259 (YOTTAA-AS-1, US)
qoe-1.yottaa.net
1    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
tag.rmp.rakuten.com
5    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypal.com
www.paypalobjects.com
1    95.100.65.127 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-65-127.deploy.static.akamaitechnologies.com
static.ordergroove.com
1    2a02:26f0:3500:11::215:14ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
websdk.appsflyer.com
1    18.244.18.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-53.fra56.r.cloudfront.net
t.contentsquare.net
2    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    34.49.124.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.124.49.34.bc.googleusercontent.com
sgtm.elfcosmetics.com
4    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
ade.googlesyndication.com
2    54.229.140.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-140-92.eu-west-1.compute.amazonaws.com
c.contentsquare.net
2    151.101.193.35 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
ut.rd.linksynergy.com
2    34.252.198.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-198-165.eu-west-1.compute.amazonaws.com
api.cquotient.com
1    52.48.171.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-171-109.eu-west-1.compute.amazonaws.com
srm.ba.contentsquare.net
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    108.138.26.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-43.fra56.r.cloudfront.net
cdn-scripts.signifyd.com
12    91.235.133.113 (United States)

ASN30286 (THM, US)
imgs.signifyd.com
1    91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net
h.online-metrix.net
1    91.235.134.131 (United States)

ASN30286 (THM, US)
w2txo5aaohcqb5m6jhqudwug5pwyg6zfa6tnlmxg6e20706105357d06am1.e.aa.online-metrix.net
Apex Domain
Subdomains		 Transfer
19 elfcosmetics.com
www.elfcosmetics.com — Cisco Umbrella Rank: 80089
sgtm.elfcosmetics.com — Cisco Umbrella Rank: 175866
367 KB
14 signifyd.com
cdn-scripts.signifyd.com — Cisco Umbrella Rank: 8143
imgs.signifyd.com — Cisco Umbrella Rank: 6962
69 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 312
170 KB
10 dynamicyield.com
cdn.dynamicyield.com — Cisco Umbrella Rank: 8814
st.dynamicyield.com — Cisco Umbrella Rank: 8494
async-px.dynamicyield.com — Cisco Umbrella Rank: 8693
246 KB
10 bigcontent.io
elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 152476
104 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
22 KB
5 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2954
t.paypal.com — Cisco Umbrella Rank: 3518
123 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
487 KB
5 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 2594
1 KB
4 googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 317
1 KB
4 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3447
c.contentsquare.net — Cisco Umbrella Rank: 4542
srm.ba.contentsquare.net — Cisco Umbrella Rank: 17473
72 KB
4 px-cloud.net
collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 212179
2 KB
4 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 25251 Failed
qoe-1.yottaa.net — Cisco Umbrella Rank: 10654
1 MB
3 amplience.net
cdn.media.amplience.net — Cisco Umbrella Rank: 14154
536 KB
2 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 2560
w2txo5aaohcqb5m6jhqudwug5pwyg6zfa6tnlmxg6e20706105357d06am1.e.aa.online-metrix.net
438 B
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2599
16 KB
2 cquotient.com
api.cquotient.com — Cisco Umbrella Rank: 42720
516 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2924
255 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 456
98 B
1 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 8843
414 B
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 4578
12 KB
1 ordergroove.com
static.ordergroove.com — Cisco Umbrella Rank: 29952
43 KB
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 7849
15 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
65 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
24 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 533
295 B
120 26
Domain Requested by
16 www.elfcosmetics.com 2 redirects www.elfcosmetics.com
cdn-fsly.yottaa.net
12 imgs.signifyd.com www.elfcosmetics.com
imgs.signifyd.com
12 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
www.elfcosmetics.com
10 elfcosmetics.a.bigcontent.io www.elfcosmetics.com
6 async-px.dynamicyield.com cdn.dynamicyield.com
6 www.google-analytics.com www.elfcosmetics.com
www.google-analytics.com
5 www.googletagmanager.com www.elfcosmetics.com
5 sdk.iad-05.braze.com cdn-fsly.yottaa.net
4 ade.googlesyndication.com 2 redirects
4 collector-pxxt4gy2ig.px-cloud.net www.elfcosmetics.com
3 sgtm.elfcosmetics.com www.googletagmanager.com
3 www.paypal.com www.elfcosmetics.com
www.paypal.com
3 cdn.dynamicyield.com www.elfcosmetics.com
3 cdn.media.amplience.net www.elfcosmetics.com
3 cdn-fsly.yottaa.net www.elfcosmetics.com
2 cdn-scripts.signifyd.com www.elfcosmetics.com
2 www.paypalobjects.com www.elfcosmetics.com
2 api.cquotient.com cdn-fsly.yottaa.net
2 t.paypal.com
2 c.contentsquare.net
2 region1.google-analytics.com www.googletagmanager.com
2 api.ipify.org cdn-fsly.yottaa.net
1 w2txo5aaohcqb5m6jhqudwug5pwyg6zfa6tnlmxg6e20706105357d06am1.e.aa.online-metrix.net
1 h.online-metrix.net imgs.signifyd.com
1 idsync.rlcdn.com
1 srm.ba.contentsquare.net t.contentsquare.net
1 ut.rd.linksynergy.com www.elfcosmetics.com
1 t.contentsquare.net www.elfcosmetics.com
1 websdk.appsflyer.com www.elfcosmetics.com
1 static.ordergroove.com www.elfcosmetics.com
1 tag.rmp.rakuten.com www.elfcosmetics.com
1 qoe-1.yottaa.net www.elfcosmetics.com
1 googleads.g.doubleclick.net www.elfcosmetics.com
1 www.google.com 1 redirects
1 st.dynamicyield.com www.elfcosmetics.com
1 geolocation.onetrust.com cdn.cookielaw.org
120 36
Subject Issuer Validity Valid
*.elfcosmetics.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-25 -
2024-10-25		 a year crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-14		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2023-09-13 -
2024-10-14		 a year crt.sh
*.bigcontent.io
GeoTrust TLS RSA CA G1		 2024-04-02 -
2025-05-03		 a year crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-15 -
2024-09-13		 a year crt.sh
sdk.iad-05.braze.com
E1		 2024-04-19 -
2024-07-18		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M02		 2023-09-03 -
2024-10-01		 a year crt.sh
ipify.org
GTS CA 1P5		 2024-03-21 -
2024-06-19		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
tag.rmp.rakuten.com
GTS CA 1D4		 2024-03-31 -
2024-06-29		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-12 -
2024-10-31		 a year crt.sh
*.ordergroove.com
Go Daddy Secure Certificate Authority - G2		 2023-08-04 -
2024-08-17		 a year crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-27 -
2024-07-27		 a year crt.sh
t.contentsquare.net
Amazon RSA 2048 M01		 2023-09-13 -
2024-10-11		 a year crt.sh
sgtm.elfcosmetics.com
GTS CA 1D4		 2024-03-17 -
2024-06-15		 3 months crt.sh
dep.ba.contentsquare.net
Amazon RSA 2048 M03		 2024-02-18 -
2025-03-19		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA		 2024-01-23 -
2025-01-22		 a year crt.sh
*.cquotient.com
Amazon RSA 2048 M02		 2024-03-05 -
2025-04-03		 a year crt.sh
srm.ba.contentsquare.net
Amazon RSA 2048 M02		 2023-11-07 -
2024-12-06		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
cdn-scripts.signifyd.com
Amazon RSA 2048 M01		 2023-07-03 -
2024-07-31		 a year crt.sh
imgs.signifyd.com
Go Daddy Secure Certificate Authority - G2		 2023-10-20 -
2024-11-20		 a year crt.sh
online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2024-03-20 -
2024-10-21		 7 months crt.sh
*.aa.online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2024-03-20 -
2024-10-21		 7 months crt.sh

This page contains 7 frames:

Primary Page: https://www.elfcosmetics.com/mobile-app
Frame ID: 92113DEC53CE7D7ACD9C1879FACA9CA6
Requests: 105 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.63.0&integrationType=SDK
Frame ID: C353E074D5C7BF9D221FAA7CB65A86A8
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 388DF2DA001C0CD40C495C8D75F89A6F
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/lF-5QochqeowcLOi?1cd780b14aa79fdf=fWIc91RnrK6CXwQFP1W18Fra4ZpskNqiR7QoBxz1wmSer3nHAaZwKCIn9eKlE9hX3QqP3ifMc_IpLyX1jUnhROmAJutYxX2rJ7jBqKg8WqDuLwJBqorINI_Xfyg3y0hMA5V3uFgzCriWHSPuEURKftg_tqKivDxq89ypv7y537DrYQG9OmNNgBg72FJrDetTY7Ep7LnOtZYKo5Op&jb=3d33242e62736d7d375769666e677d7b2c6a71673557636e6e657f732f383239392c6a7b6a7f3f4b60726d656f266a7b68354960786f6f6d2d323a31383e
Frame ID: 8B74A59AF7B729C41E1B67A2D4B8ABE0
Requests: 10 HTTP requests in this frame

Frame: https://imgs.signifyd.com/2odWAXUSkG2wU1zx?636ee6a33a6b6b01=Tj7W_qJtDUSQM49Kxt-fyrgwBwwh-3hj_T20rELjryN2Kv2Lngv3Gl4mZ_KcFi-MH8VmE1SHc_QJHwaQg945-mGawyQb8FqGnLb1GrGd56_czC9wP6EooVFoIsamudHcX3SX-MDoJs6BURS83tx7k6EAfmlPJ60xo9OHfacoKD1TEFJc-xjLCD2WnjItzXBlVut3rqFeJPv_UwVdDjg
Frame ID: 7C4E0AF8FFB46BD1254AF7931E86CEB9
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/aSWYCQP5J3lKjBD5?e322ed71bca1f72a=IQbiIUl6sXxixrBh7bjNvQLeZvWSs_Mr3D4TV-EkXfdfK17nq9jx4lZotkaXFR5CDlf7qtjiijs0QYIyv3P2A1JpyCa_x1X76uXMhdY81a8l60ZLwJiwwD-AArA024S2SWy7IvLypB6O-GEsMDL8wsopcXKPcF3Rq87If2TeL43NhCB4RW19pHMg4X3RoQksmaqhXeQ1cJaddjoK9mni
Frame ID: 99CB2E72DBB64596C1325B9926869BA2
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/__cqsSK12_WLKFuJ?7f957f8d6a430d69=w1t5VBYesTlRKIv02XdIxgyW0VZ-m8vnZPXmNOxTnqgzKq6bcmauIHeZpSmKRnm3RcD4yffoZGDvEKstkx4H7FI8Zo4W8WPnSrad4m3q8xvQxPAgjtnRq3KaquXTqr6tfWTgR1MrM-yZS6RyZtxXQZoIAcUDFgsEyss8Ar1Pitpiadyv_g03BuA7K2mONUmGUttmoNsErH8C6Q9WdcHl
Frame ID: 644A64BF626C54EB09157F95E68D8D2D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Discover and Shop e.l.f Cosmetics Mobile App | e.l.f. Cosmetics

Page URL History Show full URLs

  1. https://www.elfcosmetics.com/mobile-app.html HTTP 301
    https://www.elfcosmetics.com/mobile-app Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com
Overall confidence: 10%
Detected patterns
  • basket.*\.js

Page Statistics

120
Requests

95 %
HTTPS

30 %
IPv6

26
Domains

36
Subdomains

37
IPs

3
Countries

3421 kB
Transfer

10981 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.elfcosmetics.com/mobile-app.html HTTP 301
    https://www.elfcosmetics.com/mobile-app Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=MwG9LdrgGsgjiQH3btGRGx9F1HkTw02ayLjhE_08gX8 HTTP 303
  • https://www.elfcosmetics.com/callback?usid=5af36961-4a65-48e4-8a8b-42ee106d5f5b&code=2yOWmAQ5FUEqejzOlAuQCR_d6o5hYOqVXU9KSU1l6oE
Request Chain 34
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=745318047.1715049053&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3STMXv896608294za200&auid=707255455.1715049053 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=745318047.1715049053&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3STMXv896608294za200&auid=707255455.1715049053
Request Chain 76
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=5364263701857;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLz0hs2_-oUDFbEcogMdXeQPAA;type=retarget;cat=globa0;ord=5364263701857;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app
Request Chain 78
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=8618596193482;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510h1v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CM_cic2_-oUDFVEMogMdEBoEDQ;type=elf8j0;cat=glo_flap;ord=8618596193482;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510h1v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app

120 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mobile-app
www.elfcosmetics.com/
Redirect Chain
  • https://www.elfcosmetics.com/mobile-app.html
  • https://www.elfcosmetics.com/mobile-app
983 KB
244 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1dc48cbf8704dc07bd5c0b2ca60f6c2296009312a7cb838740a319d4e8b40adb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
public, must-revalidate, s-maxage=900
content-encoding
gzip
content-length
249223
content-type
text/html; charset=utf-8
date
Tue, 07 May 2024 02:30:51 GMT
etag
W/"d8b59-4+z5vWe4h3eUuA02dUL7nEuVBdI"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 9dbecd95f02024b36225d6b521598db6.cloudfront.net (CloudFront)
x-amz-apigw-id
XYPOCGfmCYcEErw=
x-amz-cf-id
7b5NVkmOsssrEBzDC7uxOcztsF66OFls-W7Gpx2ZiJ-xq4-vkqXM-Q==
x-amz-cf-pop
DFW57-P1
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
887641
x-amzn-remapped-date
Tue, 07 May 2024 02:30:50 GMT
x-amzn-requestid
8a14aa76-5792-460d-997c-dd1206144f74
x-amzn-trace-id
Root=1-66399259-3c76cdb64cc43e426d486057;Parent=0254c333e34ecb6e;Sampled=0;lineage=2b75b0e9:0
x-cache
Miss from cloudfront
x-yottaa-metrics
3221a5fec61b/[1593,1494,-] 32D1a5fec675/[-,1703.952]
x-yottaa-optimizations
ob/1000000100001000 si/32D1a5fec675-1714713947-8434124979 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-yottaa-os
200

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=1200
content-length
0
content-type
application/json
date
Tue, 07 May 2024 02:30:49 GMT
location
https://www.elfcosmetics.com/mobile-app
via
1.1 800cba2437ee092ab9e4755c65d34a72.cloudfront.net (CloudFront)
x-amz-apigw-id
XYPN-F5wiYcEpVw=
x-amz-cf-id
iw4jZUL9INKZaoLGlWysvm73gkYMSPslI1zTGTMhZFcwD7vEE6lR9Q==
x-amz-cf-pop
DFW57-P1
x-amzn-requestid
6df30804-a69b-4ab7-aaa3-f401dfa01e4c
x-amzn-trace-id
Root=1-66399259-283f4634537f5a2520ae376b;Parent=692b474b0c6f7d2b;Sampled=0;lineage=2b75b0e9:0
x-cache
Miss from cloudfront
x-yottaa-metrics
3221a5fec633/[98,92,-] 32D1a5fec675/[-,101.141]
x-yottaa-optimizations
ob/1000 si/32D1a5fec675-1714713947-8434124974 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-yottaa-os
301
init.js
www.elfcosmetics.com/XT4Gy2ig/ 		168 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/XT4Gy2ig/init.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
88a19670aafbd8e8abc9990a06121a6b52dc0f208481d94d2540901511e8c874

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/mobile-app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:51 GMT
content-encoding
gzip
etag
"2a142-XmcrFEc5x6tdnQ+2zSfkdOk7Iy8"
active-cdn
Akamai
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
x-yottaa-metrics
32D1a5fec675/[-,26.297]
x-px-hash
YzdhOWYyZDk2YTk4MWQ3YmExZWFjYTFhMmYxNjhkMWIwYjVkMTI0MTdhNjE0NWVkZGE1ZWY4YzEzNWIwYTA0OA==
x-yottaa-optimizations
ob/0 si/32D1a5fec675-1714713947-8434124988 tts/1715049051551 ti/0 ai/5a0c9b7632f01c35d42101b2
/
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/ 		0
0
appstore-download
cdn.media.amplience.net/i/elfcosmetics/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/appstore-download
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
6f693b12a2e04ec57e72559407892e9b8b97c5c1cea493f1ba2de148e876295c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:51 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
dw1L_SO2f,l4p5bDg2e,53K1AZSVG,UyB2-aY-L
x-req-id
eYgbFdMN_f
content-length
9428
x-xss-protection
1; mode=block
x-amp-source-height
120
server
Unknown
x-frame-options
DENY
x-amp-source-width
400
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Fri, 21 Apr 2023 04:27:09 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin
https://www.elfcosmetics.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin
https://www.elfcosmetics.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
vendor.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/ 		2 MB
620 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2e0bde8a120edcd0e126c139ff4c62dc420e43a86bb9e22c92044fdda3fc3ef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:51 GMT
via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
451525
x-yottaa-optimizations
ob/1100 si/36118cae0e1f-1706737520-2081380544 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
742629
content-length
634413
x-amz-meta-bundle
11187
x-served-by
cache-fra-etou8220094-FRA
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1715049052.925559,VS0,VE1
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e49/[15,-,1714597526713] 36118cae0e1f/[-,141.182]
accept-ranges
bytes
x-amz-cf-id
b4fqcR-G6p8ex-FSj94LtaeR544XEzTMSIO6NjYzJZAk2X5ekibL2Q==
x-cache-hits
0
main.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/ 		2 MB
485 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/main.js?yocs=1u_1y_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19cc36fffa37aa68e3eeb82532cb58611a1e1191cad33bf5edf5265f5930ff28

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:51 GMT
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
451525
x-yottaa-optimizations
ob/1100 si/36118cae0e22-1706737520-1375811321 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
742629
content-length
495663
x-amz-meta-bundle
11187
x-served-by
cache-fra-etou8220094-FRA
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1715049052.925539,VS0,VE1
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e28/[14,-,1714597526528] 36118cae0e22/[-,105.504]
accept-ranges
bytes
x-amz-cf-id
cLdcp6JkgCvRGWv_EY6avXMwedBwv2v0AYpgOTnHUtp_ewnIlghObw==
x-cache-hits
0
pages-product-list-product-list-page.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/pages-product-list-product-list-page.js?yocs=1u_1y_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2461f7629a9751a8ce13d4fa6465bd4dade527356dedaa1e07be6712694ec4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:51 GMT
via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
451525
x-yottaa-optimizations
ob/1000 si/36118cae0e23-1706737520-706389071 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
742629
content-length
11877
x-amz-meta-bundle
11187
x-served-by
cache-fra-etou8220094-FRA
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1715049052.925541,VS0,VE1
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e29/[115,113,-] 36118cae0e23/[-,118.046]
accept-ranges
bytes
x-amz-cf-id
W2RtTC11uIfdSWfmztocOQ0jYkXg1Qxtya51VBiVmTN7VsW2SKJdlg==
x-cache-hits
0
playstore-download
cdn.media.amplience.net/i/elfcosmetics/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/playstore-download
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
8f86dbd47b7ff697f2b12968f6078e3634d24e1dbaa9f00ef562d278ad3cecd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:51 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
f-L-yOahg,l4p5bDg2e,2E3uDsGbL,UyB2-aY-L
x-req-id
vWiWknP3FL
content-length
13126
x-xss-protection
1; mode=block
x-amp-source-height
118
server
Unknown
x-frame-options
DENY
x-amp-source-width
400
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Fri, 21 Apr 2023 04:27:09 GMT
App_LP
elfcosmetics.a.bigcontent.io/v1/static/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/App_LP
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d116 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
615b75eddd683d2f18d95bda10b7e11d753c8b4bd95c8c14ae962ac96b867176

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Tue, 07 May 2024 02:30:52 GMT
server
Unknown
x-amz-server-side-encryption
AES256
x-amp-srv
A
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
85236
short_arrow__1
elfcosmetics.a.bigcontent.io/v1/static/ 		669 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/short_arrow__1
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d116 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
679e27a0c158ab0c2f595544d2852b2e1f1613fa1a065a2440b4bb7af23dc550

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 07 May 2024 02:30:52 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
414
IPHONE
cdn.media.amplience.net/i/elfcosmetics/ 		513 KB
513 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/IPHONE
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
8a90f3b36f2455fc6c76f9ad777671954126bdc45618423a01cfcf0cbfa49f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:51 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
AcwBHVxLK,l4p5bDg2e,NWi2ErC3B,UyB2-aY-L
x-req-id
8Tdq4c2ow2
content-length
524927
x-xss-protection
1; mode=block
x-amp-source-height
886
server
Unknown
x-frame-options
DENY
x-amp-source-width
1410
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Fri, 21 Apr 2023 04:27:10 GMT
ACCESS_BS
elfcosmetics.a.bigcontent.io/v1/static/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/ACCESS_BS
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d116 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
92e00349ed94a2184d48889d637ad456366dbec2cbe67ffc211c8c21362cb46c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 07 May 2024 02:30:52 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
1232
BUILD_WISH_LIST
elfcosmetics.a.bigcontent.io/v1/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/BUILD_WISH_LIST
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d116 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
7b56d2710f8114b062edd4b006df9739f523f14679b9fc7573259ed51d37ab45

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 07 May 2024 02:30:52 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
1358
SCAN_RECEIPTS
elfcosmetics.a.bigcontent.io/v1/static/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/SCAN_RECEIPTS
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d116 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
e54a8aca75cb5e527ffd22195b818f3ff4e7239a6dd8425f979e3180419abee5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 07 May 2024 02:30:52 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
1741
VIRTUAL_TRY_ON
elfcosmetics.a.bigcontent.io/v1/static/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/VIRTUAL_TRY_ON
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d116 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
f9261c8148010a9582d8588220092d7759a8df8a77ccac58da63e9738486e8e7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 07 May 2024 02:30:52 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2939
BeautySquad_Logo-White
elfcosmetics.a.bigcontent.io/v1/static/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/BeautySquad_Logo-White
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d116 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
c9d4a41d3dcdef29d6b3888d8d5b9ab3fbcc673d4a120f0957221ebda7a40d3e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 07 May 2024 02:30:52 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2881
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		536 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6984d3c037381f2cc34e7000f061653706c452b4ba04d46be513241ce2aa2e68

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 07 May 2024 02:30:51 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
87fdca642d461e59-FRA
content-encoding
gzip
date
Tue, 07 May 2024 02:30:53 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/main.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cfMMgqnnnYda745QhUdJrw==
age
21083
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Mon, 06 May 2024 02:33:28 GMT
server
cloudflare
etag
0x8DC6D74E9990068
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4232d336-901e-004a-3ecf-9f710e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87fdca637e8e367b-FRA
gtm.js
www.googletagmanager.com/ 		491 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25a7916ac0882583f239e7d7fdeb6483a71bc0fa0d803ccfcf542843f010e9e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134427
x-xss-protection
0
last-modified
Tue, 07 May 2024 00:09:18 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 May 2024 02:30:52 GMT
api_dynamic.js
cdn.dynamicyield.com/api/8772046/ 		501 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:de00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
48dd2343ac3ef3252a4ad22a98c496fc9f700e0b9c473de1e1e54e12a5518771

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:47 GMT
content-encoding
gzip
via
1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 04:52:23 GMT
server
DYCDN
age
6
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
etag
W/"ac17f5d871f587d81803cecaaff723c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=30
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
I0_FCxPYkM9ZK0GtHANUvVnGW8nB70F_Wfd4Q-lFOZU2twFm7l24Og==
api_static.js
cdn.dynamicyield.com/api/8772046/ 		388 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:de00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 00:25:07 GMT
content-encoding
gzip
via
1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 04:52:24 GMT
server
DYCDN
age
7546
x-amz-cf-pop
FRA56-P11
etag
W/"64e0187feba0c97d38f8aabb6e6d66cd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
ZCiVxa-uXmA4kKGb7pj0z6NKIajTBbX7V04F1RL5s6G2LhnCoH4KuQ==
/
api.ipify.org/ 		23 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd37a7d3013a75f2617a9db3d3497220f2ac3039fd878f13a115bf3bd32a7bc4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
87fdca639b22bb95-FRA
content-length
23
/
api.ipify.org/ 		23 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd37a7d3013a75f2617a9db3d3497220f2ac3039fd878f13a115bf3bd32a7bc4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
87fdca649bbfbb95-FRA
content-length
23
/
sdk.iad-05.braze.com/api/v3/data/ 		399 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18280f9cb145047846d89977448ecfa5a2e1a4a4d168739fb9429da03fce9fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
9e4bc310-4bbb-4f48-8dd7-82b4dcf7a012
x-runtime
0.191117
server
cloudflare
etag
W/"18280f9cb145047846d89977448ecfa5"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1715049054
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
87fdca656e011e59-FRA
x-ratelimit-remaining
489.0
callback
www.elfcosmetics.com/
Redirect Chain
  • https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=...
  • https://www.elfcosmetics.com/callback?usid=5af36961-4a65-48e4-8a8b-42ee106d5f5b&code=2yOWmAQ5FUEqejzOlAuQCR_d6o5hYOqVXU9KSU1l6oE
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/callback?usid=5af36961-4a65-48e4-8a8b-42ee106d5f5b&code=2yOWmAQ5FUEqejzOlAuQCR_d6o5hYOqVXU9KSU1l6oE
Protocol
H2
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/mobile-app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 de5b26aba33b480d2b740b96a34fe916.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
x-amz-cf-pop
DFW57-P1
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
0356924e-421d-45e4-b8d7-a1b5e31d7a1e
x-yottaa-optimizations
ob/1000 si/32D1a5fec675-1714713947-8434125000 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
XYPOqEs0CYcEp5w=
content-length
0
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-6639925d-2f5d06a35f3f0c8a0092c8d8;Parent=2e7febdf95e13a09;Sampled=0;lineage=2b75b0e9:0
content-type
application/json
cache-control
public, max-age=604800
x-yottaa-os
200
x-yottaa-metrics
3221a5fec616/[221,215,-] 32D1a5fec675/[-,223.786]
x-amzn-remapped-date
Tue, 07 May 2024 02:30:53 GMT
x-amz-cf-id
4ndHy5AJm5Pz1qXJay3HNpU_aV_9B_S665RWeJHJnk7lf07-La6dZA==

Redirect headers

date
Tue, 07 May 2024 02:30:53 GMT
x-correlation-id
87fdca667c8e6357
via
1.1 a78d8f4a6ccd81221651cd6112d5330a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
DFW57-P1
age
0
x-yottaa-optimizations
ob/0 si/32D1a5fec675-1714713947-8434124998 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-ratelimit-1m-remaining
22830, 1912753
x-ratelimit-1m-reset
6758, 6758
x-ratelimit-1m-limit
24000, 2000000
vary
Accept-Encoding
location
https://www.elfcosmetics.com/callback?usid=5af36961-4a65-48e4-8a8b-42ee106d5f5b&code=2yOWmAQ5FUEqejzOlAuQCR_d6o5hYOqVXU9KSU1l6oE
cache-control
no-store
x-yottaa-os
303
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=MwG9LdrgGsgjiQH3btGRGx9F1HkTw02ayLjhE_08gX8
x-yottaa-metrics
3221a5fec614/[173,169,-] 32D1a5fec675/[-,175.637]
cf-ray
87fdca667c8e6357-ORD
x-amz-cf-id
hl5Ol-gBWOIj3PptYz9zJDYtC8RTbtB_VOM9O9OTY_iGLe5tUXu39A==
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		600 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
eaee82aad68d6abfa02dc9f7b9ec11a2b9fd51b44ee2ff87f15112e50a25e675

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 07 May 2024 02:30:51 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55baa715ccc8c2512bceb1c949c1d0927944ca327e7edd2d5fc312d2a41986e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
26929
content-md5
j7e7fSdncC8T3SCV/IpUig==
content-length
1740
x-ms-lease-status
unlocked
last-modified
Mon, 08 Apr 2024 18:41:03 GMT
server
cloudflare
etag
0x8DC57FB71838BE4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c3fb1654-801e-0031-68e4-89d890000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87fdca64487a18e1-FRA
expires
Wed, 08 May 2024 02:30:52 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept
application/json
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
87fdca652b709f45-FRA
access-control-allow-headers
Content-Type
st
st.dynamicyield.com/ 		118 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=qqt56ont2xmpgof55neez17egg2o9sjb&ref=&scriptVersion=2.32.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22OTHER%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:f200:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
523d6b837f423cf23cd54e1a67fce85a8e1337f8e4e5f3f55358c0face75ec64

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
gzip
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control
no-cache
x-amz-cf-id
I9XEYn04kKK5GMwXpkks7f2vmW8aJHfV1RHZA2uuoq1I0iVe7sneoA==
expires
Tue, 07 May 2024 02:30:52 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 May 2024 02:07:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1384
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 07 May 2024 04:07:49 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202306.1.0/ 		404 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XJk1ZZTljtwHFT3qcIJg+w==
age
83851
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
99599
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:36 GMT
server
cloudflare
etag
0x8DB82A15D413626
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
80bad15d-801e-006c-2fda-12d214000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87fdca659f9f367b-FRA
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=745318047.1715049053&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3STMXv89660829...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=745318047.1715049053&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3...
42 B
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=745318047.1715049053&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3STMXv896608294za200&auid=707255455.1715049053
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=745318047.1715049053&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3STMXv896608294za200&auid=707255455.1715049053
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/018ebeca-e8af-7f81-b182-0c90ba9664dd/ 		158 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/018ebeca-e8af-7f81-b182-0c90ba9664dd/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a9baac0b53c708a5279b1ddfe54ec7f0a40699210e0caf05419d0aa1b330d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
21899
content-md5
9wsMlq8mrfV+OngAz8tXzg==
content-length
34664
x-ms-lease-status
unlocked
last-modified
Mon, 08 Apr 2024 18:41:16 GMT
server
cloudflare
etag
0x8DC57FB7975EDF7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d7d31a7a-c01e-0030-49e4-89874c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87fdca66198e18e1-FRA
expires
Wed, 08 May 2024 02:30:53 GMT
collect
www.google-analytics.com/j/ 		3 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1279630438&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dp=%2Fmobile-app&ul=de-de&de=UTF-8&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=1458883948&gjid=237234473&cid=1496105399.1715049053&tid=UA-432816-1&_gid=652940730.1715049053&_r=1&_slc=1&gtm=45He4510n81WL3STMXv896608294za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&z=396365881
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5mNZducabMgxSDzBo+ZI8w==
age
28704
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:30 GMT
server
cloudflare
etag
0x8DB82A159AF8EA6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0c718e4e-201e-0081-6f27-129959000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87fdca6669bd18e1-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/ 		61 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
sXFDxCJwbPEMIT/8f5Prwg==
age
36954
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12544
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:33 GMT
server
cloudflare
etag
0x8DB82A15AFF8646
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
99943331-001e-00a9-52a5-21f8f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87fdca6669be18e1-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
v0pzgeeelPwcAOki15i3HA==
age
36954
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1766
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:32 GMT
server
cloudflare
etag
0x8DB82A15AB9FB83
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cd67b2fb-901e-0094-1c03-248eea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87fdca6669bf18e1-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
oWkBTLgDDXvrUsd93y/Zxg==
age
33080
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b54dfe3f-901e-004f-6264-2348d7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
87fdca6669c018e1-FRA
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
39426
x-ms-lease-status
unlocked
last-modified
Mon, 06 May 2024 02:33:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
762ad8e0-101e-005b-0164-9f4615000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
87fdca66a81d367b-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
515 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
25179
x-ms-lease-status
unlocked
last-modified
Mon, 06 May 2024 02:33:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
177a7400-d01e-0020-50bc-9f2da5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
87fdca66b9e318e1-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
39426
content-length
4036
x-ms-lease-status
unlocked
last-modified
Mon, 06 May 2024 02:33:30 GMT
server
cloudflare
etag
0x8DC6D74EAF80EF0
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
54e4e94e-f01e-003c-2664-9ff5b2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87fdca66c82e367b-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 02:30:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
7986
x-ms-lease-status
unlocked
last-modified
Mon, 06 May 2024 02:33:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
855efd17-001e-0022-4fe8-9f2f5f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
87fdca66c82f367b-FRA
dy-coll-min.js
cdn.dynamicyield.com/scripts/2.32.0/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:de00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 06:06:04 GMT
content-encoding
gzip
via
1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
last-modified
Tue, 02 Apr 2024 09:13:12 GMT
server
DYCDN
age
2579090
x-amz-cf-pop
FRA56-P11
etag
W/"65b3e284856fb8d657d1f6a3423618c7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
tRN018Q1hRQaOikUudx1MGzvZJokliRch73G26T-vt4mP3M7DK8nQQ==
uia
async-px.dynamicyield.com/ 		0
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/uia?cnst=1&_=1715049053321
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-91.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
via
1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
l37Kwu8BfYFusEnW4TZap6Cq4KqUPLPP4XjKb-c5yiXaDcji1AzqXg==
expires
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1279630438&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dp=%2Fmobile-app&ul=de-de&de=UTF-8&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=aEBAAEABAAAAACgAIkC~&cid=395156231.1715049053&tid=UA-432816-1&_gid=868683319.1715049053&gtm=45He4510n81WL3STMXv896608294za200&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=content&cd19=&cd21=US&gcs=G100&gcd=13u3u3u2u5&dma_cps=-&dma=1&npa=1&z=1858731016
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 01:31:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3563
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.ico
www.elfcosmetics.com/ 		34 KB
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/mobile-app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
via
1.1 c31337642f54c5bd34bb485701d02e8a.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
34494
x-amz-cf-pop
DFW57-P1
age
259, 259
x-amzn-remapped-connection
close
x-amzn-requestid
59aed78a-1152-4c62-968d-615aaf41feea
x-yottaa-optimizations
ob/100 si/32D1a5fec675-1714713947-8434124999 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront
x-amz-apigw-id
XXIcXFJ2iYcED2Q=
content-length
34494
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 May 2024 18:22:06 GMT
x-amzn-trace-id
Root=1-6639211b-6c5816ea2af3eada312ed514;Parent=7698342b59671235;Sampled=0;lineage=2b75b0e9:0
etag
W/"86be-18f4f243cb0"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=600, s-maxage=600
x-yottaa-metrics
3221a5fec615/[6,-,1715048625355] 32D1a5fec675/[-,8.030]
accept-ranges
bytes
x-amzn-remapped-date
Mon, 06 May 2024 18:27:39 GMT
x-amz-cf-id
DgWy4i-dYZiXpFyr3pwZ8I3smfi8Vy0CGl7qCEl7i3u7hXefmHC5Fg==
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=510988&uid=-360287732251389347&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=fd304a9a925e86002690f280f866f47d&expSes=57972&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=-3815269016448359137&cgtgDecisionId=-3815269017127745399&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715049053366&rri=5163907
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-91.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
via
1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
1k7WFWmizBfaEnccr4WTtE85Kr_Gz_Aws74SIMGue83OVsIbEu8LVg==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=212929&uid=-360287732251389347&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=fd304a9a925e86002690f280f866f47d&expSes=57972&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=-3815269016999687939&cgtgDecisionId=-3815269016289858395&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715049053367&rri=6485450
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-91.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
via
1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
ZG1n6E7mVXFQmvQ-6v4OhEfCpZeHwhOKOdLeESwOiFpiQywi2hBqGg==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=474971&uid=-360287732251389347&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=fd304a9a925e86002690f280f866f47d&expSes=57972&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=-3815269013663024404&cgtgDecisionId=-3815269014701379263&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715049053367&rri=702744
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-91.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
via
1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
JzCc_Rr3ionm7DdC1fesA01qfETS26YM2fZ-74DYIvJsN3tk6BGqjA==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=644687&uid=-360287732251389347&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28646951%5D&ses=fd304a9a925e86002690f280f866f47d&expSes=57972&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=-3815269013552088232&cgtgDecisionId=-3815269015412016362&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715049053368&rri=1225859
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-91.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
via
1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
VklKkyx3dVYPbn-z0CSIcMqS7kDRQwOo7QadDxUmcBxFUtro0iupbw==
expires
0
batch
async-px.dynamicyield.com/ 		0
383 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1715049053419_517074
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-91.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
via
1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
YKn2vpFKDMAuUcp6yRJSrBvA7piqsG26WTYXfMBcKGZ00-9v2Z8UlQ==
expires
0
event
qoe-1.yottaa.net/log-nt/ 		3 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/log-nt/event
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.2.133.133 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 07 May 2024 02:30:54 GMT
access-control-expose-headers
X-Results-Data-Source
access-control-allow-credentials
true
cache-control
no-cache
timing-allow-origin
*
content-type
text/json
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
87fdca682f9f1e59-FRA
content-encoding
gzip
date
Tue, 07 May 2024 02:30:53 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da8aae114d6d4c265972756514330f1d5ea7be03c67f3069bd46cb909dc6fb51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://www.elfcosmetics.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
0718279a-5b77-47d7-9fad-fc7bcedde9d3
x-runtime
0.054740
server
cloudflare
etag
W/"da8aae114d6d4c265972756514330f1d"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1715049054
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
87fdca69384c1e59-FRA
x-ratelimit-remaining
482.0
110221.ct.js
tag.rmp.rakuten.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.rmp.rakuten.com/110221.ct.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
305fe9a5f5590087ad5d80aa44c7a7f1416966806e955ce7a42ab086ec14e38c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Tue, 07 May 2024 02:30:53 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js
www.paypal.com/sdk/ 		419 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE2) /
Resource Hash
abb7882a9e23903be24a3a14d7985d428d1f3d2249ba27a2e76701e0d9055ba9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Yw7Xkd28SLYQ9xGyiIK3xI21vdMLw+ua4dAC3tf5vByf8dkB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Yw7Xkd28SLYQ9xGyiIK3xI21vdMLw+ua4dAC3tf5vByf8dkB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Yw7Xkd28SLYQ9xGyiIK3xI21vdMLw+ua4dAC3tf5vByf8dkB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Yw7Xkd28SLYQ9xGyiIK3xI21vdMLw+ua4dAC3tf5vByf8dkB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 May 2024 02:30:53 GMT
disable-set-cookie
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
10487
x-cache
HIT
p3p
true
paypal-debug-id
040864427a0a3
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
117887
x-xss-protection
1; mode=block
last-modified
Mon, 06 May 2024 23:36:07 GMT
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CE2)
traceparent
00-0000000000000000000040864427a0a3-799d873affbc86c3-01
etag
W/"1cc7f-OZoMBKgfiM36COFP0ztzNEtoN38"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
timing-allow-origin
*
main.js
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 		146 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.65.127 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-65-127.deploy.static.akamaitechnologies.com
Software
nginx / Express
Resource Hash
2e8fd8d487b4259dbdc6c529f742806377fae205c8dc7d0f35ac8797bafe5b3b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Date
Tue, 07 May 2024 02:30:53 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"db6eabd7a2ac6b935230c83262dc23ffabc8fe3c-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, max-age=900
Connection
keep-alive
Content-Length
43370
Expires
Tue, 07 May 2024 02:45:53 GMT
/
websdk.appsflyer.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 02:30:53 GMT
Content-Encoding
gzip
x-amz-request-id
2YBFDHXY2BG0X743
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
11792
x-amz-id-2
X0mLy+zhQfGcMJeE6Lu48tPmxFSWqOpnSxdZQBh4ixekSso906hm/iT5X8JInwPSkeLM9fgFwoQ=
Last-Modified
Wed, 14 Jun 2023 06:58:45 GMT
Server
AmazonS3
ETag
"5a676288bcea03bd05e483bc4ce066ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2880
Accept-Ranges
bytes
X-DataStream-Cache-Status
2
Expires
Tue, 07 May 2024 03:18:53 GMT
js
www.googletagmanager.com/gtag/ 		325 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
917b28d18a83c6f1b1198b508e2634c26b74f90e6b958c277392cebb42d6078c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108095
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 May 2024 02:30:53 GMT
js
www.googletagmanager.com/gtag/ 		304 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86c426e9d9ba97676c169da0f301f92e862ef056c2143044ad8816da7c83af63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102780
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 May 2024 02:30:53 GMT
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		32 B
49 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7586f9164e6bc95d916e3828d687c85f77cf253b34a5908fffa5f6f17dfd0d72

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 07 May 2024 02:30:52 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
1a8bfa042c9c5.js
t.contentsquare.net/uxa/ 		295 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-53.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc9ea760e99c7aeb29b3da195ff38ecb90d6699e6e437ba9fb6ba5c8a2912b01

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 14:13:31 GMT
content-encoding
br
via
1.1 5d328d2e734cff11e41c897ec72f465e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
72162
last-modified
Mon, 06 May 2024 14:12:04 GMT
server
AmazonS3
etag
"66d6e9575960179e8cacdf4ecc4b23e8"
vary
Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
btzoApcmsleAu28_xJdc-AdjakWh2tGN5QVOPZ9hZc4oIOvKTeJpXQ==
destination
www.googletagmanager.com/gtag/ 		207 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
78b1cf38c2a5031ec31bcd1b79194dff826e1f9287e65fe60cc170b788acd641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76360
x-xss-protection
0
last-modified
Tue, 07 May 2024 00:09:18 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 May 2024 02:30:53 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je4560h2v879088318z8896608294za200&gcs=G100&gcd=13u3uPu2u5&npa=1&dma_cps=-&dma=1&cid=1338422452.1715049054&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&_s=1&sid=1715049053&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=5167
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		207 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
02a0da6bb5e16a0ddf311156d5134696a379830a983a7ba1e405ffc1c2f62c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76353
x-xss-protection
0
last-modified
Tue, 07 May 2024 00:09:18 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 May 2024 02:30:53 GMT
collect
sgtm.elfcosmetics.com/g/ 		65 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4510v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=159071809.1715049054&ecid=1905217221&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-HE&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&sst.rnd=745318047.1715049053&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=1&sid=1715049053&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5206&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
local
www.paypal.com/credit-presentment/experiments/ Frame C353 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.63.0&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC3) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
28987
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1526
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Tue, 07 May 2024 02:30:53 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"1479-K2mS5eassyfvXXLuuWOBasENhJU"
last-modified
Mon, 06 May 2024 18:27:46 GMT
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
0674219801a5b
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (frc/4CC3)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-00000000000000000000674219801a5b-9d273c82030480ef-01
vary
Accept-Encoding
x-cache
HIT
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.com&t=xo&v=5.0.434&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C95) /
Resource Hash
4bbde173cb79276962274c39994e982fd3be187559ae1f92e11b2e3ed0072220
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-KCIE9VOzrxj6Z3IjYE2trchSx54x3SyBvXspCDFISOKx2jb+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-KCIE9VOzrxj6Z3IjYE2trchSx54x3SyBvXspCDFISOKx2jb+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 May 2024 02:30:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
26982
x-cache
HIT
paypal-debug-id
048832a888b13
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
4796
x-xss-protection
1; mode=block
last-modified
Mon, 06 May 2024 19:01:12 GMT
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4C95)
traceparent
00-0000000000000000000048832a888b13-43037fa58d8127f7-01
etag
W/"3691-od02VP+RCPjtWiGoX1CYFuL31fs"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
timing-allow-origin
*
collect
sgtm.elfcosmetics.com/g/ 		65 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4510v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=159071809.1715049054&ecid=1905217221&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-HE&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&sst.rnd=745318047.1715049053&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=2&sid=1715049053&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&en=pageview&ep.vendor_id=pinterest&ep.email=&_et=2&tfd=5289&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:53 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1279630438&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dp=%2Fmobile-app&ul=de-de&de=UTF-8&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=50%25&_u=aEBAAEABAAAAACgAIkC~&cid=1593536372.1715049054&tid=UA-432816-1&_gid=230231149.1715049054&gtm=45He4510n81WL3STMXv896608294za200&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=content&cd19=&cd21=US&gcs=G100&gcd=13u3u3u2u5&dma_cps=-&dma=1&npa=1&z=108909772
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 01:31:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3563
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1279630438&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dp=%2Fmobile-app&ul=de-de&de=UTF-8&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=75%25&_u=aEBAAEABAAAAACgAIkC~&cid=578442863.1715049054&tid=UA-432816-1&_gid=647923352.1715049054&gtm=45He4510n81WL3STMXv896608294za200&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=content&cd19=&cd21=US&gcs=G100&gcd=13u3u3u2u5&dma_cps=-&dma=1&npa=1&z=797283458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 01:31:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3563
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1279630438&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dp=%2Fmobile-app&ul=de-de&de=UTF-8&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=95%25&_u=aEBAAEABAAAAACgAIkC~&cid=366938287.1715049054&tid=UA-432816-1&_gid=2032147743.1715049054&gtm=45He4510n81WL3STMXv896608294za200&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=content&cd19=&cd21=US&gcs=G100&gcd=13u3u3u2u5&dma_cps=-&dma=1&npa=1&z=116684328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 01:31:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3563
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
token
www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a3b22231299e16f1f6f9ac89c77f2520a2a0431fb59a115f31ab1ae84ee6fcb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
c_x-pwa-request
true
Referer
https://www.elfcosmetics.com/mobile-app
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
content-encoding
gzip
x-correlation-id
87fdca6afb0be1f3
cf-cache-status
DYNAMIC
via
1.1 ad310b4d7c581c35032fa3fce068e53c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
DFW57-P1
age
0
x-yottaa-optimizations
ob/1000 si/32D1a5fec675-1714713947-8434125003 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-ratelimit-1m-remaining
22809, 1911640
x-ratelimit-1m-reset
6036, 6035
vary
Accept-Encoding, User-Agent
x-ratelimit-1m-limit
24000, 2000000
content-type
application/json
cache-control
no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics
3221a5fec619/[154,151,-] 32D1a5fec675/[-,156.086]
cf-ray
87fdca6afb0be1f3-ORD
x-amz-cf-id
CbtI9NlssP05UrwOpq6Fcop5tQn9WssVRJeoposBaRA-18Ztdu8lIw==
src=9231397;dc_pre=CLz0hs2_-oUDFbEcogMdXeQPAA;type=retarget;cat=globa0;ord=5364263701857;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=5364263701857;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124...
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLz0hs2_-oUDFbEcogMdXeQPAA;type=retarget;cat=globa0;ord=5364263701857;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;u...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLz0hs2_-oUDFbEcogMdXeQPAA;type=retarget;cat=globa0;ord=5364263701857;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app?
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLz0hs2_-oUDFbEcogMdXeQPAA;type=retarget;cat=globa0;ord=5364263701857;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pageview
c.contentsquare.net/ 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.contentsquare.net/pageview?ex=&dt=96&pvt=n&cvars=%7B%223%22%3A%5B%22Page%20Type%22%2C%22content%22%5D%7D&cvarp=%7B%223%22%3A%5B%22Page%20Type%22%2C%22content%22%5D%7D&la=de-DE&uc=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dr=&dw=1600&dh=3156&ww=1600&wh=1200&sw=1600&sh=1200&uu=ace67256-e3b6-ab1a-a79a-9a31a9c81a3e&sn=1&hd=1715049053&v=14.10.0&pid=1926&pn=1&r=219004
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.140.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-140-92.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
src=10742279;dc_pre=CM_cic2_-oUDFVEMogMdEBoEDQ;type=elf8j0;cat=glo_flap;ord=8618596193482;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CG...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=8618596193482;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0...
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CM_cic2_-oUDFVEMogMdEBoEDQ;type=elf8j0;cat=glo_flap;ord=8618596193482;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CM_cic2_-oUDFVEMogMdEBoEDQ;type=elf8j0;cat=glo_flap;ord=8618596193482;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510h1v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app?
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CM_cic2_-oUDFVEMogMdEBoEDQ;type=elf8j0;cat=glo_flap;ord=8618596193482;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510h1v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
66ac1354-5c69-49a6-8ce8-6fe8a0a9e336
https://www.elfcosmetics.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.elfcosmetics.com/66ac1354-5c69-49a6-8ce8-6fe8a0a9e336
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b6bc1aaf438e1b7ca4df626c3ccbba4d73ac05b8ad1a31bb2b556da0bfaa0a7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
7329
Content-Type
application/javascript
ts
t.paypal.com/ 		42 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715049053951&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Tue, 07 May 2024 02:30:54 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
902b22ca3fa2f
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220147-FRA
pragma
no-cache
correlation-id
902b22ca3fa2f
traceparent
00-0000000000000000000902b22ca3fa2f-df831cf59190f86b-01
x-timer
S1715049054.010805,VS0,VE170
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 May 2024 02:30:54 GMT
jsp
ut.rd.linksynergy.com/ 		148 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e52361811c212ebe7b9cc098c574317ec3c557476cf42be4d6fe9b5a65b443ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/plain; charset=utf-8
date
Tue, 07 May 2024 02:30:54 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-samesite
secure
dvar
c.contentsquare.net/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.contentsquare.net/dvar?v=14.10.0&pid=1926&pn=1&sn=1&uu=ace67256-e3b6-ab1a-a79a-9a31a9c81a3e&dv=H4sIAAAAAAAAA0WMsQrCUAxFfyVkdnHtpq0VwVEKnUraBgnERF6DWor%2F7hOUjvdwzl1wt%2B%2Bqtjuq96RQukVyhQtPgQVWs9FNBmiFdYTD685J2AaecPPrVgbbHDSUhELc8vorZ3%2FCyYLt%2B1i6KvWesvRgqEUj53bF9wcxTAoRiQAAAA%3D%3D&ct=2&r=503219
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.140.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-140-92.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:54 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
viewPage
api.cquotient.com/v3/activities/bbxc-elf-us/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.198.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-198-165.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cq-client-id
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type, x-cq-tenant, x-cq-client-id
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.com
content-length
0
date
Tue, 07 May 2024 02:30:54 GMT
server
envoy
strict-transport-security
max-age=15552000; includeSubdomains
x-envoy-upstream-service-time
1
sessions
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/mobile-app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjVhZjM2OTYxLTRhNjUtNDhlNC04YThiLTQyZWUxMDZkNWY1YiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTUwNDkwMjMsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibHVkS2tYdzNsSGNSbGVjMGxxWVltZXNZOjpjaGlkOiAiLCJleHAiOjE3MTUwNTA4NTMsImlhdCI6MTcxNTA0OTA1MywianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjI3NzE4NTMwODg4OTc0NCJ9.iApmsESVX4v4eU4YfkE1Fc4h6Minu3WW7pg2QWB1EdpHF72BFf0FD5VsNmcEnMH1cunDdhm30cHh16WBkwyySQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
via
1.1 b5141080f2dac9506b5156fa7721b41c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
DFW57-P1
age
0
x-yottaa-optimizations
ob/0 si/32D1a5fec675-1714713947-8434125004 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
allow
OPTIONS,POST
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
3221a5fec61a/[143,140,-] 32D1a5fec675/[-,145.864]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions
accept-ranges
bytes
cf-ray
87fdca6cdccf0285-ORD
x-dw-request-base-id
DRBCTV6SOWYBAAB_
x-amz-cf-id
1N-MmmUQ1fgRXkYa15vzG9RmMU8jF12HeD9JYdXQTaBjzPD7WFLKoA==
x-yottaa-os
204
expires
Thu, 01 Dec 1994 16:00:00 GMT
shoppercontext
www.elfcosmetics.com/api/v1/ 		114 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjVhZjM2OTYxLTRhNjUtNDhlNC04YThiLTQyZWUxMDZkNWY1YiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTUwNDkwMjMsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibHVkS2tYdzNsSGNSbGVjMGxxWVltZXNZOjpjaGlkOiAiLCJleHAiOjE3MTUwNTA4NTMsImlhdCI6MTcxNTA0OTA1MywianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjI3NzE4NTMwODg4OTc0NCJ9.iApmsESVX4v4eU4YfkE1Fc4h6Minu3WW7pg2QWB1EdpHF72BFf0FD5VsNmcEnMH1cunDdhm30cHh16WBkwyySQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.elfcosmetics.com/mobile-app
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 7d27498ef63e76e5a81975299a76fae4.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
114
content-encoding
gzip
x-amz-cf-pop
DFW57-P1
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
0bb0451d-31fc-4111-b933-13086d5433f5
x-yottaa-optimizations
ob/1000 si/32D1a5fec675-1714713947-8434125005 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
XYPOxG75CYcEUgQ=
content-length
108
alt-svc
h3=":443"; ma=86400
etag
W/"72-HgdmTgyCF/DQfqnMU3u+4UstAzI"
x-amzn-trace-id
Root=1-6639925e-6ae23bb1383801fc55c92a06;Parent=04a54c65207b8edf;Sampled=0;lineage=2b75b0e9:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
3221a5fec6ed/[697,694,-] 32D1a5fec675/[-,700.042]
x-amzn-remapped-date
Tue, 07 May 2024 02:30:54 GMT
x-amz-cf-id
NUwvSJBobMLHnr75Ws4Ea-wOAxMDytRFBNjsu2jdqnbm4mHtb2CaOw==
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
286a4ffde8227357ce5f5624eb017f7bdc258dd39a3f8e13503c58f2197c1cbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://www.elfcosmetics.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
50c51e63-2484-4911-9466-9f4f4892ec32
x-runtime
0.040810
server
cloudflare
etag
W/"286a4ffde8227357ce5f5624eb017f7b"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1715049057
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
87fdca6c29ea1e59-FRA
x-ratelimit-remaining
497.0
geo-ip
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
899 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.28
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.com/mobile-app
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 60b2b330807c6611e06e3923c8e315cc.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW57-P1
x-yottaa-optimizations
ob/1000 si/32D1a5fec675-1714713947-8434125007 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.28
x-yottaa-metrics
3221a5fec6ef/[106,103,-] 32D1a5fec675/[-,109.378]
cf-ray
87fdca6da8922be7-ORD
x-dw-request-base-id
DRBITV6SOWYBAAB_
x-amz-cf-id
zoqPxF5KUOa02dYQqYas3wQb5GngtKdd1oyU3o9Nljdks5Mpyz54pA==
geo-ip
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.28
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.com/mobile-app
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 e665d09233240df4d3172e59222e0ba2.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW57-P1
x-yottaa-optimizations
ob/1000 si/32D1a5fec675-1714713947-8434125009 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.28
x-yottaa-metrics
3221a5fec6f1/[117,114,-] 32D1a5fec675/[-,119.938]
cf-ray
87fdca6f494de255-ORD
x-dw-request-base-id
HVqNE16SOWYBAAB_
x-amz-cf-id
om0-ngbKgBrVkzKnYvxCA-Lk_MXDmJuFzgTzOuoobMNGPnN9itE5Iw==
baskets
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abludKkXw3lHcRlec0lqYYmesY/ 		11 B
875 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abludKkXw3lHcRlec0lqYYmesY/baskets?siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjVhZjM2OTYxLTRhNjUtNDhlNC04YThiLTQyZWUxMDZkNWY1YiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTUwNDkwMjMsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibHVkS2tYdzNsSGNSbGVjMGxxWVltZXNZOjpjaGlkOiAiLCJleHAiOjE3MTUwNTA4NTMsImlhdCI6MTcxNTA0OTA1MywianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjI3NzE4NTMwODg4OTc0NCJ9.iApmsESVX4v4eU4YfkE1Fc4h6Minu3WW7pg2QWB1EdpHF72BFf0FD5VsNmcEnMH1cunDdhm30cHh16WBkwyySQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://www.elfcosmetics.com/mobile-app
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
sfdc_customization
HOOK
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
87fdca6d4e64874b
x-content-type-options
nosniff
via
1.1 4bbf91f2f9edc22eb68408b6405ae452.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW57-P1
x-yottaa-optimizations
ob/1000 si/32D1a5fec675-1714713947-8434125006 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
content-length
37
allow
GET,HEAD,OPTIONS
x-ratelimit-remaining
999
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
sfdc_load
3
cache-control
max-age=0,no-cache,no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abludKkXw3lHcRlec0lqYYmesY/baskets?siteId=elf-us
x-ratelimit-limit
99999
accept-ranges
bytes
cf-ray
87fdca6d4e64874b-ORD
x-amz-cf-id
pSZZ4BDLSSrRQ4Kj4rosKnoFEYK4nN-_8Hs2GcLmbU1qwG_yb8b8wQ==
x-yottaa-metrics
3221a5fec6ee/[185,181,-] 32D1a5fec675/[-,187.862]
viewPage
api.cquotient.com/v3/activities/bbxc-elf-us/ 		98 B
516 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/main.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.198.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-198-165.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
ff1f780d69505088867f3dc7f483654dd5801f0bd04107ca1f0c2aac143d2cbc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-cq-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
strict-transport-security
max-age=15552000; includeSubdomains
server
envoy
etag
W/"62-F3C4Bja1K9EdJqpoOUDtzCcycDc"
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
content-length
98
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
e1c036932c164
dc
ccg11-origin-www-1.paypal.com
content-length
16355
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (frc/4CA9)
traceparent
00-0000000000000000000e1c036932c164-c24978595d3967ae-01
etag
"64f25363-daa8+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 07 May 2024 03:30:54 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 388D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16754
content-type
text/html
date
Tue, 07 May 2024 02:30:54 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc+gzip"
expires
Tue, 07 May 2024 03:30:54 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
993dc950f6c83
server
ECAcc (frc/4CBF)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000993dc950f6c83-92bfe9044c0d5723-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
ts
t.paypal.com/ 		42 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715049054339&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Tue, 07 May 2024 02:30:54 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
f8c4d8dca6038
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220147-FRA
pragma
no-cache
correlation-id
f8c4d8dca6038
traceparent
00-0000000000000000000f8c4d8dca6038-811d0c5ccf6c0987-01
x-timer
S1715049054.349080,VS0,VE146
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 May 2024 02:30:54 GMT
exist
srm.ba.contentsquare.net/ 		2 B
94 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srm.ba.contentsquare.net/exist?v=14.10.0&pid=1926&pn=1&sn=1&uu=ace67256-e3b6-ab1a-a79a-9a31a9c81a3e
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.171.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-171-109.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 07 May 2024 02:30:54 GMT
content-length
2
content-type
application/json
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		32 B
49 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7586f9164e6bc95d916e3828d687c85f77cf253b34a5908fffa5f6f17dfd0d72

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
us.svg
www.elfcosmetics.com/mobify/bundle/11187/static/img/flag-icons/ 		9 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/mobify/bundle/11187/static/img/flag-icons/us.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/mobile-app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
via
1.1 a78d8f4a6ccd81221651cd6112d5330a.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DFW57-P1
age
450954
x-yottaa-optimizations
ob/1011 si/32D1a5fec675-1714588092-6054185796 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
742629
alt-svc
h3=":443"; ma=86400
content-length
676
x-amz-meta-bundle
11187
x-yottaa-forcecache
true
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-metrics
3221a5fec620/[3,-,1714597562877] 32D1a5fec675/[hit]
x-amz-cf-id
Tgs5iS6j2AVqOUpP-QVrXtqrk8QPD16h0wjuVT3LPveuWjsKJliyWQ==
baskets
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
2b7acbfba2a42f367e4c89b2c36c515662b3091b225ac7fc8a7dc1a03cc2d465
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjVhZjM2OTYxLTRhNjUtNDhlNC04YThiLTQyZWUxMDZkNWY1YiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTUwNDkwMjMsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibHVkS2tYdzNsSGNSbGVjMGxxWVltZXNZOjpjaGlkOiAiLCJleHAiOjE3MTUwNTA4NTMsImlhdCI6MTcxNTA0OTA1MywianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjI3NzE4NTMwODg4OTc0NCJ9.iApmsESVX4v4eU4YfkE1Fc4h6Minu3WW7pg2QWB1EdpHF72BFf0FD5VsNmcEnMH1cunDdhm30cHh16WBkwyySQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.com/mobile-app
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 e9bcf307d6ed54e3e501e39bc538dcfc.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW57-P1
age
0
x-yottaa-optimizations
ob/1000 si/32D1a5fec675-1714713947-8434125011 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-encoding
gzip
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1102
pragma
no-cache
etag
0004909bd68e2d97cf3a3a6e38eff6f4c4a056fb1d352d690f31b9738bedf0b1
allow
OPTIONS,POST
content-type
application/json;charset=UTF-8
x-dw-resource-state
0004909bd68e2d97cf3a3a6e38eff6f4c4a056fb1d352d690f31b9738bedf0b1
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
3221a5fec6f2/[191,187,-] 32D1a5fec675/[-,194.812]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets
accept-ranges
bytes
cf-ray
87fdca6fdb84e124-ORD
x-dw-request-base-id
qbAn4V6SOWYBAAB_
x-amz-cf-id
oxoKKFl1_DnVuy4PZzX8lyEWEkT3_-FED2pQlJQvLZoIF4eZ3i6fqA==
x-yottaa-os
200
expires
Thu, 01 Dec 1994 16:00:00 GMT
PWA-UpdateSession
www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/ 		56 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6

Request headers

c_x-pwa-request
true
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/mobile-app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:55 GMT
content-encoding
gzip
via
1.1 c31337642f54c5bd34bb485701d02e8a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
DFW57-P1
age
0
x-yottaa-optimizations
ob/1000 si/32D1a5fec675-1714713947-8434125014 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
content-type
application/json
cache-control
no-cache, no-store, must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
x-yottaa-metrics
3221a5fec6f4/[237,236,-] 32D1a5fec675/[-,239.415]
cf-ray
87fdca71ede249f5-ORD
x-dw-request-base-id
HVqYE1-SOWYBAAB_
x-amz-cf-id
2boieGDWWPY4UB8GnJUyDqpK7maCxtHODqqKFJeW9F0_qVvUCsZsEQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d116 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Tue, 07 May 2024 02:30:55 GMT
server
Unknown
x-amz-server-side-encryption
AES256
x-amp-srv
A
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
5378
icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d116 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 07 May 2024 02:30:55 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
996
icon-noun-hearts-257768v2
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-hearts-257768v2?%24Desktop%24=&fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d116 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
1ddc89ba3c2a29bf8b6a376737d491efdb8f9bcebc7c635639cda62390f45a06

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 07 May 2024 02:30:55 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
1031
us.svg
www.elfcosmetics.com/mobify/bundle/11187/static/img/flag-icons/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/mobify/bundle/11187/static/img/flag-icons/us.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.117 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/mobile-app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:54 GMT
via
1.1 a78d8f4a6ccd81221651cd6112d5330a.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DFW57-P1
age
450954
x-yottaa-optimizations
ob/1011 si/32D1a5fec675-1714588092-6054185796 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
742629
alt-svc
h3=":443"; ma=86400
content-length
676
x-amz-meta-bundle
11187
x-yottaa-forcecache
true
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-metrics
3221a5fec620/[3,-,1714597562877] 32D1a5fec675/[hit]
x-amz-cf-id
Tgs5iS6j2AVqOUpP-QVrXtqrk8QPD16h0wjuVT3LPveuWjsKJliyWQ==
458359.gif
idsync.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458359.gif?partner_uid=6b3de940-df41-4e7b-a8a1-3d67285f6e4a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
script-tag.js
cdn-scripts.signifyd.com/api/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:21:43 GMT
content-encoding
gzip
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
last-modified
Tue, 23 Apr 2024 14:51:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
553
x-amz-server-side-encryption
AES256
etag
W/"73ca6f23f3e08738233832c7a7a0c30c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
fAQ-hq9hZGjx_NnIm4pJbU8_qdWdII39U5pEq2B0YWX90-wZErGOUw==
company_toolkit.js
cdn-scripts.signifyd.com/api/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:29:37 GMT
content-encoding
gzip
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
last-modified
Tue, 30 May 2023 10:18:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
79
x-amz-server-side-encryption
AES256
etag
W/"2c3950f122b3977df61b0e077aaa92c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
U8aSIyunoF2XBeb8wnv7CBrpvW9ki6xVC7GzQ1sXnkO5yYqmvzJXwg==
zu07v5v5gu58rdet.js
imgs.signifyd.com/ 		96 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/zu07v5v5gu58rdet.js?s4sma7esmn9b8q7e=w2txo5aa&vwiy93yalm7vbyul=LzViYTRhOTAyNmJmZDVlMTk4NzI1NzBiMzEy
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
3a6ad261e05fd31071068560841a4a15cf2cf0a089dd1e5133b8d020a7fea025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 02:30:55 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP=IVAa PSAa
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
lF-5QochqeowcLOi
imgs.signifyd.com/ Frame 8B74 		278 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/lF-5QochqeowcLOi?1cd780b14aa79fdf=fWIc91RnrK6CXwQFP1W18Fra4ZpskNqiR7QoBxz1wmSer3nHAaZwKCIn9eKlE9hX3QqP3ifMc_IpLyX1jUnhROmAJutYxX2rJ7jBqKg8WqDuLwJBqorINI_Xfyg3y0hMA5V3uFgzCriWHSPuEURKftg_tqKivDxq89ypv7y537DrYQG9OmNNgBg72FJrDetTY7Ep7LnOtZYKo5Op&jb=3d33242e62736d7d375769666e677d7b2c6a71673557636e6e657f732f383239392c6a7b6a7f3f4b60726d656f266a7b68354960786f6f6d2d323a31383e
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/zu07v5v5gu58rdet.js?s4sma7esmn9b8q7e=w2txo5aa&vwiy93yalm7vbyul=LzViYTRhOTAyNmJmZDVlMTk4NzI1NzBiMzEy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
b30a99d147a1c1cdcc6ff2fdaf9819989da0e6f05406de48ccc69af2c01a8ecb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 02:30:55 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
6e20706105357d06
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
7fKiErla2e18Fj3H
imgs.signifyd.com/ Frame 8B74 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/7fKiErla2e18Fj3H?268cf665c0201929=HnID9thiSVqMEyIq2UtK-9HlosBzS4boCULYDk5pW_-T9q2926EBe8ccD8TxHSZ1ELHdAxarSnaiLS85K-reBpVkEvuEsy8VFnLtHLGjUdLA4FKEJmZUZmONDN-0Uuaftqyg_FKrXPpAAoC_V6MMitTugWJ6CmW-IV9KrgI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 07 May 2024 02:30:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
3iP-JzIOtmvKZkdi
imgs.signifyd.com/ Frame 8B74 		81 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/3iP-JzIOtmvKZkdi?afae98f29361dbcd=JnZxg-F-_VJh1cGV4laoK2DaJcIr04vrgLjQaCNsvJzSH-d9kIgsPvYrwA0h8mlwDHo6Fknz7lplky2QtYXY6Oj2OW7Tcmc8hMyiPicF0K3JyiDg3YgSES_mNYzvpbhSFXOHEoHJ-61Nhk9T3UaItURJggm8laKXfDo9aoo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 07 May 2024 02:30:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
imgs.signifyd.com/fp/ Frame 8B74 		81 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/lF-5QochqeowcLOi?1cd780b14aa79fdf=fWIc91RnrK6CXwQFP1W18Fra4ZpskNqiR7QoBxz1wmSer3nHAaZwKCIn9eKlE9hX3QqP3ifMc_IpLyX1jUnhROmAJutYxX2rJ7jBqKg8WqDuLwJBqorINI_Xfyg3y0hMA5V3uFgzCriWHSPuEURKftg_tqKivDxq89ypv7y537DrYQG9OmNNgBg72FJrDetTY7Ep7LnOtZYKo5Op&jb=3d33242e62736d7d375769666e677d7b2c6a71673557636e6e657f732f383239392c6a7b6a7f3f4b60726d656f266a7b68354960786f6f6d2d323a31383e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*, w2txo5aa/6e20706105357d06lzviytrhotaynmjmzdvlmtk4nzi1nzbimzey
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 02:30:56 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 07 May 2024 02:30:56 GMT
Server
Apache
Etag
63475e197aa047f08709ae2a82f131d6
Content-Type
image/png
Access-Control-Allow-Origin
https://www.elfcosmetics.com
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Sun, 06 May 2029 02:30:56 GMT
2odWAXUSkG2wU1zx
imgs.signifyd.com/ Frame 7C4E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/2odWAXUSkG2wU1zx?636ee6a33a6b6b01=Tj7W_qJtDUSQM49Kxt-fyrgwBwwh-3hj_T20rELjryN2Kv2Lngv3Gl4mZ_KcFi-MH8VmE1SHc_QJHwaQg945-mGawyQb8FqGnLb1GrGd56_czC9wP6EooVFoIsamudHcX3SX-MDoJs6BURS83tx7k6EAfmlPJ60xo9OHfacoKD1TEFJc-xjLCD2WnjItzXBlVut3rqFeJPv_UwVdDjg
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/lF-5QochqeowcLOi?1cd780b14aa79fdf=fWIc91RnrK6CXwQFP1W18Fra4ZpskNqiR7QoBxz1wmSer3nHAaZwKCIn9eKlE9hX3QqP3ifMc_IpLyX1jUnhROmAJutYxX2rJ7jBqKg8WqDuLwJBqorINI_Xfyg3y0hMA5V3uFgzCriWHSPuEURKftg_tqKivDxq89ypv7y537DrYQG9OmNNgBg72FJrDetTY7Ep7LnOtZYKo5Op&jb=3d33242e62736d7d375769666e677d7b2c6a71673557636e6e657f732f383239392c6a7b6a7f3f4b60726d656f266a7b68354960786f6f6d2d323a31383e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Tue, 07 May 2024 02:30:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
_zEJacdwhvdVwzn6
imgs.signifyd.com/ Frame 8B74 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/_zEJacdwhvdVwzn6?e825cf27cd51760f=Au2JQ5TmdWrFrFOMa0E1tuEFVFlO3FQIlZH5_FWwojYEx0CXmxV87P4gLxQ25RqKFvRuNJ3hI4EpTCtAZO8UaEibhgwBz_qeSVn15Yti5EYadAhArrc4eIi8Bga5rt7IyaYuLz-FnzOXQnS1_05IsCziLyA&jb=3b3c24647b613f6a3c63303b3e6d323c3266343c31346838396e6e626f6b643b6a68383d6e6933
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/lF-5QochqeowcLOi?1cd780b14aa79fdf=fWIc91RnrK6CXwQFP1W18Fra4ZpskNqiR7QoBxz1wmSer3nHAaZwKCIn9eKlE9hX3QqP3ifMc_IpLyX1jUnhROmAJutYxX2rJ7jBqKg8WqDuLwJBqorINI_Xfyg3y0hMA5V3uFgzCriWHSPuEURKftg_tqKivDxq89ypv7y537DrYQG9OmNNgBg72FJrDetTY7Ep7LnOtZYKo5Op&jb=3d33242e62736d7d375769666e677d7b2c6a71673557636e6e657f732f383239392c6a7b6a7f3f4b60726d656f266a7b68354960786f6f6d2d323a31383e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 07 May 2024 02:30:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
aSWYCQP5J3lKjBD5
h.online-metrix.net/ Frame 99CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/aSWYCQP5J3lKjBD5?e322ed71bca1f72a=IQbiIUl6sXxixrBh7bjNvQLeZvWSs_Mr3D4TV-EkXfdfK17nq9jx4lZotkaXFR5CDlf7qtjiijs0QYIyv3P2A1JpyCa_x1X76uXMhdY81a8l60ZLwJiwwD-AArA024S2SWy7IvLypB6O-GEsMDL8wsopcXKPcF3Rq87If2TeL43NhCB4RW19pHMg4X3RoQksmaqhXeQ1cJaddjoK9mni
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/lF-5QochqeowcLOi?1cd780b14aa79fdf=fWIc91RnrK6CXwQFP1W18Fra4ZpskNqiR7QoBxz1wmSer3nHAaZwKCIn9eKlE9hX3QqP3ifMc_IpLyX1jUnhROmAJutYxX2rJ7jBqKg8WqDuLwJBqorINI_Xfyg3y0hMA5V3uFgzCriWHSPuEURKftg_tqKivDxq89ypv7y537DrYQG9OmNNgBg72FJrDetTY7Ep7LnOtZYKo5Op&jb=3d33242e62736d7d375769666e677d7b2c6a71673557636e6e657f732f383239392c6a7b6a7f3f4b60726d656f266a7b68354960786f6f6d2d323a31383e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Tue, 07 May 2024 02:30:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
__cqsSK12_WLKFuJ
imgs.signifyd.com/ Frame 644A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/__cqsSK12_WLKFuJ?7f957f8d6a430d69=w1t5VBYesTlRKIv02XdIxgyW0VZ-m8vnZPXmNOxTnqgzKq6bcmauIHeZpSmKRnm3RcD4yffoZGDvEKstkx4H7FI8Zo4W8WPnSrad4m3q8xvQxPAgjtnRq3KaquXTqr6tfWTgR1MrM-yZS6RyZtxXQZoIAcUDFgsEyss8Ar1Pitpiadyv_g03BuA7K2mONUmGUttmoNsErH8C6Q9WdcHl
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/lF-5QochqeowcLOi?1cd780b14aa79fdf=fWIc91RnrK6CXwQFP1W18Fra4ZpskNqiR7QoBxz1wmSer3nHAaZwKCIn9eKlE9hX3QqP3ifMc_IpLyX1jUnhROmAJutYxX2rJ7jBqKg8WqDuLwJBqorINI_Xfyg3y0hMA5V3uFgzCriWHSPuEURKftg_tqKivDxq89ypv7y537DrYQG9OmNNgBg72FJrDetTY7Ep7LnOtZYKo5Op&jb=3d33242e62736d7d375769666e677d7b2c6a71673557636e6e657f732f383239392c6a7b6a7f3f4b60726d656f266a7b68354960786f6f6d2d323a31383e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Tue, 07 May 2024 02:30:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
_zEJacdwhvdVwzn6
imgs.signifyd.com/ Frame 8B74 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/_zEJacdwhvdVwzn6?e825cf27cd51760f=Au2JQ5TmdWrFrFOMa0E1tuEFVFlO3FQIlZH5_FWwojYEx0CXmxV87P4gLxQ25RqKFvRuNJ3hI4EpTCtAZO8UaEibhgwBz_qeSVn15Yti5EYadAhArrc4eIi8Bga5rt7IyaYuLz-FnzOXQnS1_05IsCziLyA&ja=39333b392e2661353c302672373e3a2e6c3d333e38307231383a38266b6c3f393e3a3070393832382e737a7137363238723e38382c64727a353126313c3a382c3b383238243b36383826333a38302e393c3030243b3a3a3826313438382c3b323a3a2436383a2e3e3a3a26657c37303f6e35336c393134316f3e686e38303b6a3e36686439323f623a6b643b6b3e26656637302e7b636635383426646235627c7e70712d3b412f324c2f3a467d7d75266d66666b67796f6d7c69617b24636f652f3a4c6565626b646d2d6b707a2c786c373f2478603765303838666e6935373d3b39336e3e6d686d32393b3b6d623e6133333a393a6e24606037616a3f6f3a383a33633c3835383b336b3f393233326d6c39386333323b63393224627b653d5f616466677f73273a3a31312e607b68354968706765652f323a3b3a342c6071677d375761666e6d7f7b26687b68753d4b627a65656f266c606b3d3b342c646c6d37322466657e7035382c76726c3d477d786f706d2f3a4c4a6f726e61662667617e627a3d3e3a323b6c3b633a6a6f61383a65346b693536383a3038696e31373d3c303b666e3e3d38323b36396c3c65696938366c6b3936696c62643f383b3b3b3b3934692e64783d627e7c70792f31492d38462d3a4c757f7f2e67646c636f7b676d7e6169732c6b676d2f324c67676263666725697a702e783772647d676b6655666c6979602f3d4f6663647b652b70667f6f6964557561666e6f7f7b556f6d6c6963577a6c61716f7a2f3d4f6663647b652b70667f6f696455636c67686557696970676a61762d3f456669667b6f297a6c776f616e55717f636b6b7e636f6d2d3f456e6966716d29706e7d6d696e577960656b6177637e6d253f456c6b64736f2b72647d6d69665778676964706e697365722d3f4d6c6966736729786c7f676364577666695d78646b796d7a2f374d6e616e7b6f2170647f6f63665564677e696c7c722f3f4d666b66716d297a6c7d6f636c577b7665577c69657f6f7a2f3d4f6663647b652b70667f6f69645568697e6b253d4d6c63647b65246f665f63357d6d686f6657676a4f4c2f323a3b26302f383220477a65664f46273a3845512d383032263a2d38384968706765697f6d235d6d624d46273a384d4c5b442f30384d53273a3a312e382f3a3a20457067664f4c2f323a4f5b25383a45445b46253a384f512d3a3033263a253238496078676769776521576f6241637c576f6849617c2f32385f6f604f44414c4f46455f61647b7e696463676c576178726b737b253948273a384f585c57686e6d66645d65636e6d69722d394a2f32324d505455636663785f69656c7c7a656c2d3b48273a38455a5c55636f64657a556a7f66646d7a5f6261666c57666665637c2d39422d3a3a47505c5f666d7a74685769646b657a25314a2d323a45525e57666665637c57686c6d666e273b4a2530384f5854576c7a6b6f556467787c682f33482f3a304f52565778656c716f656c576766647b6f745f6b666967782f33402d3a304f585e557b686b6e677a577e65707c7f706d576c6d6c2f33422d38384f505e5f766d70747f726f556b6f677a706d7b796967665560787c63273b482532384f505e577e657a7c7d726f5f69656570786f717b61656e577a6d766b2d33402d383045505e577e6d7274777a6d5f6c69667e6d72556b6c617b65747a677a6b6b2d33402d383045505e577e6d7274777a6d5f67697878677255696e69657a5f7c6755676c6f65273b482532384f505e577952454a2d334825383a4745595567646d6765667c556b666c657a577f696e7c2f3b482d38304d4d5b5f6c6265557a65646e677a57676978656b722d3b42273a3a4f455b557b7e696464637a6c5f6e6578637e617e63746d7b2f334a2d3832474d535d7c6f78747d786d556e666f637c2d334825383a47455955766d707e757a6d5564646761765766696e6d6b7a2f3b482530384745595f7e6f70747f786757606b6c6e576c6e676974273b48253238454d59577e657a7c7d726f5f626b6466556c6e67697e5f64616467697a25314a2f3230474f5b557e6f72766d705f6b72786b715f6568686d6b7e253b4a2f30385f45404f465f6367666778576875646e6d725566666569742f39402d3a3a574d4a4d4e576b6f6f787865737b6f6c557c6f78767d7a655561797e6b253948273a385d454a4f465d6b676d727a6f73736d6e577e6d7274777a6d5f6f74692f3b422f38325f4d48474457696d657872677b796564577e6d727c7f7267576d7469312f394a25383a554d4a4d4c576b656f787a65717b6f645f7c6f707e7d78655d7b3b74692539482d323a5d474a4f465f6b6767727a6d73716d6e5f746d727c7f7a6f5f713b7c635573786d6a253948273a385d454a4f465d6c6d62776f557265666e6d786d785f6b666e6f2f33482f3a305d4f404f4455646d6a7f65577b68636c6f72732d394a2f3a3a57474a4f4c55646f7a7c68557e67707c7f726d2d39402d3a30554d48474c576e7a6b7f5562776e6e6578732f394a25383a554d4a4d4c576465716d57636d667e65787c2f3b482d3830554d4a47465f677f64746355667a697d253b4a2f30385f45404f465f706766716d67645f6f676c653b362c6d645f62373a3e6e3963303c6b3a3f396236306f6164303e3e33696e34633f6a3569363a326a386b6e373d393c267f6f667435416e766d66253238436669262c7765647a3d436e7e6f6425383a4b7a6179253a3845726d66474e2d383045666d61646d&jb=393f322e64713f45657a696466692f3a4c352c382d323a285d636664657d712d3a3a4e5c2d383239382e322d3942253a3a5f63663c34273b4a253830723c3c292f383249787a6c6d5f6f60436174273a4c35333f243b3c2d38302a434054474c2f384b25383a6e61636f253a384d676b636f2b2d383043607867676d2f3244393a342430243a26302f38325b696c617a612f304e3d3335263936
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/lF-5QochqeowcLOi?1cd780b14aa79fdf=fWIc91RnrK6CXwQFP1W18Fra4ZpskNqiR7QoBxz1wmSer3nHAaZwKCIn9eKlE9hX3QqP3ifMc_IpLyX1jUnhROmAJutYxX2rJ7jBqKg8WqDuLwJBqorINI_Xfyg3y0hMA5V3uFgzCriWHSPuEURKftg_tqKivDxq89ypv7y537DrYQG9OmNNgBg72FJrDetTY7Ep7LnOtZYKo5Op&jb=3d33242e62736d7d375769666e677d7b2c6a71673557636e6e657f732f383239392c6a7b6a7f3f4b60726d656f266a7b68354960786f6f6d2d323a31383e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 02:30:56 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
Content-Type
text/javascript;charset=UTF-8
4i6Euo8g9wElVLPl
w2txo5aaohcqb5m6jhqudwug5pwyg6zfa6tnlmxg6e20706105357d06am1.e.aa.online-metrix.net/ Frame 8B74 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2txo5aaohcqb5m6jhqudwug5pwyg6zfa6tnlmxg6e20706105357d06am1.e.aa.online-metrix.net/4i6Euo8g9wElVLPl?4c7ee2ee444e3585=Tn1iHgnGUfiO62ulZpBwtN6BXfVGqncPWWpRBuPgqt5IKhk8SeNpzbDqW2ZMLk3K1A3_7SL_tZdCe6KSsDf2WRDb6Hi6VxtmDSR7R--s9vrpXwzDeyP25E8mJ7KgVkVHxU236ehj1G4g7D8sAsb6l0E6rbP0z7xRs4d6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.134.131 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 07 May 2024 02:30:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gsYb_vKZo0wiTvgg
imgs.signifyd.com/ Frame 8B74 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/gsYb_vKZo0wiTvgg?ac6eab903fca9888=b4Bj9yknByEg66OP4rblr8sM054DPZuSev69RFvX6eSoaHb2O5hPV4dXqxO4cDGsOS6y845DndQilFbGJovNmToRTQtLOdmLoXFxsWiIe-goPBCdZWHpgytQssDFt4EKx-yoCISHNFVWz39-Ii3zgvrGoPk-HhSbq7CHuxLjlJkoT3TxD4VUGvXNZ3ZJ8HLHBxUwb3rNBXS47l2KzIw&jac=1&je=303e242e656566603728332d384b3b2d3843312d3a4339353d3e3d353c68613f3c386339303b603c30313b6b3b32336c3c3b3e6c693936383931386538686b383f6f666d3e3c6138693f3b3f3a653b6a3235323d333823
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/lF-5QochqeowcLOi?1cd780b14aa79fdf=fWIc91RnrK6CXwQFP1W18Fra4ZpskNqiR7QoBxz1wmSer3nHAaZwKCIn9eKlE9hX3QqP3ifMc_IpLyX1jUnhROmAJutYxX2rJ7jBqKg8WqDuLwJBqorINI_Xfyg3y0hMA5V3uFgzCriWHSPuEURKftg_tqKivDxq89ypv7y537DrYQG9OmNNgBg72FJrDetTY7Ep7LnOtZYKo5Op&jb=3d33242e62736d7d375769666e677d7b2c6a71673557636e6e657f732f383239392c6a7b6a7f3f4b60726d656f266a7b68354960786f6f6d2d323a31383e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 02:30:56 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
Content-Type
text/javascript;charset=UTF-8
vTu9r_M_mcWWtgWR
imgs.signifyd.com/ Frame 8B74 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/vTu9r_M_mcWWtgWR?a330b98dbfe15c50=ZHTDsQiXHxf5B27qSOEQlw5gwkiD98XhXjlzvUc2ReSGL5qflXTndDI1Sx3RNadJBI-BepyZ8d-7r5O6q5bUmXhu3JlVIalivY5y7nQNug-D_yyqep-qy9mdbomPWyCPOQxzlmQ8Uv0SijVy-TDc8cx_bvgjCDBGcCrJ-9ilx-LUcw2tt3KZxLlNQ5WW4B0DwPziREN7_BkneMfQakI&jf=3c3b362e7b696657786e64357e6c78574e75575f5161445162406f617e7b7a3c2e79696c576e637c6d3d333f3b35303c33383f3e2c736b6c577473706f377f656830676b6c79612e7b63665763657b353930353139383b3b3a36323f3a6132363e326b65396e323a383b303e38323069303636306965336c3a3b3a393a37323b3c323a303a3e6c386f6b61313f68393f316c66396e37676d6938396c323c68306964366d6b386963333e6d623369643e3e3e31306b33336b3965346e3f30343d686c6b3b3d34313f6d316b336e3b3e383b3b613e693b643a383260306e353b3f3f30653a6f6e386d6862313869656b626b3a6e63683a353e6b3e61386b393a316d663a313861267b636c557b63673f3b38343e30383838306b6b3a3e6b6b353e3a6832303b38616a3f30323a6b393d6d3c6366386a323361693f6d32393a343f3068333d3f6c673c3f62306e6b33356d326a393b3a3233383a323a356c6b3d37326c35303e3e61396a3b603c3d6461396b34303f38393b393e3766386b6633366e6e38376c3263316933326d6a32673c393234396f62333d336b6b2e7969647a3530
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 07 May 2024 02:30:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
_zEJacdwhvdVwzn6
imgs.signifyd.com/ Frame 8B74 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/_zEJacdwhvdVwzn6?e825cf27cd51760f=Au2JQ5TmdWrFrFOMa0E1tuEFVFlO3FQIlZH5_FWwojYEx0CXmxV87P4gLxQ25RqKFvRuNJ3hI4EpTCtAZO8UaEibhgwBz_qeSVn15Yti5EYadAhArrc4eIi8Bga5rt7IyaYuLz-FnzOXQnS1_05IsCziLyA&jac=1&je=3938363c2e267561633d313f38263b3f24302c39302c3b30243a26313d3d2c3b3d2c776d613730393f2e33393e2e3239322638302c776b3e35666e626c303964393d386a6a6f303238303339323138383032332e7a653766652660697c737e3d2f3d4a2538386e6d7e6f6c2d3a38273b49312c383a25324b2f3a387b7e61767d7b2538322f3949253838616069786761666d273a3a25354c2c61756c623569693d623b6d3e653c383b696b61693c643a693d633931383b3b3e33363e6835633b3b3f333e683466306c643e383c3a3833326c673c6e3a336e6b6e3a3c3d39246d72333d6b3b3b693c6f3037316d383b643a3d3f66396c666a386e38303f6b3b303c3463306865633b693b682e7f616a352d3748253838697269626b7c6d69747d7a6f273a3a2531492f323270323e2f3a3825304b2d323862637e66657979273a3a2f33492d38303e3c25303a2f32432d383a687a6b6e667b2d323825394b2d35482f354a2d38326a7a6b6c6c2d32302d3941253a384f65676d6c672d3a304968786565652f38302d3a49253a3a7c677a7b696d662f32322d39492f3a3831303c2d3238253d4e2d32492f354a2d38326a7a6b6c6c2d32302d3941253a3846657c2f33434925427861646e2d32382f304b2d38327e6d787161676e273a382533492f3a38302f32302d3f442f32492f3f422f38306a7a6b6e6c2d38302d3b41273a3843687a6565637d6725303a2d32492538387e6578796b67662f323a2d39432d3a32333a3e25323a2f3f4e2d3f44273a4b2538326c7f646c5c6f707b61656e446179762d3a32273b4b25354a2f3f482d3832607a696e6e2538382d334b2f303a4b627267656377652d32302d3843253a387e6f7a79696d662d323825394b2d32383b303c263a2e3e3b3c352639313a2d3832253f4e2d384b2f37402d3a3268726b646c253838273b492f323a4f656d6f6465273a3a43687a65656f2d3832273a4b2538327c6f7a7363656c2d3a38253b492f303a393236263a2e363b3c3f24393b38273a3a253d442f384b253d48273a3a687269666e273a3a2531492f323246657c27492442706966642f32382f3a432f38307e6d7873616764273a3a2531492f32323133263a263a2e322d3a322f374e2f3d442f38412d3a386d676a636e6d2d32302d39416669667b6f2d3843273a3a6d65646f662d32382f31492d38322d3a38273a4b25303a7a6c617c6c6778652f32302d3b412f32385d616e3938273a3a2f324b2d3830786461766e65726d5e6f7a7961656e273a3a2539412f383a313a243226382f323a2d38412d3a3275677d36342d383a2f3b4b6663647b652f374e2c7d616637273f4a2f323a6a7863666c73273a382533492f3d482d3d42273a3a627861646e2d32382f31492d38324f676565646d25303849687267676d2f3a3825304b2d3238766f787b696564273a3a2f33492d3830393a34273a3825374c2f3a492d3d42273a3a627861646e2d32382f31492d383246677e273b49412f4a78616e6c2f3a382d3843273a3a766f727963676e2f38302d3b4b253a3a32273a3a25354c2f32432d3d4a2f3a3862706966642f32382f3b412f38304b60786f65617f6f2d3a32273a4925323a7c6d787b636f6c2d3a322f334b2f3a323b38362d3a38253f4c2f374c2d32412d38326d676861666d2f32302d3b416c6166796d253849273a3a7a6c697c6c6d7a6525303a2f33412d383a5d616433302d3a322f374e
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/lF-5QochqeowcLOi?1cd780b14aa79fdf=fWIc91RnrK6CXwQFP1W18Fra4ZpskNqiR7QoBxz1wmSer3nHAaZwKCIn9eKlE9hX3QqP3ifMc_IpLyX1jUnhROmAJutYxX2rJ7jBqKg8WqDuLwJBqorINI_Xfyg3y0hMA5V3uFgzCriWHSPuEURKftg_tqKivDxq89ypv7y537DrYQG9OmNNgBg72FJrDetTY7Ep7LnOtZYKo5Op&jb=3d33242e62736d7d375769666e677d7b2c6a71673557636e6e657f732f383239392c6a7b6a7f3f4b60726d656f266a7b68354960786f6f6d2d323a31383e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 07 May 2024 02:30:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je4560h2v879088318za200&gcs=G100&gcd=13u3uPu2u5&npa=1&dma_cps=-&dma=1&cid=1338422452.1715049054&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EEA&_s=2&sid=1715049053&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&en=scroll&epn.percent_scrolled=90&_et=116&tfd=10286
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 02:30:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
sgtm.elfcosmetics.com/g/ 		65 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4510v9125640115za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=159071809.1715049054&ecid=1905217221&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-HE&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EEA&sst.rnd=745318047.1715049053&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.sp=1&sst.em_event=1&sst.ude=0&_s=3&sid=1715049053&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&en=scroll&epn.percent_scrolled=90&_et=78&tfd=10290&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:30:58 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host string| _pxAppId object| content object| PXXT4Gy2ig object| PX undefined| _XT4Gy2ighandler object| __LOADABLE_LOADED_CHUNKS__ function| _ object| regeneratorRuntime function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive boolean| __HYDRATING__ object| dataLayer function| getDataLayerEvent boolean| rakutenDataLayer object| DataLayer object| viewedProductIdsForPage object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otSPAPathChange boolean| otIsInitialized boolean| otBlockOptOutInitReload function| OptanonWrapper object| DYcustom string| AppsFlyerSdkObject function| AF object| OneTrustStub object| DYO function| DYID object| contextManager object| DYJSON object| DYExps object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| _uxa function| onYouTubeIframeAPIReady string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| gaplugins object| gaGlobal object| gaData object| Optanon object| OneTrust boolean| otLastAcceptAllValue object| DYWork function| $dy object| DYCS number| gtmPageLoadId function| ___rmuid object| ___RMCMPW object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs object| AF_cleanupMethods object| CS_CONF function| csSymbol object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| CSCurrentScript object| UXAnalytics object| AF_SDK object| og object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions boolean| OG_OFFERS_TEST_MODE_ENABLE object| OG object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL object| cti110221 function| a0_0x3eec function| a0_0x20c7 object| sigScriptLoader object| SIG_SCRIPT_DEBUG object| threatmetrix function| tmx_run_page_fingerprinting boolean| tmx_profiling_started function| tmx_post_session_params_fixed

50 Cookies

Domain/Path Name / Value
.elfcosmetics.com/ Name: pxcts
Value: d2a94f85-0c19-11ef-9a9d-728005ee394a
.elfcosmetics.com/ Name: _pxvid
Value: d2a94414-0c19-11ef-9a9d-c897b2f9620b
www.elfcosmetics.com/ Name: initAuthComplete
Value: true
.elfcosmetics.com/ Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: %7B%22g%22%3A%226595fd8c-46f2-2b12-5378-8ee0645904e3%22%2C%22e%22%3A1715050852676%2C%22c%22%3A1715049052676%2C%22l%22%3A1715049052676%7D
.elfcosmetics.com/ Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: %7B%22g%22%3A%22faf2719b-0252-3b39-f48d-6c188d4706f7%22%2C%22c%22%3A1715049052677%2C%22l%22%3A1715049052677%7D
.elfcosmetics.com/ Name: _px3
Value: b291caf09ad02badf34146ca738fdf1dbde0f72b8eaa659d7b8ec680d18f97e1:lGoIXHeAVxIHoOA0g/WJwRa1Jixwbr24PMKE99mQ/mKYDUhZfbiNtR/OiVrSdX1+dtbtf5ruUsqCfGTLc6bg8g==:1000:qDNP/jOxRSzc15SzmyrZTgeXYg+9v7iYLic3NLGMfhf4KbLXPzkLLEOKEtt9WeiYxVJlg2L3yf1eT8mYY0onaC9rgPH6NtHAr9V0Y+OxDdukQMOsdQr90tZ4pBwKtHqIoNGtGhSiUudBJOVKRtIjdcpvqwXNs5J6rGIZDAI/ZiVx9PDNF1Krx7IFFp+1Lp6Ya9Lx+xMs6J0edz4VVYeTl8uK0j2D9CjeU6R0IPVfs30=
.elfcosmetics.com/ Name: _dyjsession
Value: qqt56ont2xmpgof55neez17egg2o9sjb
.elfcosmetics.com/ Name: dy_fs_page
Value: www.elfcosmetics.com%2Fmobile-app
.elfcosmetics.com/ Name: _dy_csc_ses
Value: qqt56ont2xmpgof55neez17egg2o9sjb
.elfcosmetics.com/ Name: _dy_c_exps
Value:
.elfcosmetics.com/ Name: _gcl_au
Value: 1.1.707255455.1715049053
.elfcosmetics.com/ Name: _ga
Value: GA1.2.1496105399.1715049053
.elfcosmetics.com/ Name: _gid
Value: GA1.2.652940730.1715049053
.elfcosmetics.com/ Name: _gat_UA-432816-1
Value: 1
.dynamicyield.com/ Name: DYID
Value: -360287732251389347
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.elfcosmetics.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+May+07+2024+04%3A30%3A53+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202306.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c39320a1-4f14-48fe-8c67-152be8ffe0ca&interactionCount=0&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
.elfcosmetics.com/ Name: _dycnst
Value: dg
.elfcosmetics.com/ Name: _dyid
Value: -360287732251389347
.elfcosmetics.com/ Name: _dycst
Value: dk.w.c.ws.fst.
.elfcosmetics.com/ Name: _dy_geo
Value: DE.EU.DE_.DE__
.elfcosmetics.com/ Name: _dy_df_geo
Value: Germany..
.elfcosmetics.com/ Name: _dy_toffset
Value: 0
.elfcosmetics.com/ Name: _dy_soct
Value: 647796.1248068.1715049053.qqt56ont2xmpgof55neez17egg2o9sjb*836603.1652212.1715049053*837245.1654610.1715049053*861617.1750272.1715049053
.elfcosmetics.com/ Name: rmStore
Value: dmid:9097
.elfcosmetics.com/ Name: _cs_c
Value: 0
.elfcosmetics.com/ Name: _cs_id
Value: ace67256-e3b6-ab1a-a79a-9a31a9c81a3e.1715049053.1.1715049053.1715049053.1558384338.1749213053860.1
.linksynergy.com/ Name: rmuid
Value: 6b3de940-df41-4e7b-a8a1-3d67285f6e4a
www.elfcosmetics.com/ Name: scapi
Value: prd:5af36961-4a65-48e4-8a8b-42ee106d5f5b:eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjVhZjM2OTYxLTRhNjUtNDhlNC04YThiLTQyZWUxMDZkNWY1YiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTUwNDkwMjMsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibHVkS2tYdzNsSGNSbGVjMGxxWVltZXNZOjpjaGlkOiAiLCJleHAiOjE3MTUwNTA4NTMsImlhdCI6MTcxNTA0OTA1MywianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjI3NzE4NTMwODg4OTc0NCJ9.iApmsESVX4v4eU4YfkE1Fc4h6Minu3WW7pg2QWB1EdpHF72BFf0FD5VsNmcEnMH1cunDdhm30cHh16WBkwyySQ
.paypal.com/ Name: LANG
Value: en_US%3BUS
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTcxNTA0OTA1NDAzOSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: crcpresentmentnodeweb
www.paypal.com/ Name: nsid
Value: s%3AeXLFF1cVlxze6Em-ph-6giDea51dWGb1.KFSbadqkUpxDbrCltnzMxIBx6hAuiOpmGP2tTgr5zRw
.paypal.com/ Name: l7_az
Value: dcg16.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1809657054%26vteXpYrS%3D1715050854%26vr%3D50e3bf3818f0ad105d288deaffe5c210%26vt%3D50e3bf3818f0ad105d288deaffe5c20f%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D50e3bf3818f0ad105d288deaffe5c210%26vt%3D50e3bf3818f0ad105d288deaffe5c20f
.elfcosmetics.com/ Name: _cs_s
Value: 1.5.0.1715050854177
www.elfcosmetics.com/ Name: dwsid
Value: E-e7vsLToZ6VO52G4LLzvFQlv5tfwMx0Tm4x-otWrMQWVnmAdOFJXsVxZwEkHqVjAwNSKmPKyjaYsR3FMhwtxQ==
www.elfcosmetics.com/ Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92
Value: abludKkXw3lHcRlec0lqYYmesY
www.elfcosmetics.com/ Name: esw.currency
Value: USD
www.elfcosmetics.com/ Name: sid
Value: IHkXajNtjBgykverHCou-2e7E0-ufuHy6cc
www.elfcosmetics.com/ Name: _dyid_server
Value: -360287732251389347
www.elfcosmetics.com/ Name: esw.InternationalUser
Value: ""
www.elfcosmetics.com/ Name: esw.location
Value: US
www.elfcosmetics.com/ Name: currentLocale
Value: en_US
www.elfcosmetics.com/ Name: esw.sessionid
Value: abludKkXw3lHcRlec0lqYYmesY
www.elfcosmetics.com/ Name: esw.LanguageIsoCode
Value: en_US
www.elfcosmetics.com/ Name: __cq_dnt
Value: 1
www.elfcosmetics.com/ Name: dw_dnt
Value: 1
imgs.signifyd.com/ Name: thx_guid
Value: 4ee15df76d1ed6bacba521fc9b5227a6

48 Console Messages

Source Level URL
Text
javascript error URL: https://www.elfcosmetics.com/mobile-app(Line 301)
Message:
Access to image at 'https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_' from origin 'https://www.elfcosmetics.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://idsync.rlcdn.com/458359.gif?partner_uid=6b3de940-df41-4e7b-a8a1-3d67285f6e4a
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.com/mobile-app
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
api.cquotient.com
api.ipify.org
async-px.dynamicyield.com
c.contentsquare.net
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
collector-pxxt4gy2ig.px-cloud.net
elfcosmetics.a.bigcontent.io
geolocation.onetrust.com
googleads.g.doubleclick.net
h.online-metrix.net
idsync.rlcdn.com
imgs.signifyd.com
qoe-1.yottaa.net
region1.google-analytics.com
sdk.iad-05.braze.com
sgtm.elfcosmetics.com
srm.ba.contentsquare.net
st.dynamicyield.com
static.ordergroove.com
t.contentsquare.net
t.paypal.com
tag.rmp.rakuten.com
ut.rd.linksynergy.com
w2txo5aaohcqb5m6jhqudwug5pwyg6zfa6tnlmxg6e20706105357d06am1.e.aa.online-metrix.net
websdk.appsflyer.com
www.elfcosmetics.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
cdn-fsly.yottaa.net
108.138.26.43
142.250.181.228
142.250.181.232
142.250.186.34
151.101.193.35
151.101.66.133
165.254.198.117
172.217.18.98
172.67.74.152
18.172.112.91
18.244.18.53
192.229.221.25
2001:4860:4802:32::178
2001:4860:4802:34::36
204.2.133.133
216.239.34.178
2600:9000:2250:f200:15:ad21:c740:93a1
2600:9000:275d:de00:a:b89d:a6c0:93a1
2606:4700:4400::ac40:965f
2606:4700:4400::ac40:9b77
2606:4700::6813:b134
2a00:1450:4001:82f::2008
2a02:26f0:3100::1735:2b21
2a02:26f0:3500:11::215:14ca
2a02:26f0:480:21::217:d116
34.102.147.248
34.252.198.165
34.49.124.132
34.98.67.3
35.190.10.96
35.244.174.68
52.48.171.109
54.229.140.92
91.235.132.130
91.235.133.113
91.235.134.131
95.100.65.127
02a0da6bb5e16a0ddf311156d5134696a379830a983a7ba1e405ffc1c2f62c1a
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
18280f9cb145047846d89977448ecfa5a2e1a4a4d168739fb9429da03fce9fbe
19cc36fffa37aa68e3eeb82532cb58611a1e1191cad33bf5edf5265f5930ff28
1b6bc1aaf438e1b7ca4df626c3ccbba4d73ac05b8ad1a31bb2b556da0bfaa0a7
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dc48cbf8704dc07bd5c0b2ca60f6c2296009312a7cb838740a319d4e8b40adb
1ddc89ba3c2a29bf8b6a376737d491efdb8f9bcebc7c635639cda62390f45a06
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
25a7916ac0882583f239e7d7fdeb6483a71bc0fa0d803ccfcf542843f010e9e3
286a4ffde8227357ce5f5624eb017f7bdc258dd39a3f8e13503c58f2197c1cbf
2b7acbfba2a42f367e4c89b2c36c515662b3091b225ac7fc8a7dc1a03cc2d465
2e8fd8d487b4259dbdc6c529f742806377fae205c8dc7d0f35ac8797bafe5b3b
305fe9a5f5590087ad5d80aa44c7a7f1416966806e955ce7a42ab086ec14e38c
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
3a6ad261e05fd31071068560841a4a15cf2cf0a089dd1e5133b8d020a7fea025
42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58
48dd2343ac3ef3252a4ad22a98c496fc9f700e0b9c473de1e1e54e12a5518771
498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4bbde173cb79276962274c39994e982fd3be187559ae1f92e11b2e3ed0072220
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
523d6b837f423cf23cd54e1a67fce85a8e1337f8e4e5f3f55358c0face75ec64
55baa715ccc8c2512bceb1c949c1d0927944ca327e7edd2d5fc312d2a41986e4
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
615b75eddd683d2f18d95bda10b7e11d753c8b4bd95c8c14ae962ac96b867176
679e27a0c158ab0c2f595544d2852b2e1f1613fa1a065a2440b4bb7af23dc550
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6984d3c037381f2cc34e7000f061653706c452b4ba04d46be513241ce2aa2e68
6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
6f693b12a2e04ec57e72559407892e9b8b97c5c1cea493f1ba2de148e876295c
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
7586f9164e6bc95d916e3828d687c85f77cf253b34a5908fffa5f6f17dfd0d72
78b1cf38c2a5031ec31bcd1b79194dff826e1f9287e65fe60cc170b788acd641
7b56d2710f8114b062edd4b006df9739f523f14679b9fc7573259ed51d37ab45
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86c426e9d9ba97676c169da0f301f92e862ef056c2143044ad8816da7c83af63
88a19670aafbd8e8abc9990a06121a6b52dc0f208481d94d2540901511e8c874
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8a90f3b36f2455fc6c76f9ad777671954126bdc45618423a01cfcf0cbfa49f21
8f86dbd47b7ff697f2b12968f6078e3634d24e1dbaa9f00ef562d278ad3cecd9
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
917b28d18a83c6f1b1198b508e2634c26b74f90e6b958c277392cebb42d6078c
92e00349ed94a2184d48889d637ad456366dbec2cbe67ffc211c8c21362cb46c
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9f2461f7629a9751a8ce13d4fa6465bd4dade527356dedaa1e07be6712694ec4
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a3b22231299e16f1f6f9ac89c77f2520a2a0431fb59a115f31ab1ae84ee6fcb7
abb7882a9e23903be24a3a14d7985d428d1f3d2249ba27a2e76701e0d9055ba9
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22
b2e0bde8a120edcd0e126c139ff4c62dc420e43a86bb9e22c92044fdda3fc3ef
b30a99d147a1c1cdcc6ff2fdaf9819989da0e6f05406de48ccc69af2c01a8ecb
b5a9baac0b53c708a5279b1ddfe54ec7f0a40699210e0caf05419d0aa1b330d9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c9d4a41d3dcdef29d6b3888d8d5b9ab3fbcc673d4a120f0957221ebda7a40d3e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc9ea760e99c7aeb29b3da195ff38ecb90d6699e6e437ba9fb6ba5c8a2912b01
cd37a7d3013a75f2617a9db3d3497220f2ac3039fd878f13a115bf3bd32a7bc4
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
da8aae114d6d4c265972756514330f1d5ea7be03c67f3069bd46cb909dc6fb51
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52361811c212ebe7b9cc098c574317ec3c557476cf42be4d6fe9b5a65b443ad
e54a8aca75cb5e527ffd22195b818f3ff4e7239a6dd8425f979e3180419abee5
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eaee82aad68d6abfa02dc9f7b9ec11a2b9fd51b44ee2ff87f15112e50a25e675
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6
f9261c8148010a9582d8588220092d7759a8df8a77ccac58da63e9738486e8e7
ff1f780d69505088867f3dc7f483654dd5801f0bd04107ca1f0c2aac143d2cbc