Submitted URL: http://www.elfcosmetics.com/
Effective URL: https://www.elfcosmetics.com/
Submission: On June 26 via api from US — Scanned from DE

Summary

This website contacted 44 IPs in 4 countries across 29 domains to perform 137 HTTP transactions. The main IP is 204.2.48.23, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 103291.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 204.2.48.23 393259 (YOTTAA-AS-1)
9 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 151.101.194.133 54113 (FASTLY)
5 2606:4700:440... 13335 (CLOUDFLAR...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:275... 16509 (AMAZON-02)
2 172.67.74.152 13335 (CLOUDFLAR...)
2 7 172.64.155.166 13335 (CLOUDFLAR...)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 185.89.210.212 29990 (ASN-APPNEX)
2 52.223.40.198 16509 (AMAZON-02)
1 1 142.250.186.100 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
7 13.35.58.129 16509 (AMAZON-02)
1 140.174.14.80 393259 (YOTTAA-AS-1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.171.23.152 16509 (AMAZON-02)
1 34.102.147.248 396982 (GOOGLE-CL...)
4 151.101.65.21 54113 (FASTLY)
1 184.31.94.141 16625 (AKAMAI-AS)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.244.18.53 16509 (AMAZON-02)
3 2606:4700:440... 13335 (CLOUDFLAR...)
4 8 142.250.185.130 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
3 34.49.124.132 396982 (GOOGLE-CL...)
1 34.98.67.3 396982 (GOOGLE-CL...)
1 151.101.129.21 54113 (FASTLY)
2 52.212.62.146 16509 (AMAZON-02)
2 151.101.129.35 54113 (FASTLY)
2 192.229.221.25 15133 (EDGECAST)
2 108.138.26.13 16509 (AMAZON-02)
1 52.211.148.8 16509 (AMAZON-02)
14 91.235.133.113 30286 (THM)
1 35.244.174.68 15169 (GOOGLE)
1 91.235.132.130 30286 (THM)
1 2620:f3:0:14:... 30286 (THM)
1 91.235.134.131 30286 (THM)
137 44
Apex Domain
Subdomains
Transfer
19 amplience.net
cdn.media.amplience.net — Cisco Umbrella Rank: 15878
cdn.c1.amplience.net — Cisco Umbrella Rank: 33022
cdn.static.amplience.net — Cisco Umbrella Rank: 46119
5 MB
18 elfcosmetics.com
www.elfcosmetics.com — Cisco Umbrella Rank: 103291
sgtm.elfcosmetics.com — Cisco Umbrella Rank: 250639
308 KB
16 signifyd.com
cdn-scripts.signifyd.com — Cisco Umbrella Rank: 8738
imgs.signifyd.com — Cisco Umbrella Rank: 7238
74 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 378
170 KB
11 dynamicyield.com
cdn.dynamicyield.com — Cisco Umbrella Rank: 9513
st.dynamicyield.com — Cisco Umbrella Rank: 8959
async-px.dynamicyield.com — Cisco Umbrella Rank: 9234
266 KB
8 googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 335
2 KB
7 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3110
t.paypal.com — Cisco Umbrella Rank: 3894
126 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
579 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
region1.google-analytics.com — Cisco Umbrella Rank: 2355
21 KB
5 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 2837
1 KB
4 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3715
c.contentsquare.net — Cisco Umbrella Rank: 4692
srm.ba.contentsquare.net — Cisco Umbrella Rank: 21163
81 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 527
4 KB
4 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 26578 Failed
qoe-1.yottaa.net — Cisco Umbrella Rank: 12022
1 MB
3 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 2940
h64.online-metrix.net — Cisco Umbrella Rank: 2088
w2txo5aaggjazmn3d6khts2fla4ntdafas75iivq0671edd9c1ac0878am1.e.aa.online-metrix.net
795 B
3 bigcontent.io
elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 230074
8 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2807
16 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
12 KB
2 cquotient.com
api.cquotient.com — Cisco Umbrella Rank: 41751
517 B
2 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 1062
297 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2418
227 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 495
98 B
1 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 9655
414 B
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 5461
12 KB
1 ordergroove.com
static.ordergroove.com — Cisco Umbrella Rank: 33195
43 KB
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 8585
15 KB
1 curalate.com
edge.curalate.com — Cisco Umbrella Rank: 10410
20 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
65 B
1 google.com
www.google.com — Cisco Umbrella Rank: 5
24 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 653
295 B
137 29
Domain Requested by
16 cdn.media.amplience.net 2 redirects www.elfcosmetics.com
15 www.elfcosmetics.com 1 redirects www.elfcosmetics.com
cdn-fsly.yottaa.net
t.contentsquare.net
14 imgs.signifyd.com www.elfcosmetics.com
imgs.signifyd.com
12 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
www.elfcosmetics.com
8 ade.googlesyndication.com 4 redirects
7 async-px.dynamicyield.com cdn.dynamicyield.com
6 www.googletagmanager.com www.elfcosmetics.com
5 www.paypal.com www.elfcosmetics.com
www.paypal.com
5 sdk.iad-05.braze.com cdn-fsly.yottaa.net
4 secure.adnxs.com 2 redirects www.elfcosmetics.com
3 sgtm.elfcosmetics.com www.googletagmanager.com
3 region1.google-analytics.com www.googletagmanager.com
t.contentsquare.net
3 elfcosmetics.a.bigcontent.io
3 cdn.dynamicyield.com www.elfcosmetics.com
3 cdn-fsly.yottaa.net www.elfcosmetics.com
2 cdn-scripts.signifyd.com www.elfcosmetics.com
2 www.paypalobjects.com www.elfcosmetics.com
2 t.paypal.com
2 c.contentsquare.net
2 www.youtube.com www.elfcosmetics.com
2 api.cquotient.com cdn-fsly.yottaa.net
2 insight.adsrvr.org www.elfcosmetics.com
2 www.google-analytics.com www.elfcosmetics.com
www.google-analytics.com
2 cdn.static.amplience.net www.elfcosmetics.com
2 api.ipify.org cdn-fsly.yottaa.net
1 w2txo5aaggjazmn3d6khts2fla4ntdafas75iivq0671edd9c1ac0878am1.e.aa.online-metrix.net
1 h64.online-metrix.net imgs.signifyd.com
1 h.online-metrix.net imgs.signifyd.com
1 idsync.rlcdn.com
1 srm.ba.contentsquare.net t.contentsquare.net
1 ut.rd.linksynergy.com www.elfcosmetics.com
1 t.contentsquare.net www.elfcosmetics.com
1 websdk.appsflyer.com www.elfcosmetics.com
1 static.ordergroove.com www.elfcosmetics.com
1 tag.rmp.rakuten.com www.elfcosmetics.com
1 edge.curalate.com www.elfcosmetics.com
1 qoe-1.yottaa.net www.elfcosmetics.com
1 googleads.g.doubleclick.net www.elfcosmetics.com
1 www.google.com 1 redirects
1 st.dynamicyield.com www.elfcosmetics.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 cdn.c1.amplience.net www.elfcosmetics.com
137 42
Subject Issuer Validity Valid
*.elfcosmetics.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-25 -
2024-10-25
a year crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-20 -
2024-08-14
a year crt.sh
c1.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-06 -
2024-10-23
a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018
2023-09-13 -
2024-10-14
a year crt.sh
sdk.iad-05.braze.com
WE1
2024-06-17 -
2024-09-15
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2024-03-01 -
2024-12-31
10 months crt.sh
*.google-analytics.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M02
2023-09-03 -
2024-10-01
a year crt.sh
ipify.org
GTS CA 1P5
2024-05-19 -
2024-08-17
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
edge.curalate.com
E1
2024-05-27 -
2024-08-25
3 months crt.sh
*.cquotient.com
Amazon RSA 2048 M02
2024-03-05 -
2025-04-03
a year crt.sh
tag.rmp.rakuten.com
WR3
2024-05-29 -
2024-08-27
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2024-02-08 -
2025-02-08
a year crt.sh
*.ordergroove.com
Go Daddy Secure Certificate Authority - G2
2023-08-04 -
2024-08-17
a year crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1
2023-07-27 -
2024-07-27
a year crt.sh
*.google.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
t.contentsquare.net
Amazon RSA 2048 M01
2023-09-13 -
2024-10-11
a year crt.sh
*.bigcontent.io
GeoTrust TLS RSA CA G1
2024-04-02 -
2025-05-03
a year crt.sh
sgtm.elfcosmetics.com
WR3
2024-05-14 -
2024-08-13
3 months crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA
2024-01-23 -
2025-01-22
a year crt.sh
dep.ba.contentsquare.net
Amazon RSA 2048 M03
2024-02-18 -
2025-03-19
a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2023-09-21 -
2024-10-21
a year crt.sh
cdn-scripts.signifyd.com
Amazon RSA 2048 M02
2024-06-02 -
2025-06-30
a year crt.sh
srm.ba.contentsquare.net
Amazon RSA 2048 M02
2023-11-07 -
2024-12-06
a year crt.sh
imgs.signifyd.com
Go Daddy Secure Certificate Authority - G2
2023-10-20 -
2024-11-20
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-06 -
2025-03-05
a year crt.sh
online-metrix.net
Viking Cloud Organization Validation CA, Level 1
2024-03-20 -
2024-10-21
7 months crt.sh
*.aa.online-metrix.net
Viking Cloud Organization Validation CA, Level 1
2024-03-20 -
2024-10-21
7 months crt.sh

This page contains 7 frames:

Primary Page: https://www.elfcosmetics.com/
Frame ID: 861A1C6B976A75F2E3AC6C32EC092B6B
Requests: 118 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.6&integrationType=SDK
Frame ID: 6463F4106835CAA1B72DCFED15DEFF1E
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: A0BE58F109F7ED599E8CDA749900E6EF
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Frame ID: 7EF5F70C3CA71B2D4EFEA2686C24D56F
Requests: 13 HTTP requests in this frame

Frame: https://imgs.signifyd.com/6bMII5Kl2sTuOnSQ?f6688f317c1da568=mOYHOUYLZQElOgTyim8LzFP7rX9r3EqzX12RH5C6Gjvdk_M0WC2fW5i3sQkiCMG9YsvcAxgT1p4B1tIWfr3t6aG9FUgudUq34b_f-9MFPhIWRDFCOHyw9XOeQffCkzj0qGLsAkUwmQQG3mKFf05hTvpPrtJr6QBz_-UhquPytno3pVc0RawOqSY6lr6ixe2CpkAclWUtzdTZexEy5q0
Frame ID: 6F52ECFEAB0C5D684798693111A97E18
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fqT_bV40h3GxKzYy?474a7659fff4d0d2=1zUgfrzzfTuoNU1MBr3JhtjupRrV6zab5lWYV5YwkbyoFBa0Q5CwtpC_dcITw21PqE8mt3jJSVOZZnG9-W13WYjVw5Uaftoehp4c3xkT3PBn7tse_klNnU1Xw0nYXVRYqVMxrK7_JSLEG6H2UpJd8w3luB-H3GTb63kScKnTYTNZd-12E5LND5pnPSVDMbB_Vl3bHiw6grwHb595ElPh
Frame ID: EF451104CD77ACCE81DFDB3FAB999EC3
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/ZXJDlt3A4b1e092W?b6533723b39f3bd9=PIGTqm_tQo3NhT2kMUIGSqnnC_TvisKXaB099lNPQ7FynN4rz8sjpNmY97GBOjlsLX4hMA5yqDjxToUi3DXCIZJ6zlAmbWoUBJxelXQEEkO2e2fHRaCdj5GVo2FcsNOvGSFNfgQDcDLH1ro70taa4u7ObmVwsEyWbBvVX6cIdb2k_tmIOZjWmOb14JaC9MEr4oYyP5v_wymp29uzTRgo
Frame ID: A0F8E61F6CFCD2899371840B0208E33D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

e.l.f. Cosmetics: Affordable Makeup & Skincare | Clean Beauty Products | e.l.f. Cosmetics

Page URL History Show full URLs

  1. http://www.elfcosmetics.com/ HTTP 307
    https://www.elfcosmetics.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com

Overall confidence: 10%
Detected patterns
  • basket.*\.js

Page Statistics

137
Requests

91 %
HTTPS

36 %
IPv6

29
Domains

42
Subdomains

44
IPs

4
Countries

7836 kB
Transfer

15968 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.elfcosmetics.com/ HTTP 307
    https://www.elfcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=E0fki0e7usat4TmOvuNao_5Cyg8je_-pk6HSuTN8UUg HTTP 303
  • https://www.elfcosmetics.com/callback?usid=889868a3-67b8-4438-bd6f-093505229b12&code=JfO174jCG2VfM7wPcqEHsJKj9rXbcL3LHcNHa7yZLa8
Request Chain 27
  • https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D/mp41080 HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
Request Chain 28
  • https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040/mp41080 HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
Request Chain 34
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Request Chain 36
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Request Chain 40
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=112933677.1719386467&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46o1n81WL3STMXv896608294za200&auid=1247630033.1719386467 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=112933677.1719386467&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46o1n81WL3STMXv896608294za200&auid=1247630033.1719386467
Request Chain 89
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=6542274125230;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CLebg97d-IYDFacJogMdWLMJAQ;type=elf8j0;cat=glo_flhp;ord=6542274125230;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com
Request Chain 90
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=1070473647765;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CN-Vg97d-IYDFVgdogMdn_IrlA;type=elf8j0;cat=glo_flap;ord=1070473647765;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com
Request Chain 91
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=504751739708;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKabg97d-IYDFWEJogMd-FwFEg;type=conte0;cat=homep0;ord=504751739708;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com
Request Chain 92
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=4803059632829;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CJSdg97d-IYDFXAdogMdFVsrlQ;type=retarget;cat=globa0;ord=4803059632829;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com

137 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.elfcosmetics.com/
Redirect Chain
  • http://www.elfcosmetics.com/
  • https://www.elfcosmetics.com/
1 MB
252 KB
Document
General
Full URL
https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
5a66ea0b1cef64c03dc618951c9ec02c664867f1dccedb00101930c4f36e33b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
821 821
alt-svc
h3=":443"; ma=86400
cache-control
public, must-revalidate, s-maxage=900
content-encoding
gzip
content-length
256928
content-type
text/html; charset=utf-8
date
Wed, 26 Jun 2024 07:21:00 GMT
etag
W/"e65d6-axuSamQmlh5UXOUVppHHXVNI1dc"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 18a2ff1d0c4298d4844e4dea761f1d6c.cloudfront.net (CloudFront)
x-amz-apigw-id
Z9qmAGVuiYcEcZw=
x-amz-cf-id
Reg5o3ZvC5FLP-6yO9WfnNVE6VOT-v4tmxQq34b5uIH9-q-Tfb8BIg==
x-amz-cf-pop
ORD53-C3
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
943574
x-amzn-remapped-date
Wed, 26 Jun 2024 07:07:18 GMT
x-amzn-requestid
e024cc6f-eead-44c0-910d-fafd96fe24d6
x-amzn-trace-id
Root=1-667bbe26-660ef63e04f3ec95788d8513;Parent=7458ebe1fcc527a6;Sampled=0;lineage=2b75b0e9:0
x-cache
Hit from cloudfront
x-yottaa-metrics
2621cc8d5872/[198,33,-] 26D1cc023017/[-,326.701]
x-yottaa-optimizations
ob/1000000100001000 si/26D1cc023017-1719340557-5509945234 tts/1719340523228 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-yottaa-os
200

Redirect headers

Location
https://www.elfcosmetics.com/
Non-Authoritative-Reason
HttpsUpgrades
/
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/
0
0

0624_HPTILE_SPOTLIGHT_SOFTGLAM_D
cdn.media.amplience.net/v/elfcosmetics/
24 KB
24 KB
Image
General
Full URL
https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D?fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89cd26c6da97833d4de0cb2cc60dae6563858a413dffc037f3d4d8ef6e7ee066
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
50015
x-amp-srv
CF
edge-cache-tag
_cAOhf0iy,l4p5bDg2e,lTTxSknl0,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
clt7qZHfZP
alt-svc
h3=":443"; ma=86400
content-length
24370
x-xss-protection
1; mode=block
x-amp-source-height
520
last-modified
Tue, 25 Jun 2024 17:27:27 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b702efb9a902e-FRA
x-amp-published
Mon, 06 May 2024 23:46:56 GMT
truncated
/
37 B
37 B
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
ELF_Bronzer_HomepageTile_Comments_1440x1040
cdn.media.amplience.net/v/elfcosmetics/
37 KB
37 KB
Image
General
Full URL
https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d237f9147434eb7ca13c686da4346e03a6210da929e3e7f251370d2d0a149823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
51008
x-amp-srv
CF
edge-cache-tag
4ofQD7Wfr,l4p5bDg2e,X_K2lO9lh,k4NPUWi7z
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
L_igkOZ2z-
alt-svc
h3=":443"; ma=86400
content-length
37661
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Tue, 25 Jun 2024 17:10:54 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b702efba3902e-FRA
x-amp-published
Wed, 05 Jun 2024 19:29:20 GMT
elf-skin-logo_D-min
cdn.media.amplience.net/i/elfcosmetics/
3 KB
3 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/elf-skin-logo_D-min?fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c8c239d4cc98fc4605856c796187c92e56a8692b0f90d12e376faafbbbeb817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
8995
x-amp-srv
CF
edge-cache-tag
mQ2w1VlWG,l4p5bDg2e,xPkOqKkZZ,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
pbkIQzv1Ga
alt-svc
h3=":443"; ma=86400
content-length
2807
x-xss-protection
1; mode=block
x-amp-source-height
257
last-modified
Wed, 26 Jun 2024 04:51:07 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
289
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b702efba6902e-FRA
x-amp-published
Tue, 02 Apr 2024 23:34:45 GMT
locale-link-rewriter-0.0.2-min
cdn.c1.amplience.net/c/elfcosmetics/
553 B
679 B
Script
General
Full URL
https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.2-min
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:1a::5f65:6fab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 07:21:02 GMT
cache-control
max-age=120, s-maxage=1800
accept-ranges
bytes
content-length
553
x-amp-srv
A
content-type
application/javascript; charset=utf-8
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin
https://www.elfcosmetics.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin
https://www.elfcosmetics.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
soft-glam-satin-2024-5-spotlights_D-min
cdn.media.amplience.net/i/elfcosmetics/
147 KB
147 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/soft-glam-satin-2024-5-spotlights_D-min?fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
036372aec246811be980f3db17295ca6ebbcabef2d187cf4b50eca891a3cd8f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
8995
x-amp-srv
CF
edge-cache-tag
M6bNQ9eQN,l4p5bDg2e,KQtgulBJr,DtzGFM5oJ
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
f1bKX2K2RR
alt-svc
h3=":443"; ma=86400
content-length
150302
x-xss-protection
1; mode=block
x-amp-source-height
1700
last-modified
Wed, 26 Jun 2024 04:51:07 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/webp
access-control-allow-origin
*
x-amp-source-width
2880
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b702efb9e902e-FRA
x-amp-published
Mon, 20 May 2024 23:26:06 GMT
soft-glam-satin-2024-5-background_D-min
cdn.media.amplience.net/i/elfcosmetics/
3 KB
4 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/soft-glam-satin-2024-5-background_D-min?fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3917055d135099cfcac6ff6745f7a1bb3525f6d49ab43e90319134708de821ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
34418
x-amp-srv
CF
edge-cache-tag
_XxXG9zY7,l4p5bDg2e,4wgAmq7JA,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
xtRV0Zqvrc
alt-svc
h3=":443"; ma=86400
content-length
3523
x-xss-protection
1; mode=block
x-amp-source-height
662
last-modified
Tue, 25 Jun 2024 21:47:24 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
2880
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b702efba1902e-FRA
x-amp-published
Mon, 20 May 2024 23:26:15 GMT
go-wild-bronzies-2024-06-10-headline-1_D-min
cdn.media.amplience.net/i/elfcosmetics/
31 KB
31 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/go-wild-bronzies-2024-06-10-headline-1_D-min?fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4746970ad07f39350242803788c04f8a8b27fc02eec81596db2e436011ff8332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
8950
x-amp-srv
CF
edge-cache-tag
g6qR7ZM5r,l4p5bDg2e,QzFMFH4vh,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
ggTYqKFQwi
alt-svc
h3=":443"; ma=86400
content-length
31417
x-xss-protection
1; mode=block
x-amp-source-height
245
last-modified
Wed, 26 Jun 2024 04:51:52 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1136
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b702efba7902e-FRA
x-amp-published
Mon, 03 Jun 2024 23:31:19 GMT
vendor.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/
2 MB
627 KB
Script
General
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12aef701f9abbb77ad769e835f981ab2c6b7dd1f7f19ffb59261b23084fbed98

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:01 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
754041
x-yottaa-optimizations
ob/1000 si/36118cae0e24-1706737522-783071422 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
780438
content-length
641173
x-amz-meta-bundle
11418
x-served-by
cache-fra-etou8220145-FRA
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1719386462.886262,VS0,VE2
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e3b/[151,120,-] 36118cae0e24/[-,284.562]
accept-ranges
bytes
x-amz-cf-id
2Tc5XCkXdNy72RtVclU0caMKUthD9KNLh1-sqGc9t6y4SsASMOKNHQ==
x-cache-hits
1
main.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/
2 MB
494 KB
Script
General
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/main.js?yocs=1u_1y_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f498ff46829b1f4476db5ca3fd697a92852f92b9aef0d95e650608f1b7ca41dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:01 GMT
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
754041
x-yottaa-optimizations
ob/1000 si/36118cae0e24-1706737522-783071423 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
780438
content-length
505275
x-amz-meta-bundle
11418
x-served-by
cache-fra-etou8220145-FRA
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1719386462.886978,VS0,VE2
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e3e/[141,117,-] 36118cae0e24/[-,241.243]
accept-ranges
bytes
x-amz-cf-id
Cf7Kf20vFvfdyGHwRsG2YEezP-U0ZzsW5GJby4MDylHczw5REc-vLQ==
x-cache-hits
1
pages-home.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/
5 KB
3 KB
Script
General
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/pages-home.js?yocs=1u_1y_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97996c9985c6b958fe1325fc72f641b0118c639d32f7b78f3d3245d83a588e43

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:01 GMT
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
753948
x-yottaa-optimizations
ob/1100 si/36118cae0e24-1706737522-783072996 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
780438
content-length
2337
x-amz-meta-bundle
11418
x-served-by
cache-fra-etou8220145-FRA
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1719386462.886428,VS0,VE1
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e2f/[2,-,1718632446331] 36118cae0e24/[-,3.284]
accept-ranges
bytes
x-amz-cf-id
KJ1epeI0Sg9VJapXUmhobYIcwyToPQOWeCGJjmMXcYvzGvFoLsJQ1Q==
x-cache-hits
1
pride-tattoo-2024-6-headline-v2_D-min
cdn.media.amplience.net/i/elfcosmetics/
5 KB
6 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/pride-tattoo-2024-6-headline-v2_D-min?%24Desktop%24=&fmt=auto&w=864
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d650cb6c1fb30ec35dab5af23c5a1f726b5e3f8549a56a74d46e2e03151e81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
81179
x-amp-srv
CF
edge-cache-tag
vAiBLVNpf,l4p5bDg2e,mF-g78ke7,4UiqVG0Z4,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
2VBGX9PDih
alt-svc
h3=":443"; ma=86400
content-length
5526
x-xss-protection
1; mode=block
x-amp-source-height
74
last-modified
Tue, 25 Jun 2024 08:48:03 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
884
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b70306cdc902e-FRA
x-amp-published
Mon, 24 Jun 2024 07:03:02 GMT
2024-06-hptile-newArrivals-hero-D-img1-min
cdn.media.amplience.net/i/elfcosmetics/
53 KB
53 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img1-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img1-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img1-min?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb56da4ee08046d471003dd9f6c44d09e8d54451918ec84c0a7de293abc236a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
8996
x-amp-srv
CF
edge-cache-tag
mcWomLMrU,l4p5bDg2e,sKbI0Xlxp,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
oecWyK0cEW
alt-svc
h3=":443"; ma=86400
content-length
54250
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Wed, 26 Jun 2024 04:51:07 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b70332f82902e-FRA
x-amp-published
Mon, 10 Jun 2024 15:55:02 GMT
2024-06-hptile-newArrivals-D-behindText-min
cdn.media.amplience.net/i/elfcosmetics/
8 KB
9 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-D-behindText-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-D-behindText-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-D-behindText-min?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f2e68f4e14df47f09509d13a68b579d84ccdc614384a968271fb5a3864a4af5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
33659
x-amp-srv
CF
edge-cache-tag
ChHe38sMe,l4p5bDg2e,yWgNg5NdX,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
BgOIjvNyGO
alt-svc
h3=":443"; ma=86400
content-length
8563
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Tue, 25 Jun 2024 22:00:04 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b70332f84902e-FRA
x-amp-published
Mon, 10 Jun 2024 15:55:02 GMT
/
sdk.iad-05.braze.com/api/v3/data/ Frame
0
0
Preflight
General
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
899b70454a5e9baa-FRA
content-encoding
gzip
date
Wed, 26 Jun 2024 07:21:06 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/main.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ceCldLDyZN6bSQL6yyKLMg==
age
38446
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Tue, 25 Jun 2024 02:35:41 GMT
server
cloudflare
etag
0x8DC94BF8198F6A8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
27c9e704-601e-00db-1f1a-c7375c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899b70420d459b1c-FRA
expires
Wed, 26 Jun 2024 20:40:19 GMT
gtm.js
www.googletagmanager.com/
528 KB
140 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1444236b71851e5522227d9f5215dfb5cafa77a06058e8cd86312525f88443ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142891
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jun 2024 07:21:05 GMT
api_dynamic.js
cdn.dynamicyield.com/api/8772046/
763 KB
73 KB
Script
General
Full URL
https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:de00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
c97c9953abec796c4b0bd74a315a62e21947e66246a8f19ac91f0650325a405d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:20:42 GMT
content-encoding
gzip
via
1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jun 2024 20:47:57 GMT
server
DYCDN
age
24
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
etag
W/"cd874acad5a947bac2fd5b6e73facc5b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=30
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
25vnpFNNxqgoFRnCLB3h3jkOJNfcA6eLV70hIWtekWKRi0YW2EvyKg==
api_static.js
cdn.dynamicyield.com/api/8772046/
388 KB
114 KB
Script
General
Full URL
https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:de00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 15:02:57 GMT
content-encoding
gzip
via
1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jun 2024 15:02:50 GMT
server
DYCDN
age
58689
x-amz-cf-pop
FRA56-P11
etag
W/"64e0187feba0c97d38f8aabb6e6d66cd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
eCQARKO-ACGw9iD64S3onsviWf1fJgqhDOi53FiBIsTtuSrNryd8Yw==
/
api.ipify.org/
21 B
154 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd7fc1fdca4c78b9603c6dfd105dce4e0a4719da5ec3e950a2a5359f64a69d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
899b70427f0f9f54-FRA
content-length
21
/
api.ipify.org/
21 B
73 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd7fc1fdca4c78b9603c6dfd105dce4e0a4719da5ec3e950a2a5359f64a69d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
899b704348199f54-FRA
content-length
21
/
sdk.iad-05.braze.com/api/v3/data/
554 B
627 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f0950aada9b262ac96887287c5cdc01a26f346da9361176d16004084aa5b71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
Referer
https://www.elfcosmetics.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-Req-Attempt
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
5cda5fdb-2eec-4f52-9b32-9735e4a77f7a
x-runtime
0.138879
server
cloudflare
etag
W/"29f0950aada9b262ac96887287c5cdc0"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1719386469
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
899b7046cbec9baa-FRA
x-ratelimit-remaining
499.0
ELF_Bronzer_HomepageTile_Comments_1440x1040
cdn.media.amplience.net/v/elfcosmetics/
13 KB
14 KB
Image
General
Full URL
https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040?fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.166 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89c53d125513c76e61d13e99b7ab3f2fe9852d69b30d0832c7296390054a99c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
47083
x-amp-srv
CF
edge-cache-tag
9eyOH-Cqf,l4p5bDg2e,X_K2lO9lh,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
xMGQOPJv1v
alt-svc
h3=":443"; ma=86400
content-length
13687
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Tue, 25 Jun 2024 12:30:14 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b70446c0c452e-TXL
x-amp-published
Wed, 05 Jun 2024 19:29:20 GMT
callback
www.elfcosmetics.com/
Redirect Chain
  • https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=...
  • https://www.elfcosmetics.com/callback?usid=889868a3-67b8-4438-bd6f-093505229b12&code=JfO174jCG2VfM7wPcqEHsJKj9rXbcL3LHcNHa7yZLa8
0
0
Fetch
General
Full URL
https://www.elfcosmetics.com/callback?usid=889868a3-67b8-4438-bd6f-093505229b12&code=JfO174jCG2VfM7wPcqEHsJKj9rXbcL3LHcNHa7yZLa8
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 07:21:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 af773f4ed0d1f81acb9720b12cb8310a.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
x-amz-cf-pop
ORD53-C3
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
f1b3a7f1-6042-4a84-8127-d096dbab9d3d
x-yottaa-optimizations
ob/1000 si/26D1cc023017-1719340557-5509945253 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
Z9sniEBDiYcECUQ=
content-length
0
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-667bc163-4f84cb3538d645471a609cba;Parent=1517267bd8a96479;Sampled=0;lineage=2b75b0e9:0
content-type
application/json
cache-control
public, max-age=604800
x-yottaa-os
200
x-yottaa-metrics
2621cc8d587b/[180,174,-] 26D1cc023017/[-,182.513]
x-amzn-remapped-date
Wed, 26 Jun 2024 07:21:07 GMT
x-amz-cf-id
tZJsy9_cJnjM5ToadsgoTLOg8dx3PtI-IJdCAzW6jRQl59G1_M8Qvg==

Redirect headers

date
Wed, 26 Jun 2024 07:21:06 GMT
x-correlation-id
899b7049f9ce8107
via
1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ORD53-C3
age
0
x-yottaa-optimizations
ob/0 si/26D1cc023017-1719340557-5509945252 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-ratelimit-1m-remaining
23869, 1993689
x-ratelimit-1m-reset
53084, 53083
x-ratelimit-1m-limit
24000, 2000000
vary
Accept-Encoding
location
https://www.elfcosmetics.com/callback?usid=889868a3-67b8-4438-bd6f-093505229b12&code=JfO174jCG2VfM7wPcqEHsJKj9rXbcL3LHcNHa7yZLa8
cache-control
no-store
x-yottaa-os
303
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=E0fki0e7usat4TmOvuNao_5Cyg8je_-pk6HSuTN8UUg
x-yottaa-metrics
2621cc8d587a/[146,143,-] 26D1cc023017/[-,149.283]
cf-ray
899b7049f9ce8107-ORD
x-amz-cf-id
Q1IzBy4najx2oSRqngF5lueDWRp0Yg-ZZsea4QGA0phFOvYHrMbf0A==
ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D/mp41080
  • https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
2 MB
2 MB
Media
General
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Server
2a02:26f0:3100::1735:2b50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ada9d1def698653a5ef155d5439ab8dbaf3ec7e92731b5c2458104008d8714cd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 07:21:06 GMT
last-modified
Mon, 06 May 2024 23:46:56 GMT
etag
"f9cd69df864aaabae94e683234b307a4"
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2539191/2539192
x-amp-srv
A
accept-ranges
bytes
x-amp-route
ak-s1
Content-Length
2539192

Redirect headers

date
Wed, 26 Jun 2024 07:21:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
36360
x-amp-srv
CF
edge-cache-tag
AqiZhoyyM,l4p5bDg2e,lTTxSknl0
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
cf-ray
899b7045aef8452e-TXL
b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040/mp41080
  • https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
2 MB
2 MB
Media
General
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Server
2a02:26f0:3100::1735:2b50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6f98df0dfa77c50c8356e92ee9269bca4dd576126d890993cb22c88f29723e58

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 07:21:06 GMT
last-modified
Wed, 05 Jun 2024 19:29:19 GMT
etag
"bb4f3cb26295704a9279f0ebaaaca661"
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1946953/1946954
x-amp-srv
A
accept-ranges
bytes
x-amp-route
ak-s1
Content-Length
1946954

Redirect headers

date
Wed, 26 Jun 2024 07:21:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
36360
x-amp-srv
CF
edge-cache-tag
Az92eY8A2,l4p5bDg2e,X_K2lO9lh
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
cf-ray
899b7045aefd452e-TXL
6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/
6 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55baa715ccc8c2512bceb1c949c1d0927944ca327e7edd2d5fc312d2a41986e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
10087
content-md5
j7e7fSdncC8T3SCV/IpUig==
content-length
1740
x-ms-lease-status
unlocked
last-modified
Mon, 08 Apr 2024 18:41:03 GMT
server
cloudflare
etag
0x8DC57FB71838BE4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c3fb1654-801e-0031-68e4-89d890000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899b70466a6d360f-FRA
expires
Thu, 27 Jun 2024 07:21:06 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
295 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept
application/json
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
899b7047a8179b5b-FRA
access-control-allow-headers
Content-Type
st
st.dynamicyield.com/
151 KB
13 KB
Script
General
Full URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=s70lks55yh8q4iwu2ysceleiykt6sry5&ref=&scriptVersion=2.32.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:2800:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
302dd3a01dd34629b788867c77e12f3b44dce9b6b239b96ed388fe974ac5baaf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:07 GMT
content-encoding
gzip
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control
no-cache
x-amz-cf-id
Ww8MJv58GP1cRaV05sZBMGoe1ldv6j115gV_8Su3n1-MSrQQwRDNTQ==
expires
Wed, 26 Jun 2024 07:21:06 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Jun 2024 06:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3120
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 26 Jun 2024 08:29:07 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202306.1.0/
404 KB
98 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XJk1ZZTljtwHFT3qcIJg+w==
age
41064
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
99599
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:36 GMT
server
cloudflare
etag
0x8DB82A15D413626
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
80bad15d-801e-006c-2fda-12d214000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899b704adccb9b1c-FRA
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:07 GMT
an-x-request-uuid
703d84db-4c56-4461-b96e-47d6ede36c4b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.117; 80.255.7.117; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:07 GMT
an-x-request-uuid
0d7401e8-9efd-4e8e-9d6e-fefd5634425d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.117; 80.255.7.117; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/
70 B
149 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:07 GMT
server
Kestrel
content-length
70
content-type
image/gif
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:07 GMT
an-x-request-uuid
53a8138f-d5f2-448f-a895-b92a9c794211
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.117; 80.255.7.117; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:07 GMT
an-x-request-uuid
5dd673f7-5fef-4ddd-9cb0-ba3b2cdb0de3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.117; 80.255.7.117; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/
70 B
148 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:07 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
sdk.iad-05.braze.com/api/v3/content_cards/
85 B
228 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0332152a10847dd14cf6bcebfa22b8e399d268b24fdf0381241f58c9d13f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Braze-Req-Tokens-Remaining
29
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
BRAZE-SYNC-RETRY-COUNT
0
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
X-Braze-Req-Attempt
1
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
887a022d-da99-4d63-bbb3-a037739807c2
x-runtime
0.069787
server
cloudflare
etag
W/"cc0332152a10847dd14cf6bcebfa22b8"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1719386469
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
899b704d0bfc9baa-FRA
x-ratelimit-remaining
491.0
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame
0
0
Preflight
General
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
899b704b093f9baa-FRA
content-encoding
gzip
date
Wed, 26 Jun 2024 07:21:07 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=112933677.1719386467&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46o1n81WL3STMXv89660829...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=112933677.1719386467&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46o1n81WL3...
42 B
65 B
Ping
General
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=112933677.1719386467&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46o1n81WL3STMXv896608294za200&auid=1247630033.1719386467
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=112933677.1719386467&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46o1n81WL3STMXv896608294za200&auid=1247630033.1719386467
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2024-06-hptile-newArrivals-hero-D-img2-min
cdn.media.amplience.net/i/elfcosmetics/
93 KB
93 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img2-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img2-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img2-min?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.166 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c63c343ab564468df88e50d95efcc7521db14a063b5876ea43899c333ebeda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3414
x-amp-srv
CF
edge-cache-tag
9pxSx_fu2,l4p5bDg2e,EL6uw4EsI,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
PSIxuUY7cN
alt-svc
h3=":443"; ma=86400
content-length
95265
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Mon, 24 Jun 2024 23:53:35 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b704b2cca452e-TXL
x-amp-published
Mon, 10 Jun 2024 15:55:02 GMT
collect
www.google-analytics.com/j/
3 B
211 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1987223433&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=1214337354&gjid=1911622303&cid=545212742.1719386467&tid=UA-432816-1&_gid=321547491.1719386467&_r=1&_slc=1&gtm=45He46o1n81WL3STMXv896608294za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&tag_exp=0&z=1806023610
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/018ebeca-e8af-7f81-b182-0c90ba9664dd/
158 KB
34 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/018ebeca-e8af-7f81-b182-0c90ba9664dd/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a9baac0b53c708a5279b1ddfe54ec7f0a40699210e0caf05419d0aa1b330d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
17625
content-md5
9wsMlq8mrfV+OngAz8tXzg==
content-length
34664
x-ms-lease-status
unlocked
last-modified
Mon, 08 Apr 2024 18:41:16 GMT
server
cloudflare
etag
0x8DC57FB7975EDF7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d7d31a7a-c01e-0030-49e4-89874c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899b704c3a22360f-FRA
expires
Thu, 27 Jun 2024 07:21:07 GMT
dy-coll-min.js
cdn.dynamicyield.com/scripts/2.32.0/
196 KB
65 KB
Script
General
Full URL
https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:de00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 21:44:25 GMT
content-encoding
gzip
via
1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
last-modified
Tue, 02 Apr 2024 09:13:12 GMT
server
DYCDN
age
2453803
x-amz-cf-pop
FRA56-P11
etag
W/"65b3e284856fb8d657d1f6a3423618c7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
lvtvHy22HmtR_xZ5fRW48FK59bzaxEYBQEQeGSBNc_o1sj_HjlUQYg==
token
www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/
2 KB
2 KB
Fetch
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
28de7562b6bb474859ce886dab332930a5c098a06f7ec289857a0e247e6fdc76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
c_x-pwa-request
true
Referer
https://www.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:07 GMT
content-encoding
gzip
x-correlation-id
899b704e3919223a
cf-cache-status
DYNAMIC
via
1.1 0e83b80efeab12740919b182d0829e30.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ORD53-C3
age
0
x-yottaa-optimizations
ob/1000 si/26D1cc023017-1719340557-5509945259 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-ratelimit-1m-remaining
23852, 1993020
x-ratelimit-1m-reset
52404, 52403
vary
Accept-Encoding, User-Agent
x-ratelimit-1m-limit
24000, 2000000
content-type
application/json
cache-control
no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics
2621cc02835b/[123,121,-] 26D1cc023017/[-,125.981]
cf-ray
899b704e3919223a-ORD
x-amz-cf-id
u2aem_a9oM319Zh71EV8lVzGG3O1YxZO3N81BAiZjOZo32knOkKoqg==
otFlat.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5mNZducabMgxSDzBo+ZI8w==
age
43499
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:30 GMT
server
cloudflare
etag
0x8DB82A159AF8EA6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0c718e4e-201e-0081-6f27-129959000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899b704e5cc5360f-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/
61 KB
12 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
sXFDxCJwbPEMIT/8f5Prwg==
age
36750
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12544
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:33 GMT
server
cloudflare
etag
0x8DB82A15AFF8646
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f78e9e1f-701e-008c-7c4e-79518d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899b704e5cca360f-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
v0pzgeeelPwcAOki15i3HA==
age
43357
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1766
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:32 GMT
server
cloudflare
etag
0x8DB82A15AB9FB83
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cd67b2fb-901e-0094-1c03-248eea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899b704e5ccb360f-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
oWkBTLgDDXvrUsd93y/Zxg==
age
41355
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7ebeb764-601e-001b-3c34-ac6ffb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
899b704e5ccc360f-FRA
uia
async-px.dynamicyield.com/
0
382 B
XHR
General
Full URL
https://async-px.dynamicyield.com/uia?cnst=1&_=1719386467802
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:08 GMT
via
1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
0UCauchFpUNvlZK-q-vnOCS427dR17cfRQo6pr19zmGVnSElGeMIow==
expires
0
batch
async-px.dynamicyield.com/
0
385 B
Ping
General
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1719386468239_574295
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:08 GMT
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
VNkk51fMEUQGorQBJhuj4rlXP3NJWQ9uwRR5loLgElULBSGsoK7Ypw==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=70245&uid=-2828260323751116445&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=8cb00d90399273cb21ae556c9ea71066&expSes=44717&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=30062921765476045&cgtgDecisionId=30062920315169506&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719386468258&rri=6025795
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:08 GMT
via
1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
tXCAAKJWiBe5DvJu9xib34w1BXPToFGSJb8zXAe2V0U0m-cXHhrxWw==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=33796&uid=-2828260323751116445&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=8cb00d90399273cb21ae556c9ea71066&expSes=44717&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=30062924129015553&cgtgDecisionId=30062920271436403&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719386468259&rri=3722071
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:08 GMT
via
1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
YpAJiUftq1kl5psOvHBlfpR9kS7DhAraHCsq1RNeb-o3ZkAXEicPDQ==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=911368&uid=-2828260323751116445&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=8cb00d90399273cb21ae556c9ea71066&expSes=44717&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=30062923399438732&cgtgDecisionId=30062922369410757&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719386468261&rri=9973056
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:08 GMT
via
1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
ymtmXMWHlmv7e-o0cn8Z7e4n4avivyBkjgrZgmxoHFb9gBbgHZ1tfg==
expires
0
favicon.ico
www.elfcosmetics.com/
34 KB
34 KB
Other
General
Full URL
https://www.elfcosmetics.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
via
1.1 babb61789095288ef1d09146c15e7f1e.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
34494
x-amz-cf-pop
JFK50-P2
age
509, 509
x-amzn-remapped-connection
close
x-amzn-requestid
307935f5-0c9f-47a1-9140-f9c5a38ed35e
x-yottaa-optimizations
ob/100 si/26D1cc023017-1719340557-5509945260 tts/1719340523228 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront
x-amz-apigw-id
Z8hmBFiviYcER6A=
content-length
34494
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2024 22:44:06 GMT
x-amzn-trace-id
Root=1-667b4959-432d16360e3debad6fe196f4;Parent=18e53cf88887cf14;Sampled=0;lineage=2b75b0e9:0
etag
W/"86be-190519212f0"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=600, s-maxage=600
x-yottaa-metrics
2621cc02835d/[6,-,1719385916230] 26D1cc023017/[-,8.949]
accept-ranges
bytes
x-amzn-remapped-date
Tue, 25 Jun 2024 22:48:57 GMT
x-amz-cf-id
S6jazLDafeIKyrs3vaSvEHAtUT7vUQ8oPhsPY6iDesI-tVz7XeFkkg==
event
qoe-1.yottaa.net/log-nt/
3 B
191 B
Ping
General
Full URL
https://qoe-1.yottaa.net/log-nt/event
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.174.14.80 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 07:21:08 GMT
access-control-expose-headers
X-Results-Data-Source
access-control-allow-credentials
true
cache-control
no-cache
timing-allow-origin
*
content-type
text/json
site.min.js
edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/
84 KB
20 KB
Script
General
Full URL
https://edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/site.min.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1ad3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
x-amz-version-id
.qrNcRtRG6VmB5kbLKXtk4Otpa6s5GTr
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
RPXSJ13M5FXMKBRV
age
940
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6cY9mAMu73SrD7POigB8vFDNHhpy0PMxrmHuYyUnVFLdAd3tw2zS6tzOVGrAiV3dD81fugC1Ni2QKW5l2LshL85b+yLfqRYYVEQTHQBzJhk=
last-modified
Fri, 07 Jun 2024 18:56:15 GMT
server
cloudflare
etag
W/"50d92f85574de50a7d4a214fa4131720"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800,s-maxage=1800
cf-ray
899b7053bbc68f34-FRA
sessions
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/
0
1 KB
XHR
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjg4OTg2OGEzLTY3YjgtNDQzOC1iZDZmLTA5MzUwNTIyOWIxMiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTkzODY0MzcsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibWJFM21idzJ3cmtSbEhCR21hWVlsYmsyOjpjaGlkOiAiLCJleHAiOjE3MTkzODgyNjcsImlhdCI6MTcxOTM4NjQ2NywianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjMwMDMyNjk0MDcwMzgwOCJ9.es-JGB1KkeUg1vFDOiMm1vACD0JPZwij7hs1Lz8EerqTc41JaUPjkXuq_gLd9bZ34XOAQsakGQwFW53g3lrL8Q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
via
1.1 f3784375413c3c1fd8e02b9ecec32db6.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
ORD53-C3
age
0
x-yottaa-optimizations
ob/0 si/26D1cc023017-1719340557-5509945261 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
allow
OPTIONS,POST
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
2621cc02835c/[208,204,-] 26D1cc023017/[-,210.360]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions
accept-ranges
bytes
cf-ray
899b7053a9c8629f-ORD
x-dw-request-base-id
8zMVzmTBe2YBAAB_
x-amz-cf-id
QyEcN7vslLWzAce6aLuKSgQgiLDQ0LNGSf_wWY5lQFjGLvlWW1-IIw==
x-yottaa-os
204
expires
Thu, 01 Dec 1994 16:00:00 GMT
shoppercontext
www.elfcosmetics.com/api/v1/
114 B
872 B
XHR
General
Full URL
https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjg4OTg2OGEzLTY3YjgtNDQzOC1iZDZmLTA5MzUwNTIyOWIxMiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTkzODY0MzcsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibWJFM21idzJ3cmtSbEhCR21hWVlsYmsyOjpjaGlkOiAiLCJleHAiOjE3MTkzODgyNjcsImlhdCI6MTcxOTM4NjQ2NywianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjMwMDMyNjk0MDcwMzgwOCJ9.es-JGB1KkeUg1vFDOiMm1vACD0JPZwij7hs1Lz8EerqTc41JaUPjkXuq_gLd9bZ34XOAQsakGQwFW53g3lrL8Q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 1bfeca785e36f5deb3a11ad4668f4a70.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
114
content-encoding
gzip
x-amz-cf-pop
ORD53-C3
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
89218802-da55-46ad-b185-9242c5c4c32f
x-yottaa-optimizations
ob/1000 si/26D1cc023017-1719340557-5509945262 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
Z9snvGSeiYcEZWg=
content-length
108
alt-svc
h3=":443"; ma=86400
etag
W/"72-HgdmTgyCF/DQfqnMU3u+4UstAzI"
x-amzn-trace-id
Root=1-667bc164-3357e590470a13e85e1a48b8;Parent=6904508137769601;Sampled=0;lineage=2b75b0e9:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
2621cc02835e/[395,392,-] 26D1cc023017/[-,398.129]
x-amzn-remapped-date
Wed, 26 Jun 2024 07:21:08 GMT
x-amz-cf-id
LwQz03c3b68guIfeeI_LQ6ZXxEq-XOQayIR5NQwMd_ycfUPOcBmc4w==
sync
sdk.iad-05.braze.com/api/v3/content_cards/
85 B
251 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f5c8d48f5dd57bd214c176347b7702c748134e74600166847acf0317f8d2d82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Braze-Req-Tokens-Remaining
28
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
1274
BRAZE-SYNC-RETRY-COUNT
0
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
X-Braze-Req-Attempt
1
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
a1a73b7f-bf23-49be-bc94-6ecef64a0679
x-runtime
0.044887
server
cloudflare
etag
W/"1f5c8d48f5dd57bd214c176347b7702c"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1719386469
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
899b7052fa759baa-FRA
x-ratelimit-remaining
481.0
geo-ip
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/
179 B
889 B
XHR
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.117
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.com/
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 0e83b80efeab12740919b182d0829e30.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD53-C3
x-yottaa-optimizations
ob/1000 si/26D1cc023017-1719340557-5509945263 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.117
x-yottaa-metrics
2621cc02835f/[266,263,-] 26D1cc023017/[-,268.785]
cf-ray
899b7055a96b6177-ORD
x-dw-request-base-id
8zMtzmTBe2YBAAB_
x-amz-cf-id
Xrsxr_1jwoYBJrUsug-QZK3nTZ-eR0Qy5Kc96n7Kpm5HgHRZkWtL6g==
geo-ip
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/
179 B
899 B
XHR
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.117
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.com/
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:09 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 bd54236b6457f0995f0667aa772c5aae.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD53-C3
x-yottaa-optimizations
ob/1000 si/26D1cc023017-1719340557-5509945266 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.117
x-yottaa-metrics
2621cc02836d/[242,239,-] 26D1cc023017/[-,244.011]
cf-ray
899b70583aaf2c07-ORD
x-dw-request-base-id
8zNHzmXBe2YBAAB_
x-amz-cf-id
rwmeADoJ7XensqySzEgcob5QDZ64PzjpyJrKlDOa-DF8e3F5GDu6cg==
baskets
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abmbE3mbw2wrkRlHBGmaYYlbk2/
11 B
874 B
Fetch
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abmbE3mbw2wrkRlHBGmaYYlbk2/baskets?siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjg4OTg2OGEzLTY3YjgtNDQzOC1iZDZmLTA5MzUwNTIyOWIxMiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTkzODY0MzcsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibWJFM21idzJ3cmtSbEhCR21hWVlsYmsyOjpjaGlkOiAiLCJleHAiOjE3MTkzODgyNjcsImlhdCI6MTcxOTM4NjQ2NywianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjMwMDMyNjk0MDcwMzgwOCJ9.es-JGB1KkeUg1vFDOiMm1vACD0JPZwij7hs1Lz8EerqTc41JaUPjkXuq_gLd9bZ34XOAQsakGQwFW53g3lrL8Q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://www.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
sfdc_customization
HOOK
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
899b70559f0a2a21
x-content-type-options
nosniff
via
1.1 1a02ed973fa197a1dacf9e97520c66fa.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD53-C3
x-yottaa-optimizations
ob/1000 si/26D1cc023017-1719340557-5509945264 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
content-length
37
allow
GET,HEAD,OPTIONS
x-ratelimit-remaining
999
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
sfdc_load
3
cache-control
max-age=0,no-cache,no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abmbE3mbw2wrkRlHBGmaYYlbk2/baskets?siteId=elf-us
x-ratelimit-limit
99999
accept-ranges
bytes
cf-ray
899b70559f0a2a21-ORD
x-amz-cf-id
7koehFqmTm2VTeS22Vbo-Mk-s3F2I-hGg3-VhGzMbxB52SNDSndRuQ==
x-yottaa-metrics
2621cc028360/[216,213,-] 26D1cc023017/[-,218.162]
viewPage
api.cquotient.com/v3/activities/bbxc-elf-us/
98 B
517 B
Fetch
General
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/main.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.23.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-23-152.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
096725fc6fdf3b8a7f3adee0b2c77586a59bf9177cebcb2f17e4f56abc36b02f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-cq-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
strict-transport-security
max-age=15552000; includeSubdomains
server
envoy
etag
W/"62-yM7rExuKB4d/Q3yLY+hfpRoGy7I"
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
98
viewPage
api.cquotient.com/v3/activities/bbxc-elf-us/ Frame
0
0
Preflight
General
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.23.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-23-152.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cq-client-id
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type, x-cq-tenant, x-cq-client-id
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.com
content-length
0
date
Wed, 26 Jun 2024 07:21:08 GMT
server
envoy
strict-transport-security
max-age=15552000; includeSubdomains
x-envoy-upstream-service-time
1
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=779885&uid=-2828260323751116445&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28646951%5D&ses=8cb00d90399273cb21ae556c9ea71066&expSes=44717&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=30062924042229819&cgtgDecisionId=30062922825115898&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719386468626&rri=3314182
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:08 GMT
via
1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
OctmZFjtk1nh7YaEos5AnLW1kLz02jKZvEoQpEVxKpMb6qsqcY2E0g==
expires
0
ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
623 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
45986
x-ms-lease-status
unlocked
last-modified
Tue, 25 Jun 2024 02:35:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
90c37d8f-101e-0090-1caf-c606c6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
899b70552eb59b1c-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
538 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
37247
x-ms-lease-status
unlocked
last-modified
Tue, 25 Jun 2024 02:35:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ac6dc60c-d01e-008d-4208-c7df2c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
899b70554da3360f-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/
4 KB
4 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
56791
content-length
4036
x-ms-lease-status
unlocked
last-modified
Mon, 24 Jun 2024 16:48:43 GMT
server
cloudflare
etag
0x8DC946D81FC1ABF
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
80156571-901e-0002-259f-c69170000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899b70557f069b1c-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 07:21:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
10147
x-ms-lease-status
unlocked
last-modified
Tue, 25 Jun 2024 02:35:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7db24059-e01e-000d-0d32-c77c86000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
899b70557f089b1c-FRA
110221.ct.js
tag.rmp.rakuten.com/
47 KB
15 KB
Script
General
Full URL
https://tag.rmp.rakuten.com/110221.ct.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
78444f565ef9d1110c98161cd87e83713d5669e7d8e15a149c367c1f141d6c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Wed, 26 Jun 2024 07:21:08 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js
www.paypal.com/sdk/
424 KB
119 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8504109b1bce264edc0e1a03488e5a911871fac641ddee2a4ec8c51d2078b5d8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vskE6tGdg5nzycrThiYloLiSiO9HaaLrpHOJ4gMV8UWL9wEo' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vskE6tGdg5nzycrThiYloLiSiO9HaaLrpHOJ4gMV8UWL9wEo' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vskE6tGdg5nzycrThiYloLiSiO9HaaLrpHOJ4gMV8UWL9wEo' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vskE6tGdg5nzycrThiYloLiSiO9HaaLrpHOJ4gMV8UWL9wEo' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Wed, 26 Jun 2024 07:21:08 GMT
age
10185
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f268349d66b54
server-timing
"traceparent;desc="00-0000000000000000000f268349d66b54-104758f14d688346-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
119481
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220158-FRA, cache-fra-etou8220158-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f268349d66b54-9670c49ad46c59b7-01
x-timer
S1719386469.934873,VS0,VE5
etag
W/"1d2b9-bshmImIdV1cxwK1pXAEY6knlyT8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
main.js
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/
146 KB
43 KB
Script
General
Full URL
https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.94.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-94-141.deploy.static.akamaitechnologies.com
Software
nginx / Express
Resource Hash
2e8fd8d487b4259dbdc6c529f742806377fae205c8dc7d0f35ac8797bafe5b3b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Date
Wed, 26 Jun 2024 07:21:08 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"f3bc9cdcf9c97d0ec2f18fd72203201caef8fea5-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, max-age=900
Connection
keep-alive
Content-Length
43443
Expires
Wed, 26 Jun 2024 07:36:08 GMT
/
websdk.appsflyer.com/
38 KB
12 KB
Script
General
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::213:c679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:21:08 GMT
Content-Encoding
gzip
x-amz-request-id
YNGC7PCXVN28Z00Q
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
11792
x-amz-id-2
vrDln2XCGOFSFkLE6Ln17Y/P092c846kqJOj1nLZLa1T5AvAIx9Wt+4jaFyZJcu85WAzx+0b3iU=
Last-Modified
Wed, 14 Jun 2023 06:58:45 GMT
Server
AmazonS3
ETag
"5a676288bcea03bd05e483bc4ce066ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2731
Accept-Ranges
bytes
X-DataStream-Cache-Status
1
Expires
Wed, 26 Jun 2024 08:06:39 GMT
batch
async-px.dynamicyield.com/
0
383 B
Ping
General
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1719386468773_542732
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:08 GMT
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
-qjNick9UdTrH_2Ls2gPdqhvS4hA1Qspf2GVVyIz3tJECGfh94YzQA==
expires
0
js
www.googletagmanager.com/gtag/
326 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
136d54d7a94c30d94eea4bb41f5c716dc2ec380d8d939147cab99672701cd268
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
109224
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Jun 2024 07:21:08 GMT
js
www.googletagmanager.com/gtag/
310 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d592c0b82ba76a89bc6acafae00f450ea96f8454e9be9df612d88b3cc55eec71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105096
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Jun 2024 07:21:08 GMT
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26f32cff4659c1340820bbd6bb5550d2fa30cede9f97c16350a555c4226f5651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 26 Jun 2024 07:21:08 GMT
destination
www.googletagmanager.com/gtag/
213 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8585180148aa9b29865ae4c480871564e26d9b0e1d6256ad99b9c8b4ff8aee6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78310
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jun 2024 07:21:08 GMT
destination
www.googletagmanager.com/gtag/
213 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f8e8c9a0db50e8b1a909f474caacbe4ac201cd35c52dfeb2262e67048194d19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78198
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jun 2024 07:21:08 GMT
1a8bfa042c9c5.js
t.contentsquare.net/uxa/
336 KB
80 KB
Script
General
Full URL
https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-53.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d841b6859d2469f63df65c0a91d70da822367d82810d4d08900d79b21bdddc19

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 07:44:11 GMT
content-encoding
br
via
1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81626
last-modified
Wed, 19 Jun 2024 07:37:38 GMT
server
AmazonS3
etag
"833f870d397c05130b52ad5dd9f75837"
vary
Accept-Encoding, Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
qF8Mg-hmkZ3eI4zGSlqvh_mQS7NVW-zKleT_xkxooUUMQJ8TYLNimQ==
destination
www.googletagmanager.com/gtag/
213 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3fdc23a8c7420ef677af05a394dfc47c2edf577b167bcfa2676c845686dd0c3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78255
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jun 2024 07:21:08 GMT
2024-06-hptile-newArrivals-hero-D-img3-min
cdn.media.amplience.net/i/elfcosmetics/
21 KB
22 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img3-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img3-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img3-min?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.166 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0bc04f014f0ba1d65c050fa9d2c49183d65bff457becdd380ced028e97e1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3414
x-amp-srv
CF
edge-cache-tag
qwALGRYRV,l4p5bDg2e,xRMdGFflt,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
BRSEnXG7nR
alt-svc
h3=":443"; ma=86400
content-length
21815
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Tue, 25 Jun 2024 12:30:19 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b7056eff4452e-TXL
x-amp-published
Mon, 10 Jun 2024 15:55:02 GMT
experience.min.js
edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/
0
0

NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/
5 KB
5 KB
Image
General
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:09 GMT
x-amz-version-id
null
cf-cache-status
HIT
age
35834
x-amz-server-side-encryption
AES256
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
content-length
5378
last-modified
Tue, 25 Jun 2024 21:23:55 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b705b0a811cab-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/
2 KB
1 KB
Image
General
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:09 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
age
77111
x-amz-server-side-encryption
AES256
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2024 09:55:58 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
cf-ray
899b705b0a7e1cab-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
icon-noun-drop-1235517%201
elfcosmetics.a.bigcontent.io/v1/static/
2 KB
1 KB
Image
General
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%203x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f366287eaa5627dc7ee48d1fcb79d20bceae8238ee2f1dd772f059685fe9c799

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:09 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
age
29177
x-amz-server-side-encryption
AES256
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2024 23:14:52 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
cf-ray
899b705b0a7d1cab-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
300240
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/products/
51 KB
6 KB
XHR
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/products/300240?siteId=elf-us&locale=en-US&currency=USD&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
781678db3532a9fc7ef12c8a730d9f24495fe8573f7133fe6e6c57a0a6c0cb7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
cache-control
no-cache
Referer
https://www.elfcosmetics.com/
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:09 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
via
1.1 816598f181436605d73955dd5c13ae78.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD53-C3
x-yottaa-optimizations
ob/1000 si/26D1cc023017-1719340557-5509945269 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 26 Jun 2024 07:21:09 GMT
allow
GET,HEAD,OPTIONS
vary
accept-encoding
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/products/300240?siteId=elf-us&locale=en-US&currency=USD&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
x-yottaa-metrics
2621cc023042/[196,191,-] 26D1cc023017/[-,200.306]
cf-ray
899b705a8a9822fe-ORD
x-dw-request-base-id
8zNgzmXBe2YBAAB_
x-amz-cf-id
L_I5zMbqATCSUNQxcWA02E-AGAiegjMwtCmh2AiyMt93FVdjSI55jQ==
src=10742279;dc_pre=CLebg97d-IYDFacJogMdWLMJAQ;type=elf8j0;cat=glo_flhp;ord=6542274125230;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=6542274125230;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%...
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CLebg97d-IYDFacJogMdWLMJAQ;type=elf8j0;cat=glo_flhp;ord=6542274125230;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=6...
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CLebg97d-IYDFacJogMdWLMJAQ;type=elf8j0;cat=glo_flhp;ord=6542274125230;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CLebg97d-IYDFacJogMdWLMJAQ;type=elf8j0;cat=glo_flhp;ord=6542274125230;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=10742279;dc_pre=CN-Vg97d-IYDFVgdogMdn_IrlA;type=elf8j0;cat=glo_flap;ord=1070473647765;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=1070473647765;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%...
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CN-Vg97d-IYDFVgdogMdn_IrlA;type=elf8j0;cat=glo_flap;ord=1070473647765;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=6...
42 B
118 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CN-Vg97d-IYDFVgdogMdn_IrlA;type=elf8j0;cat=glo_flap;ord=1070473647765;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CN-Vg97d-IYDFVgdogMdn_IrlA;type=elf8j0;cat=glo_flap;ord=1070473647765;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=10265292;dc_pre=CKabg97d-IYDFWEJogMd-FwFEg;type=conte0;cat=homep0;ord=504751739708;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=504751739708;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chr...
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKabg97d-IYDFWEJogMd-FwFEg;type=conte0;cat=homep0;ord=504751739708;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium...
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKabg97d-IYDFWEJogMd-FwFEg;type=conte0;cat=homep0;ord=504751739708;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKabg97d-IYDFWEJogMd-FwFEg;type=conte0;cat=homep0;ord=504751739708;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=9231397;dc_pre=CJSdg97d-IYDFXAdogMdFVsrlQ;type=retarget;cat=globa0;ord=4803059632829;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=4803059632829;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0....
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CJSdg97d-IYDFXAdogMdFVsrlQ;type=retarget;cat=globa0;ord=4803059632829;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab...
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CJSdg97d-IYDFXAdogMdFVsrlQ;type=retarget;cat=globa0;ord=4803059632829;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CJSdg97d-IYDFXAdogMdFVsrlQ;type=retarget;cat=globa0;ord=4803059632829;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je46o1v879088318z8896608294za200zb896608294&gcs=G100&gcd=13u3uPu2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1962118793.1719386470&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1719386469&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&en=page_view&_fv=1&_nsi=1&_ss=2&ep.page_type=homepage&ep.page_environment=production&ep.page_country=US&ep.page_language=EN&up.custom_user_id=&up.client_id=&up.user_has_transacted=false&up.user_logged_in=false&up.user_country=US&up.user_loyalty_status=false&tfd=9668&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je46o1v879088318z8896608294za200zb896608294&gcs=G100&gcd=13u3uPu2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1962118793.1719386470&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=MA&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1719386469&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&_s=2&tfd=9699&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
sgtm.elfcosmetics.com/g/
65 B
127 B
XHR
General
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46o1v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=644946742.1719386470&ecid=388026176&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BB&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sst.rnd=112933677.1719386467&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=1&sid=1719386469&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=pageview&_fv=1&_nsi=1&_ss=1&ep.vendor_id=pinterest&ep.email=&ep.event_id=1719387424217_17193872046559&ep.external_id=&tfd=9760&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:10 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
collect
sgtm.elfcosmetics.com/g/
65 B
305 B
XHR
General
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46o1v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=644946742.1719386470&ecid=388026176&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BB&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sst.rnd=112933677.1719386467&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=2&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1719386469&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&en=page_view&ep.page_type=homepage&ep.page_environment=production&ep.page_language=EN&ep.page_country=US&_et=3&up.custom_user_id=&up.client_id=&up.user_has_transacted=false&up.user_logged_in=false&up.user_country=US&up.user_loyalty_status=false&tfd=9773&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:09 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
jsp
ut.rd.linksynergy.com/
148 B
414 B
Script
General
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
59f0642d6146c95064a717361e8134b4a9259be92f8336a490f18a229f625d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/plain; charset=utf-8
date
Wed, 26 Jun 2024 07:21:09 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-samesite
secure
local
www.paypal.com/credit-presentment/experiments/ Frame 6463
0
0
Document
General
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.6&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
53377
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1524
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Wed, 26 Jun 2024 07:21:10 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-k/QK1NFas/IBrzT0O7RgPkQNy/8"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f234279f29c40
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f234279f29c40-36dad96bced658d1-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f234279f29c40-f076cdc43fb1f880-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
10227, 0
x-served-by
cache-fra-etou8220099-FRA, cache-fra-etou8220099-FRA
x-timer
S1719386470.145238,VS0,VE7
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/
14 KB
6 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.com&t=xo&v=5.0.447&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
683895b58a1cd7303bf4d15a626c7d4f23f5ae7a8c3ce17b36156342556cb1bf
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-dCX2kqqgveHN6zyupTkIiMFIyOm0W7l4T6sboRr6jKt6fXkw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-dCX2kqqgveHN6zyupTkIiMFIyOm0W7l4T6sboRr6jKt6fXkw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Jun 2024 07:21:10 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
52489
x-cache
HIT, MISS
paypal-debug-id
f1716315fda88
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4797
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220158-FRA, cache-fra-etou8220158-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f1716315fda88-25a9cadab37d8086-01
x-timer
S1719386470.107866,VS0,VE4
etag
W/"3691-MVNUZpTNZN+lTArJ8ymVkfMt8tk"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
3, 0
baskets
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/
3 KB
2 KB
XHR
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
fac7e70537856ea25914d86e832ad8bde01820db230cc243778544bfe84ed0d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjg4OTg2OGEzLTY3YjgtNDQzOC1iZDZmLTA5MzUwNTIyOWIxMiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTkzODY0MzcsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibWJFM21idzJ3cmtSbEhCR21hWVlsYmsyOjpjaGlkOiAiLCJleHAiOjE3MTkzODgyNjcsImlhdCI6MTcxOTM4NjQ2NywianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjMwMDMyNjk0MDcwMzgwOCJ9.es-JGB1KkeUg1vFDOiMm1vACD0JPZwij7hs1Lz8EerqTc41JaUPjkXuq_gLd9bZ34XOAQsakGQwFW53g3lrL8Q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.com/
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:10 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 6e618790e28163ec91041a24942fdc3c.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD53-C3
age
0
x-yottaa-optimizations
ob/1000 si/26D1cc023017-1719340557-5509945271 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-encoding
gzip
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1101
pragma
no-cache
etag
18a8d58c060593a7676246f262a6f4b4a335731e8aeb7b7b2fcf8c633a9d84dd
allow
OPTIONS,POST
content-type
application/json;charset=UTF-8
x-dw-resource-state
18a8d58c060593a7676246f262a6f4b4a335731e8aeb7b7b2fcf8c633a9d84dd
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
2621cc023043/[237,233,-] 26D1cc023017/[-,241.279]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets
accept-ranges
bytes
cf-ray
899b705eda126398-ORD
x-dw-request-base-id
8zOJzmbBe2YBAAB_
x-amz-cf-id
ShB04HzikeuYnJI6Hotpn4s5RABfN6OgNmNRG_UZgsxG3mfsbQi4ag==
x-yottaa-os
200
expires
Thu, 01 Dec 1994 16:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/61b3b5e4/www-widgetapi.vflset/
31 KB
11 KB
Script
General
Full URL
https://www.youtube.com/s/player/61b3b5e4/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56c989ad68e2d657ec33446633534c0d2b3ee0aeaa1cbe4ef8a21a1e9a5c3b99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:49:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
1902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10459
x-xss-protection
0
last-modified
Mon, 24 Jun 2024 04:16:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 26 Jun 2025 06:49:28 GMT
logger
www.paypal.com/xoplatform/logger/api/
1022 B
885 B
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d6981b06f028e51cb613dbc7eba2c2909ce2725e9cadc0867319ab7bfcb1d41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:10 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f752885992907
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-etou8220085-FRA, cache-fra-etou8220085-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f752885992907-97c977283dccc259-01
x-timer
S1719386471.577270,VS0,VE181
etag
W/"3fe-aq2qLsP8zRR7ILaeUoo0y1o+rxA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
2024-06-hptile-newArrivals-hero-D-img4-min
cdn.media.amplience.net/i/elfcosmetics/
76 KB
77 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img4-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img4-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img4-min?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.166 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26663e70816428e507929d3c42621895551903c5ceab3bedbf1b3d41385bd309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
39611
x-amp-srv
CF
edge-cache-tag
161Cnzq2o,l4p5bDg2e,imkN6HLGL,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
c6WEX5VyqL
alt-svc
h3=":443"; ma=86400
content-length
78301
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Tue, 25 Jun 2024 12:30:21 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b705ee9c6452e-TXL
x-amp-published
Mon, 10 Jun 2024 15:55:02 GMT
logger
www.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Wed, 26 Jun 2024 07:21:10 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f5798612d1749
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f5798612d1749-3c9b894ebc904c8a-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220085-FRA, cache-fra-etou8220085-FRA
x-timer
S1719386470.295761,VS0,VE183
d04ae690-9600-4ebe-abdf-cdc8ad5697e8
https://www.elfcosmetics.com/
7 KB
0
Other
General
Full URL
blob:https://www.elfcosmetics.com/d04ae690-9600-4ebe-abdf-cdc8ad5697e8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dae94126362e2c8b80dfbc73f6b32f15be7805cbdf6739a72cab5ca534c15e0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
7329
Content-Type
application/javascript
pageview
c.contentsquare.net/
0
320 B
Image
General
Full URL
https://c.contentsquare.net/pageview?ex=&dt=222&pvt=n&cvars=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&cvarp=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&la=de-DE&uc=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&dr=&dw=1600&dh=5418&ww=1600&wh=1200&sw=1600&sh=1200&uu=87f96f67-34b8-aa51-e360-4f00fa087117&sn=1&hd=1719386470&v=14.19.1&pid=1926&pn=1&r=825605
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.62.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-62-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:10 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
collect
sgtm.elfcosmetics.com/g/
65 B
127 B
XHR
General
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46o1v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=644946742.1719386470&ecid=388026176&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BB&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=MA&sst.rnd=112933677.1719386467&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1719386469&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&_s=3&tfd=10317&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 26 Jun 2024 07:21:10 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
ts
t.paypal.com/
42 B
598 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1719386470300&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2F&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 26 Jun 2024 07:21:10 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
1d8530a96cb1a
server-timing
"traceparent;desc="00-00000000000000000001d8530a96cb1a-7d6fbde46084fb8a-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220054-FRA
pragma
no-cache
correlation-id
1d8530a96cb1a
traceparent
00-00000000000000000001d8530a96cb1a-1edf428faf8d30be-01
x-timer
S1719386471.775881,VS0,VE158
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jun 2024 07:21:10 GMT
us.svg
www.elfcosmetics.com/mobify/bundle/11418/static/img/flag-icons/
9 KB
1 KB
Image
General
Full URL
https://www.elfcosmetics.com/mobify/bundle/11418/static/img/flag-icons/us.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:10 GMT
via
1.1 9943890eb37be34c13b8fe8ad283f11c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
ORD56-P8
age
721078
x-yottaa-optimizations
ob/1001 si/26D1cc023017-1718640958-7787785867 tts/1716499759185 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
780438
alt-svc
h3=":443"; ma=86400
content-length
676
x-amz-meta-bundle
11418
x-yottaa-forcecache
true, true
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
2621cc023044/[17,14,-] 26D1cc023017/[hit]
x-amz-cf-id
syL4fi86byJvEwDx5VF9-o2ZajxDyAFi13aqcjt3fHHMgeBW-sQo6w==
promotions
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/
3 KB
3 KB
Fetch
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2024-06-pride-flash-tattoo-gwp%2C2024-06-gwp-%2435&locale=en-US
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
67bb4a9adf698dee39c76aeeacd6f8d54aa4ebcb1f6fbf33f76c5e131f5eb5c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjg4OTg2OGEzLTY3YjgtNDQzOC1iZDZmLTA5MzUwNTIyOWIxMiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTkzODY0MzcsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibWJFM21idzJ3cmtSbEhCR21hWVlsYmsyOjpjaGlkOiAiLCJleHAiOjE3MTkzODgyNjcsImlhdCI6MTcxOTM4NjQ2NywianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjMwMDMyNjk0MDcwMzgwOCJ9.es-JGB1KkeUg1vFDOiMm1vACD0JPZwij7hs1Lz8EerqTc41JaUPjkXuq_gLd9bZ34XOAQsakGQwFW53g3lrL8Q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://www.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:11 GMT
content-encoding
gzip
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
899b70636d6a82da
x-content-type-options
nosniff
via
1.1 c4ce298584668e99f320a46c88c4a04a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-yottaa-optimizations
ob/1000 si/26D1cc023017-1719340557-5509945273 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=RcW7QrtKW2M6ILf3QQoXxhk3ABzVSh9cx_vX5kJ0A8s-1719386471-1.0.1.1-voDlqbZ81mYR6kCoYZhzxFLnXqi5zey.e1QQXdvTRqdq7h_TPyQN17gwJyd2Gu4WujLsxNABt54q55ZjknOlOkPW9Y_M4d5OBqAgQaWlq5iI9LtXjoXQjLsJeFnXVBEhkHayCHBKG8b1mUtoprNXJkc66LFxHb_g9ctguGccbivP3scoCpkFCDpkcHumYriB; report-to cf-csp-endpoint
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
vary
accept-encoding
content-type
application/json;charset=UTF-8
x-ratelimit-remaining
999
sfdc_load
3
x-yottaa-metrics
2621cc023046/[143,139,-] 26D1cc023017/[-,145.165]
cache-control
private,max-age=20
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2024-06-pride-flash-tattoo-gwp%2C2024-06-gwp-%2435&locale=en-US
x-ratelimit-limit
99999
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=RcW7QrtKW2M6ILf3QQoXxhk3ABzVSh9cx_vX5kJ0A8s-1719386471-1.0.1.1-voDlqbZ81mYR6kCoYZhzxFLnXqi5zey.e1QQXdvTRqdq7h_TPyQN17gwJyd2Gu4WujLsxNABt54q55ZjknOlOkPW9Y_M4d5OBqAgQaWlq5iI9LtXjoXQjLsJeFnXVBEhkHayCHBKG8b1mUtoprNXJkc66LFxHb_g9ctguGccbivP3scoCpkFCDpkcHumYriB"}],"group":"cf-csp-endpoint","max_age":86400}
accept-ranges
bytes
cf-ray
899b70636d6a82da-IAD
x-amz-cf-id
hbKQXyvzKYTzywSuJuqgfpnJ2zyQ4HEduGAm4rcdkgNRw5l7KCcrxg==
x-yottaa-os
200
muse.js
www.paypalobjects.com/muse/
55 KB
16 KB
Script
General
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
1a63716d325cb
dc
ccg11-origin-www-1.paypal.com
content-length
16355
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (frc/4CA9)
traceparent
00-00000000000000000001a63716d325cb-ea7e1aaa68929c96-01
etag
"64f25363-daa8+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 26 Jun 2024 08:21:11 GMT
dvar
c.contentsquare.net/
0
319 B
Image
General
Full URL
https://c.contentsquare.net/dvar?v=14.19.1&pid=1926&pn=1&sn=1&uu=87f96f67-34b8-aa51-e360-4f00fa087117&dv=H4sIAAAAAAAAA6tWcnSKd4mMd8%2FJT0rMUXDOzyspys9RCEktLlGyUnKpzEvMzUxWiMxMzUlRcK0oSC3KTM1LTi1W0oHqQ4gpGAI1hCUWZSaWZObnAXkwJT755QqeeSWpeSATA%2FILSnOAikoqlWoB8S1cunwAAAA%3D&ct=2&r=207639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.62.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-62-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:11 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
PWA-UpdateSession
www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/
56 B
1 KB
XHR
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.23 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6

Request headers

c_x-pwa-request
true
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:11 GMT
content-encoding
gzip
via
1.1 1aebdc2bb620af3ce9bb3168e216e004.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
ORD53-C3
age
0
x-yottaa-optimizations
ob/1000 si/26D1cc023017-1719340557-5509945274 tts/1719340523228 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
content-type
application/json
cache-control
no-cache, no-store, must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
x-yottaa-metrics
2621cc023035/[223,218,-] 26D1cc023017/[-,225.771]
cf-ray
899b7065dbf61249-ORD
x-dw-request-base-id
8zOzzmfBe2YBAAB_
x-amz-cf-id
B5MkdfsMjjOiSbDXhA_V44nh9jH5iW1DMNsVZLgPlXPZOLjyj_n-jA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
2024-06-hptile-newArrivals-hero-D-img5-min
cdn.media.amplience.net/i/elfcosmetics/
31 KB
32 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img5-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img5-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img5-min?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.166 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42692dfa6661bd2e7ad2ad4465619ffa9079c20032702dd09e05bfa9fd9bd204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3414
x-amp-srv
CF
edge-cache-tag
aMeJeJNAj,l4p5bDg2e,5L0oRZRq0,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
FiUzWQ8hW-
alt-svc
h3=":443"; ma=86400
content-length
32071
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Tue, 25 Jun 2024 06:03:08 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
899b706939fb452e-TXL
x-amp-published
Mon, 10 Jun 2024 15:55:02 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame A0BE
0
0
Document
General
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16754
content-type
text/html
date
Wed, 26 Jun 2024 07:21:12 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"64f25363-dacc"
expires
Wed, 26 Jun 2024 08:21:12 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
3ba98ae86ab5a
server
ECAcc (frc/4CBF)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000003ba98ae86ab5a-1c20b8011143f6d4-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
ts
t.paypal.com/
42 B
306 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1719386472385&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2F&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 26 Jun 2024 07:21:12 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
5814cfcdd19e4
server-timing
"traceparent;desc="00-00000000000000000005814cfcdd19e4-042d64392e2e99f0-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220054-FRA
pragma
no-cache
correlation-id
5814cfcdd19e4
traceparent
00-00000000000000000005814cfcdd19e4-2f492c718df49f27-01
x-timer
S1719386472.413881,VS0,VE146
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jun 2024 07:21:12 GMT
script-tag.js
cdn-scripts.signifyd.com/api/
10 KB
4 KB
Script
General
Full URL
https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:17:44 GMT
content-encoding
gzip
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
last-modified
Tue, 23 Apr 2024 14:51:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
208
x-amz-server-side-encryption
AES256
etag
W/"73ca6f23f3e08738233832c7a7a0c30c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
sFrOgglhIEqlHJz53m7woYksPHNO16Kjk40Urq-k-O375ZqG-YAr2g==
exist
srm.ba.contentsquare.net/
2 B
94 B
Fetch
General
Full URL
https://srm.ba.contentsquare.net/exist?v=14.19.1&pid=1926&pn=1&sn=1&uu=87f96f67-34b8-aa51-e360-4f00fa087117
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.148.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-148-8.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 07:21:12 GMT
content-length
2
content-type
application/json
company_toolkit.js
cdn-scripts.signifyd.com/api/
4 KB
2 KB
Script
General
Full URL
https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:14:04 GMT
content-encoding
gzip
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
last-modified
Tue, 30 May 2023 10:18:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
429
x-amz-server-side-encryption
AES256
etag
W/"2c3950f122b3977df61b0e077aaa92c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
vCnHncSgFxeI94huCB7dT5KOCCr2bHSCR94e0DymQFISQAkITmSe4A==
xi3lrtgkyoh2ob1w.js
imgs.signifyd.com/
96 KB
14 KB
Script
General
Full URL
https://imgs.signifyd.com/xi3lrtgkyoh2ob1w.js?az4g751w9d9q6lmi=w2txo5aa&q17lmiekik8o5wi4=LzcxMTI3ZWNmNTg2NDczMTgxYzA3YmYzNzI0
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
b90fb5127e1b2f7b008076e4e1c5e41becb5d5286615643b738b04ff42516184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:21:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP=IVAa PSAa
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
458359.gif
idsync.rlcdn.com/
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/458359.gif?partner_uid=228b4394-dec2-4948-97f1-6ee4b2c85234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:21:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sm1_74sZ1n8ZTn9E
imgs.signifyd.com/ Frame 7EF5
301 KB
51 KB
Script
General
Full URL
https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/xi3lrtgkyoh2ob1w.js?az4g751w9d9q6lmi=w2txo5aa&q17lmiekik8o5wi4=LzcxMTI3ZWNmNTg2NDczMTgxYzA3YmYzNzI0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
3a52bd17d8dcecfb6d5a2a8fa7c7d9a9443b04c20f26740a13e20558a4828557
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:21:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
0671edd9c1ac0878
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fVmRg4M7KEyIGR0v
imgs.signifyd.com/ Frame 7EF5
81 B
475 B
Image
General
Full URL
https://imgs.signifyd.com/fVmRg4M7KEyIGR0v?0ffa6d469f224508=IWAHr-fgtwLzCdu6BihrcQijtQkbaZkz-umeJJglyIrr1dv1BRkiWLmHh6JDizusxVs0lpnpaEfTbgShCaIwJtMrxgTYaqtrsGgKtCS5QVs8-QVCG4W7dh-XpVCT3AnbNMmP9knYOrkKar6wuLp8GM4Y5emBCGe6xBKcz2s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2024 07:21:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v5A6Yyl-FpWNm7EE
imgs.signifyd.com/ Frame 7EF5
81 B
475 B
Image
General
Full URL
https://imgs.signifyd.com/v5A6Yyl-FpWNm7EE?002179a5474fb4cf=lBl1r9VSCH7AeNHylZeqWq077FByx6FZF_fIi2lQtcUWjYcCpCVtQGiG89mrxSGjt42II-aCJedVXVsBxx_pvm6Hq3X4dVxlz8Ajokq4786kFJnoueQGajn3MLkpAcoURu-8nXG0C7mLW6CN5sl9Z9-QS5B34HH3nD5Ucbg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2024 07:21:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
imgs.signifyd.com/fp/ Frame 7EF5
81 B
536 B
XHR
General
Full URL
https://imgs.signifyd.com/fp/clear.png
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*/*, w2txo5aa/0671edd9c1ac0878lzcxmti3zwnmntg2ndczmtgxyza3ymyznzi0
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:21:14 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 26 Jun 2024 07:21:14 GMT
Server
Apache
Etag
218a8c99e47548fdbad4806fdae75104
Content-Type
image/png
Access-Control-Allow-Origin
https://www.elfcosmetics.com
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Mon, 25 Jun 2029 07:21:14 GMT
6bMII5Kl2sTuOnSQ
imgs.signifyd.com/ Frame 6F52
0
0
Document
General
Full URL
https://imgs.signifyd.com/6bMII5Kl2sTuOnSQ?f6688f317c1da568=mOYHOUYLZQElOgTyim8LzFP7rX9r3EqzX12RH5C6Gjvdk_M0WC2fW5i3sQkiCMG9YsvcAxgT1p4B1tIWfr3t6aG9FUgudUq34b_f-9MFPhIWRDFCOHyw9XOeQffCkzj0qGLsAkUwmQQG3mKFf05hTvpPrtJr6QBz_-UhquPytno3pVc0RawOqSY6lr6ixe2CpkAclWUtzdTZexEy5q0
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 26 Jun 2024 07:21:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
oR_d3LaNkmbpnSys
imgs.signifyd.com/ Frame 7EF5
0
398 B
Script
General
Full URL
https://imgs.signifyd.com/oR_d3LaNkmbpnSys?84a698775371a7eb=zq3M4prTv54K0Kj3Fop943mpk6lyiUK_2UtuXI_CH8SKVLPFFYhghJ0Y6swc1tlubMusmTORTD3Opd6oP_mtzfX-GlZHij_ULwvxyjgVrpJ9GLfnDI88vBSAKSJFzjmSZ4gyeitaN3UfMR-nYu4YT5f0ayE&jb=3b3c24647b6135636f30693b6f3531613939373e69323569396b31616b3c3b39323b6c656a6f34
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2024 07:21:14 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hFtOvlz1938bw8qL
imgs.signifyd.com/ Frame 7EF5
134 B
656 B
Script
General
Full URL
https://imgs.signifyd.com/hFtOvlz1938bw8qL?f972146f8b71293c=kUa9m73rt2JYRsf5ZVc_qd6V_20HE0jZvYDlxO2qQaUEM2uE2tdOPmYJ-M4N8NBhgNMfqZnoq9e_OidM4DkXdlypI5x-p4JxoF8JiaJM8sbGtSF8Wxqoa8-C9li8UAx-Njx8MS4yCxUxhyFRWniubg
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
9748416acac7f718d53c5f39b07ba32d7d40ea3ef9f5d7691c2d30e82df7cdde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2024 07:21:14 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fqT_bV40h3GxKzYy
h.online-metrix.net/ Frame EF45
0
0
Document
General
Full URL
https://h.online-metrix.net/fqT_bV40h3GxKzYy?474a7659fff4d0d2=1zUgfrzzfTuoNU1MBr3JhtjupRrV6zab5lWYV5YwkbyoFBa0Q5CwtpC_dcITw21PqE8mt3jJSVOZZnG9-W13WYjVw5Uaftoehp4c3xkT3PBn7tse_klNnU1Xw0nYXVRYqVMxrK7_JSLEG6H2UpJd8w3luB-H3GTb63kScKnTYTNZd-12E5LND5pnPSVDMbB_Vl3bHiw6grwHb595ElPh
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 26 Jun 2024 07:21:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
ZXJDlt3A4b1e092W
imgs.signifyd.com/ Frame A0F8
0
0
Document
General
Full URL
https://imgs.signifyd.com/ZXJDlt3A4b1e092W?b6533723b39f3bd9=PIGTqm_tQo3NhT2kMUIGSqnnC_TvisKXaB099lNPQ7FynN4rz8sjpNmY97GBOjlsLX4hMA5yqDjxToUi3DXCIZJ6zlAmbWoUBJxelXQEEkO2e2fHRaCdj5GVo2FcsNOvGSFNfgQDcDLH1ro70taa4u7ObmVwsEyWbBvVX6cIdb2k_tmIOZjWmOb14JaC9MEr4oYyP5v_wymp29uzTRgo
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 26 Jun 2024 07:21:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
EZuzy-Aq1MAaiZO5
h64.online-metrix.net/ Frame 7EF5
0
357 B
Script
General
Full URL
https://h64.online-metrix.net/EZuzy-Aq1MAaiZO5?550b08b049c3aeca=Ms-Z3NhThJWqk9NjD5m4tVfZsdY2_4HpED0YisBVNTTl4mxp_tTCtOaJMS7cnc5_xh8ZTyoNN9MStH2abFTY6yXjKjE-P4BDw_ywuIK8Dzfn9EgAnVcc0pIo_HRaTHspP2KV3BhlX2WzZgLL-Pwc_foxC5OIVuTB
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2620:f3:0:14:b401:8ee8:4321:ad82 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2024 07:21:14 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
oR_d3LaNkmbpnSys
imgs.signifyd.com/ Frame 7EF5
0
218 B
Script
General
Full URL
https://imgs.signifyd.com/oR_d3LaNkmbpnSys?84a698775371a7eb=zq3M4prTv54K0Kj3Fop943mpk6lyiUK_2UtuXI_CH8SKVLPFFYhghJ0Y6swc1tlubMusmTORTD3Opd6oP_mtzfX-GlZHij_ULwvxyjgVrpJ9GLfnDI88vBSAKSJFzjmSZ4gyeitaN3UfMR-nYu4YT5f0ayE&ja=3933353e2e266b3f3c322c72373632246c3d333c38307a393a3a3024696e353b3c3a3878393832382e73707b37373d38723535322c64727835312e393e3a302e393a383a263b3e303826333a383024333c323a243b3232322631343a382c333a383a2c373f38243f3d3a2e6d7c37303f6e35396639333e316f36606438303b683e36606c3b32376038696e39693e2e6d6637302e7b636c3f38362c64623d6a767e70712f3b41273a4e2f32447f7f7f246f666e6367796f6d7c696b71246165652f3244247a6c3f3f2e706a356d3230306c6e693f3f3f39393b6c366d6a65303b33316f6a3e613b3b3839326e2e686a35383d35346c383a6e3e693d33383c356b3e343b636e6669306865373a3d3733682e6a7167355d696c6c677f792f383831392c687b6a3d4b6a786d676d2f323233383624607b6f77355f636e66677f7b2c60796a7535496a7a676d6d24646a693532266c66673d3a2c666d7678353a2676726c354f7f7867706d2f304e4a657a6e636c2c656b746a703734323a3b64336b3a686561383a6d3c69693d36383a3a3a696439373f363a396c6436373238333e3964346d696b32366c6b313e6b6c6a643f3831393b3131346b246e7a376876767a7327394925304e2d3846757f7f266f666c6b6f7b67677c61637b2c696d672d3846247237706e7f6f696c576e666171602d3d4f6c6b64736d2b72647d67616c557563666e6f7571556d676e61615d78646b79677a2d3d4f6c6b64736d2b72647d67616c55636e6768655d6369726d686974273d4d6c616e7b6d297a667f6f696655737d61636376636f6f2d3f4564636673672b786c776f61645f7160676b617d6b7e652d3f476e696c7b672b72667d6d696c5d78656366786c63716d7825374d6e6966796f2970647f6561665f7e6e695d7a646b7967702f35476c696c716d297a6c776f6166556e6f7e61647c702d3d456e6366716f297a6c7765636e5d797e675d7e616f77677a2d3d4f6c6b64736d2b72647d67616c55686b7e6b2537476c616e796d26656457693d756d6a6f665d6f6a47442f3038392e3827383222477a656c454625303a4d53273a38382e322d3a38496278676d617f6f215f656a45462738384d4c514e2f32324f5b253038392430273a3820457a6f6647442f30384d532d303a45465b462530324f53273838312c382d383041607a6767637f65295f6f604361745f676849637c2f3232556f624546494e45444d55696c7b7c6964696f6c5f6978706971732d31482738384f58565d686c67646c5f6f616667617a2d3b4a2f383a4d585c55616461705761656c7e7a656c27314825303a4d5856576b656c6d7a576a7f6c6c6d72576263646e5f6e6e65637e2d394227303a455a5e576467787c625f616469657a2f394a253a3a47505c5f6e6e65637e57686c676c6e2531482d32324d505e5f647a696f556e6f7874602f314a2d32384752565578656c7b65656e5d656e66716d7c55636e6965782f39482d32384f5a5c577360636e6778577e657a767f726755646f662d3b482530384d505e557e6d787c7f706d5763676f7a706f7b79696d6c5562727e6b25314a2d383047505c577e6f727c757a6f5d6b676d78706f717961656e5d706d74612f3b42273a384f5856577c6d727e7f7a65576c6b647c657a5d6b6c637b6574706d7a69612f3b42273a384f5856577c6d727e7f7a6557676b7a7a6f7a5d696e6b657a5f766d5565666d6d25314a2d383047505c5779584d4a253b48273a384f4d515567666d67656c7655696c6e6d785d7d616474273b4a2d383a454d53576c606757726d6c6e6778576769726f6b7027394a253038474f535d7b7c69646e6b7a64576e677a6176697663746f7b2f33402738304d4f5b5f766d707e75706d576e66656b7c253b48273a384f4d5155766f707e75706755666e6569745d64616465637a2d3b482f38384f4d595d7c6d787c77786755606b6c645d6c6c6d6b7c25314a2d38304d4d5b577e6f727c757a6f5d60696c6e5d6c6e65697e5f6e6b646563782d33402d3a3a4f475b577e6f787e6d78576b707a6979576d68686f6b7e2531402f32325d4d42454457696f6e677a57687f6c6e657a55646467617c2739402f3a3a5747404d4c5d69676d727a6d7973676c577c6f727e7d726d55637b7c632d31482738385d454045465f61656570706d7b796566577c6d727e7f7a65576f766b2d334a2738325d4d48474e5d696f6f7a7a65717b6d6e5f766d707c7f786f57657c69332d3b422d303a554f4a4d4c5d61656d72786d73716d6c557467707c7d786f557b337c69273b4a253a325d47484f465f616d6770706f7b73676c577e657a7c7d7a6f55793b746b55717a6f622d31482738385d454045465f666f6a7565577a6f6e666d7a6d7855636666672f314a2d3238554f404d44556467607f675d796061666d7a7925314a2d3a3a5d4f4a474455666d7874605d7e67727c7f726727394227383857474a4f465f667a697f55687f6e666d78712d3b422d303a554f4a4d4c5d6e657367556b6f6c7c6d7274273b4a2d383a5d4d424f465d657d6c7c6b556678697d2531402f32325d4d424544577a6f6e716f6764556767646d3b342e6f6c576a373a3c6e39633a366b38353b6a343a6d696e38363e31696e3e6b3f623d693438306230636e373f393c26756566763f43667467642d38304b666b262c7d6d647235436c7c6d6c2d303a4b786179253032457067644f4c273a384f6e6561666d2c69696c3d3c&jb=393f322e6471354f65786364666127304c352c3a2d3232205f636e66677f7b2f383a46542d383239382e382739402f3a3a576b6c3c3427394a253038703c342b2d3a384b7a7a64655f6f604361742d304c37393f2433342738302a4140544f442d3843273a386463616f2d32384d676b636f212738324960786f6f672f32443b3a362c38263a2e322d3a38596b6c6972612f304e3d333f2c3934
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:21:14 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Type
text/javascript;charset=UTF-8
P5AvDkFbIYKD_ICa
w2txo5aaggjazmn3d6khts2fla4ntdafas75iivq0671edd9c1ac0878am1.e.aa.online-metrix.net/ Frame 7EF5
81 B
438 B
Image
General
Full URL
https://w2txo5aaggjazmn3d6khts2fla4ntdafas75iivq0671edd9c1ac0878am1.e.aa.online-metrix.net/P5AvDkFbIYKD_ICa?85a25cf7d5f85afc=lZ26QEj2NlexkMUaZmpYb2gMvfxFKWaU5MNXYToitF72cjv2c0SFJd8_6WtJHlxlbsMfO1o_q3HrOf_LZBUjaZkZww84Ic0PslyfD4e8KN17f_b4_YN04MTV0kCmPr_0enUr0iLOEB_YlM0X29etS2LSJ_NEeGcBpUlm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.134.131 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2024 07:21:14 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
vVGN6TTknoNvCLfR
imgs.signifyd.com/ Frame 7EF5
0
400 B
Image
General
Full URL
https://imgs.signifyd.com/vVGN6TTknoNvCLfR?e07d5893eaef1427=jg9luym0GVjnDDCmgUHUcS4LQfhuE2oFLsuNqH2zWYdBEUiAFX7r6vHek6izlWsNjTgCayDei29lJl2JchhEnDwiucfVXhqu8Ux8-cYRQs7jzXqFJh6Io3LSIqGHppG3Na1YEcdztDFEASEjcuvbNMfvAJ7eS0i-_CNwB-_cVaHClV7bj4CR5ZH29GX9sRTRBXU1_RhnOEvQvNtthsI&jf=3c3b342e7b696c5d786c6e357e64705d4231683a405a766e4a4e6b61387241502c796164576e637c6d3d39353b3b39303c3435362c736b6e57747b786d3777676a326d696e7969267b6366576365713f39323f31393033313a36323d3a613a3e3c3263673b6c38383a3b38363832306930363c3a6967396c3a3332333a3732393c323238383e3964386a6e3c6e6c6a623f6e32396c376d613a36683e3b6430356f37603b3f343b3b6c3d64663e6c6c3d3c6b3164393f676930613d3a3961333a6f373a646c3836326c6635313a6930663169393f39686d643a38646a6d633a3a3f3a386b683936666e35353d6a38606c6c3d363a30396d3a3d323f646d693a3e39316a6768612c7b63645d7163673f39383437383a38313238303f3a3e686d323868376a6e6639353d336e6c3a666635693460326c31313c393362676b6d393c32396b61386c373939663c673c376e3c3a6636673c31326c3a30303a383965346b393d6f3e6c6e393d6c346b3930313a3d37683c3d3733316c623a6c6c383a386d33633738386e69323a3f32316b606e3f633f30326139693c3535616b2671636e723f38
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2024 07:21:14 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je46o1v879088318z8896608294za200zb896608294&gcs=G100&gcd=13u3uPu2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1962118793.1719386470&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=3&sid=1719386469&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=video_start&ep.video_title=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&ep.video_provider=HTML5%20Video&_et=3&tfd=14710&_z=fetch
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 07:21:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dxD2eC8w-H7Fjx_i
imgs.signifyd.com/ Frame 7EF5
0
218 B
Script
General
Full URL
https://imgs.signifyd.com/dxD2eC8w-H7Fjx_i?88ea7ee7e23a611a=FZ5w9zPt-QJV3_XE4FjhgMLHM9MGsmqvfQp11pIYX4LPAMMqMlTFwoj1DqqbPPsG4TxB6d_nyRazAm5OPTDUKhlPSU-oDwWr_wBnZHniuSdyxX_1xAmrGybkrWlzELOO1_IiQ-2rpre6bL5OAt8QJWFQcZOEhAn_LtoBUjfXsBuBtnah8N4poIVyqx0iA4-WXm6nSSfth2M1LH4Us0o&jac=1&je=303e242e65656c6a372a392d384333273843312f3a433a3e303235673a3c6b6e683238326d6f616e31653e673a3a6c696e3666663f6237393f333639386c636639313c3d696e30326c3e616a6d3238306c366b693e622b
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 07:21:14 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
Content-Type
text/javascript;charset=UTF-8
oR_d3LaNkmbpnSys
imgs.signifyd.com/ Frame 7EF5
0
398 B
Script
General
Full URL
https://imgs.signifyd.com/oR_d3LaNkmbpnSys?84a698775371a7eb=zq3M4prTv54K0Kj3Fop943mpk6lyiUK_2UtuXI_CH8SKVLPFFYhghJ0Y6swc1tlubMusmTORTD3Opd6oP_mtzfX-GlZHij_ULwvxyjgVrpJ9GLfnDI88vBSAKSJFzjmSZ4gyeitaN3UfMR-nYu4YT5f0ayE&jac=1&je=393b343f2e26786f376c652e686176717e3d273d4a25303a646f7667642d3a382f394931263a322d3a432d3038717e697e757127383227394925303a6b6261706f61666d2f383a253f4e24697d64603f69633d6a336534673c3833696b61613e6e3861356b39313833393e333c3c603d6b3339353334683c6e3866663e38343a38333a6e6d3e66323b6e6b6e323e3d392e6f7a3b3563393169366f383f39673a3b64323d3f66316e6c68306630303f6b33323c346932606d6b336b3168247f69623d27354825303869726160617e65617c7d7a6f2f383a253b4b273a3a7830342f30382d3843273038626b7e6665717b2d3832273b492d38383c3c253a38273a4b253a3068706b666e7327303825314b2d35402d3f4825303a6a7a6b646e2d323a2f31492d323a45656d6d646f253032496870656565273a3a2f32412d3a3a7c6f787b696764273a3a253b432f303839383627303825354e2d32412d3f4825303a6a7a6b646e2d323a2f31492d323a4c65762f3b4b412f4078616c6e2d32302d3a4925303a7e6d787963676e2d38302d3b412d30383a2f3a382535462f32412f3f42273a3a687263666c2d38382f3b412d38304b6072676f6377672d38322730492530387e65707b61656e273a3a2d394b2f3a323938342d3a322d354e273f4c2f3241273832647f646c546d7a79696d664461797e2f3a322d39432d3d422d354827383a6872636c6e2530382d33432d3a384e6d7c2d3a4c4b234a726964662d3a322d304927383a7c657071636f6c2f3a32273b492f3230302638243a2438253a38273f4c253a412f35482d383260706b6e662f3a32273b492f32304b607a6567637d6d2d38302d3a432d3038746f7a79696d6c2f32302f3b41273a3a3b32342638263c3e3d302e3938342d3a322d354e27384b2f37402738326078696e662d3a382531492d3a384d656767646f273a38436070656f6f2d38322730492530387e65707b61656e273a3a2d394b2f3a3239383426382e3e363d3a2439383627303825354e2d35462d3a4925303a65676863666d253a38273b4966696e79672f3a49253030676f666f6425303a2d3941273a3a2d38382f3a432d38307864617c646570672d383227314b2530385f696c3b3a2f32302d3a4b2f3838786c697e64677a6d5e6778716367642530302f33432f3a323338263a2e322d3a3a2f38492d323a7d6d7f3e342d30382739496c616e716f25354e2e756364352f37402d3a3a68786b66647b2f303a2d3349273f402f3f48253030687263646c25303a2d3941273a3a4f65656d64652d38324b6072676f6f27383a2f3241273832746f7a736b67662f32302d3b492f383839323e2f303a2d374c2738412f3f48253030687263646c25303a2d3941273a3a46657e2f3b414927407a696e6c2738302f3a492530307c657079616f6c2d3a382531492d3a38322f3a322d3d462d3a432d354827383a6872636c6e2530382d33432d3a38436a7a6765637f672d323a2f304b2d323a746f707961656e27303825314b2d3230393a3c25303a2d3f4e2f3f4c253a49273a3a6d6760636e6f2d383227314b6663667b65273a4b2f32307864697e6c657a6d2d38302d3b412d3038556366393227303825354e
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2024 07:21:14 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
oR_d3LaNkmbpnSys
imgs.signifyd.com/ Frame 7EF5
0
398 B
Script
General
Full URL
https://imgs.signifyd.com/oR_d3LaNkmbpnSys?84a698775371a7eb=zq3M4prTv54K0Kj3Fop943mpk6lyiUK_2UtuXI_CH8SKVLPFFYhghJ0Y6swc1tlubMusmTORTD3Opd6oP_mtzfX-GlZHij_ULwvxyjgVrpJ9GLfnDI88vBSAKSJFzjmSZ4gyeitaN3UfMR-nYu4YT5f0ayE&jac=1&je=3f3f242e7f69613f3b3538263b372c3224332e3b382e3626393d392c3d3a2e7d6f6335383824303d3d2e3f2c3b333d2e7d69343f6c64606c3231663b3f3062606d38323a303d3d3a3b3032323b34
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/sm1_74sZ1n8ZTn9E?d71521d79c6db3ff=jQ8-aoyD7JkIGMc-HQy1g5F_ErNkmZ-apB3MzU3dl7GtqfbLX6EJqdandmwSXH1E6vY2JnbIuh3iISlHGW6xksXTCbRsgWJqSy1rA-0AtkzafQTQ2lFAYZDNfQ9Rz47BnR1wdD4OHA2k_ShMZII_o5LlIxXSpGTaty4P3bgM5FlTv9SlIRAdJ-8Gmx1zWzWXPIYgQopQOliFf3Vr&jb=3d33242e62736777375563666e6f75712c6a716535576b666c6577712d3a383b3b2c62736a7f3f4b6072676f6f24607b683d416a786f6f6f2d3232393a3c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2024 07:21:15 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/
Domain
edge.curalate.com
URL
https://edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/experience.min.js

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host string| CRL8_SITENAME object| crl8 object| content object| __LOADABLE_LOADED_CHUNKS__ function| _ object| regeneratorRuntime function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive boolean| __HYDRATING__ object| dataLayer function| getDataLayerEvent boolean| rakutenDataLayer object| DataLayer object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otSPAPathChange boolean| otIsInitialized boolean| otBlockOptOutInitReload function| OptanonWrapper object| DYcustom string| AppsFlyerSdkObject function| AF object| OneTrustStub object| DYExps object| DYO function| DYID object| contextManager object| DYJSON object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| OnetrustActiveGroups string| OptanonActiveGroups string| GoogleAnalyticsObject function| ga number| gtmPageLoadId object| _uxa object| otStubData object| gaplugins object| gaGlobal object| gaData object| DYWork function| $dy object| Optanon object| OneTrust object| DYCS function| onYouTubeIframeAPIReady number| j boolean| otLastAcceptAllValue function| ___rmuid object| ___RMCMPW object| AF_cleanupMethods object| CS_CONF function| csSymbol object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| UXAnalytics object| CSCurrentScript object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| og object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions boolean| OG_OFFERS_TEST_MODE_ENABLE object| OG object| AF_SDK object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL function| a0_0x3eec function| a0_0x20c7 object| sigScriptLoader object| SIG_SCRIPT_DEBUG object| threatmetrix object| cti110221 function| tmx_run_page_fingerprinting function| tmx_post_session_params_fixed boolean| tmx_profiling_started

50 Cookies

Domain/Path Name / Value
www.elfcosmetics.com/ Name: initAuthComplete
Value: true
.elfcosmetics.com/ Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: g%3A9743e3f1-7251-cfd0-89b4-00d95bb6b140%7Ce%3A1719388265551%7Cc%3A1719386465551%7Cl%3A1719386465551
.elfcosmetics.com/ Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: g%3Ab66e30c8-99fa-c8e8-2671-1213c036a8ff%7Ce%3Aundefined%7Cc%3A1719386465565%7Cl%3A1719386465565
.elfcosmetics.com/ Name: _dyjsession
Value: s70lks55yh8q4iwu2ysceleiykt6sry5
.elfcosmetics.com/ Name: dy_fs_page
Value: www.elfcosmetics.com
.elfcosmetics.com/ Name: _dy_csc_ses
Value: s70lks55yh8q4iwu2ysceleiykt6sry5
.elfcosmetics.com/ Name: _dy_c_exps
Value:
.elfcosmetics.com/ Name: _gcl_au
Value: 1.1.1247630033.1719386467
.dynamicyield.com/ Name: DYID
Value: -2828260323751116445
.elfcosmetics.com/ Name: _ga
Value: GA1.2.545212742.1719386467
.elfcosmetics.com/ Name: _gid
Value: GA1.2.321547491.1719386467
.elfcosmetics.com/ Name: _gat_UA-432816-1
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: FDCEwU90NTI7cyuYSIi99SiZxziHG4RSPhApA_6tALiJWpVD_ibbqwPaUzDvoudsgz8pf7PSY5LNpT5tohAsSjExNXejID8yfzNVUTd6W60.
.adnxs.com/ Name: uuid2
Value: 3926500665750506619
.elfcosmetics.com/ Name: _dycnst
Value: dg
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E?%u#of5!@wnf-Te9(>wL5L!!'Z8$o?9l
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.elfcosmetics.com/ Name: _dyid
Value: -2828260323751116445
.elfcosmetics.com/ Name: _dycst
Value: dk.w.c.ws.fst.
.elfcosmetics.com/ Name: _dy_geo
Value: DE.EU.DE_BY.DE_BY_Erlangen
.elfcosmetics.com/ Name: _dy_df_geo
Value: Germany..Erlangen
.elfcosmetics.com/ Name: _dy_toffset
Value: 0
.elfcosmetics.com/ Name: _dy_soct
Value: 647796.1248068.1719386467.s70lks55yh8q4iwu2ysceleiykt6sry5*836603.1652212.1719386467*837245.1654610.1719386468*861617.1750272.1719386467
www.elfcosmetics.com/ Name: scapi
Value: prd:889868a3-67b8-4438-bd6f-093505229b12:eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjg4OTg2OGEzLTY3YjgtNDQzOC1iZDZmLTA5MzUwNTIyOWIxMiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTkzODY0MzcsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibWJFM21idzJ3cmtSbEhCR21hWVlsYmsyOjpjaGlkOiAiLCJleHAiOjE3MTkzODgyNjcsImlhdCI6MTcxOTM4NjQ2NywianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjMwMDMyNjk0MDcwMzgwOCJ9.es-JGB1KkeUg1vFDOiMm1vACD0JPZwij7hs1Lz8EerqTc41JaUPjkXuq_gLd9bZ34XOAQsakGQwFW53g3lrL8Q
.curalate.com/ Name: __cf_bm
Value: m0qnBG8CJ_WDQ2iYREXYnKd6AsLJwNCbG3QcNGi9FLs-1719386468-1.0.1.1-4bjpvKEFfXl0j2rVvGXdyQRUm1LZ2xfF8DaxZfyEti1wswkiCuO7m18m.hVJVav66qEGV7iST8nCKp2tfOnsWg
www.elfcosmetics.com/ Name: dwsid
Value: 3PzXLQ_6Oj4tvaB3kSUpqjOhL3g4rem13EmUqveDE1m3hJv4aUh6O00veSA3QVlan7pFm2O7coS6yffHVdruHA==
www.elfcosmetics.com/ Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92
Value: abmbE3mbw2wrkRlHBGmaYYlbk2
.elfcosmetics.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Jun+26+2024+09%3A21%3A08+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202306.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=69b0349d-fdab-4b71-8025-8b2f2f292a06&interactionCount=0&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
.elfcosmetics.com/ Name: crl8.fpcuid
Value: dc6575d9-6875-4540-a053-7bc2d1302062
.youtube.com/ Name: YSC
Value: WlI4TQj8kNA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ReLuGCe2PRk
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgOQ%3D%3D
.elfcosmetics.com/ Name: rmStore
Value: dmid:9097
.linksynergy.com/ Name: rmuid
Value: 228b4394-dec2-4948-97f1-6ee4b2c85234
.elfcosmetics.com/ Name: _cs_c
Value: 0
.elfcosmetics.com/ Name: _cs_id
Value: 87f96f67-34b8-aa51-e360-4f00fa087117.1719386470.1.1719386470.1719386470.1558384338.1753550470258.1
www.elfcosmetics.com/ Name: esw.currency
Value: USD
www.elfcosmetics.com/ Name: sid
Value: JnBsyt9gz5LppiPTfMsMWsktlJ_oNxwZGFI
www.elfcosmetics.com/ Name: _dyid_server
Value: -2828260323751116445
www.elfcosmetics.com/ Name: esw.InternationalUser
Value: ""
www.elfcosmetics.com/ Name: esw.location
Value: US
www.elfcosmetics.com/ Name: currentLocale
Value: en_US
www.elfcosmetics.com/ Name: esw.sessionid
Value: abmbE3mbw2wrkRlHBGmaYYlbk2
www.elfcosmetics.com/ Name: esw.LanguageIsoCode
Value: en_US
www.elfcosmetics.com/ Name: __cq_dnt
Value: 1
www.elfcosmetics.com/ Name: dw_dnt
Value: 1
.elfcosmetics.com/ Name: _cs_s
Value: 1.5.0.1719388272175
imgs.signifyd.com/ Name: thx_guid
Value: bdaef7a4346256fd34126946068d83bf
imgs.signifyd.com/ Name: tmx_guid
Value: AAxIJU3FOnfZKkSlVQ_yGdGbEukYY25RXkAAZ62UdBl7sRXZGngVui6nSNa8vNpXzRtNxxzaRMRLKSAteq00e1Dl4DJlfQ

10 Console Messages

Source Level URL
Text
javascript error URL: https://www.elfcosmetics.com/
Message:
Access to image at 'https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_' from origin 'https://www.elfcosmetics.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"
other warning URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"
other warning URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"
network error URL: https://idsync.rlcdn.com/458359.gif?partner_uid=228b4394-dec2-4948-97f1-6ee4b2c85234
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://www.elfcosmetics.com/
Message:
Refused to execute script from 'https://h64.online-metrix.net/EZuzy-Aq1MAaiZO5?550b08b049c3aeca=Ms-Z3NhThJWqk9NjD5m4tVfZsdY2_4HpED0YisBVNTTl4mxp_tTCtOaJMS7cnc5_xh8ZTyoNN9MStH2abFTY6yXjKjE-P4BDw_ywuIK8Dzfn9EgAnVcc0pIo_HRaTHspP2KV3BhlX2WzZgLL-Pwc_foxC5OIVuTB' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
api.cquotient.com
api.ipify.org
async-px.dynamicyield.com
c.contentsquare.net
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
cdn.static.amplience.net
edge.curalate.com
elfcosmetics.a.bigcontent.io
geolocation.onetrust.com
googleads.g.doubleclick.net
h.online-metrix.net
h64.online-metrix.net
idsync.rlcdn.com
imgs.signifyd.com
insight.adsrvr.org
qoe-1.yottaa.net
region1.google-analytics.com
sdk.iad-05.braze.com
secure.adnxs.com
sgtm.elfcosmetics.com
srm.ba.contentsquare.net
st.dynamicyield.com
static.ordergroove.com
t.contentsquare.net
t.paypal.com
tag.rmp.rakuten.com
ut.rd.linksynergy.com
w2txo5aaggjazmn3d6khts2fla4ntdafas75iivq0671edd9c1ac0878am1.e.aa.online-metrix.net
websdk.appsflyer.com
www.elfcosmetics.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
www.youtube.com
cdn-fsly.yottaa.net
edge.curalate.com
108.138.26.13
13.35.58.129
140.174.14.80
142.250.185.130
142.250.186.100
142.250.186.162
151.101.129.21
151.101.129.35
151.101.194.133
151.101.65.21
172.64.155.166
172.67.74.152
18.244.18.53
184.31.94.141
185.89.210.212
192.229.221.25
2001:4860:4802:34::36
204.2.48.23
2600:9000:2250:2800:15:ad21:c740:93a1
2600:9000:275d:de00:a:b89d:a6c0:93a1
2606:4700:4400::6812:2089
2606:4700:4400::ac40:91b7
2606:4700:4400::ac40:965f
2606:4700:4400::ac40:9ba6
2606:4700::6812:1ad3
2606:4700::6813:b234
2620:f3:0:14:b401:8ee8:4321:ad82
2a00:1450:4001:827::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2008
2a02:26f0:3100::1735:2b50
2a02:26f0:480:1a::5f65:6fab
2a02:26f0:7100::213:c679
34.102.147.248
34.49.124.132
34.98.67.3
35.244.174.68
52.211.148.8
52.212.62.146
52.223.40.198
54.171.23.152
91.235.132.130
91.235.133.113
91.235.134.131
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
036372aec246811be980f3db17295ca6ebbcabef2d187cf4b50eca891a3cd8f0
096725fc6fdf3b8a7f3adee0b2c77586a59bf9177cebcb2f17e4f56abc36b02f
12aef701f9abbb77ad769e835f981ab2c6b7dd1f7f19ffb59261b23084fbed98
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
136d54d7a94c30d94eea4bb41f5c716dc2ec380d8d939147cab99672701cd268
1444236b71851e5522227d9f5215dfb5cafa77a06058e8cd86312525f88443ca
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f5c8d48f5dd57bd214c176347b7702c748134e74600166847acf0317f8d2d82
1f8e8c9a0db50e8b1a909f474caacbe4ac201cd35c52dfeb2262e67048194d19
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
26663e70816428e507929d3c42621895551903c5ceab3bedbf1b3d41385bd309
26f32cff4659c1340820bbd6bb5550d2fa30cede9f97c16350a555c4226f5651
28de7562b6bb474859ce886dab332930a5c098a06f7ec289857a0e247e6fdc76
29f0950aada9b262ac96887287c5cdc01a26f346da9361176d16004084aa5b71
2c8c239d4cc98fc4605856c796187c92e56a8692b0f90d12e376faafbbbeb817
2e8fd8d487b4259dbdc6c529f742806377fae205c8dc7d0f35ac8797bafe5b3b
302dd3a01dd34629b788867c77e12f3b44dce9b6b239b96ed388fe974ac5baaf
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
3917055d135099cfcac6ff6745f7a1bb3525f6d49ab43e90319134708de821ae
3a52bd17d8dcecfb6d5a2a8fa7c7d9a9443b04c20f26740a13e20558a4828557
3dae94126362e2c8b80dfbc73f6b32f15be7805cbdf6739a72cab5ca534c15e0
3fdc23a8c7420ef677af05a394dfc47c2edf577b167bcfa2676c845686dd0c3a
42692dfa6661bd2e7ad2ad4465619ffa9079c20032702dd09e05bfa9fd9bd204
42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58
4746970ad07f39350242803788c04f8a8b27fc02eec81596db2e436011ff8332
498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
55baa715ccc8c2512bceb1c949c1d0927944ca327e7edd2d5fc312d2a41986e4
56c989ad68e2d657ec33446633534c0d2b3ee0aeaa1cbe4ef8a21a1e9a5c3b99
59f0642d6146c95064a717361e8134b4a9259be92f8336a490f18a229f625d2a
5a66ea0b1cef64c03dc618951c9ec02c664867f1dccedb00101930c4f36e33b0
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
67bb4a9adf698dee39c76aeeacd6f8d54aa4ebcb1f6fbf33f76c5e131f5eb5c5
683895b58a1cd7303bf4d15a626c7d4f23f5ae7a8c3ce17b36156342556cb1bf
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d
6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429
6d6981b06f028e51cb613dbc7eba2c2909ce2725e9cadc0867319ab7bfcb1d41
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f98df0dfa77c50c8356e92ee9269bca4dd576126d890993cb22c88f29723e58
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
781678db3532a9fc7ef12c8a730d9f24495fe8573f7133fe6e6c57a0a6c0cb7a
78444f565ef9d1110c98161cd87e83713d5669e7d8e15a149c367c1f141d6c83
7eb56da4ee08046d471003dd9f6c44d09e8d54451918ec84c0a7de293abc236a
8504109b1bce264edc0e1a03488e5a911871fac641ddee2a4ec8c51d2078b5d8
8585180148aa9b29865ae4c480871564e26d9b0e1d6256ad99b9c8b4ff8aee6d
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
89cd26c6da97833d4de0cb2cc60dae6563858a413dffc037f3d4d8ef6e7ee066
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2e68f4e14df47f09509d13a68b579d84ccdc614384a968271fb5a3864a4af5
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9748416acac7f718d53c5f39b07ba32d7d40ea3ef9f5d7691c2d30e82df7cdde
97996c9985c6b958fe1325fc72f641b0118c639d32f7b78f3d3245d83a588e43
9d650cb6c1fb30ec35dab5af23c5a1f726b5e3f8549a56a74d46e2e03151e81a
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
ada9d1def698653a5ef155d5439ab8dbaf3ec7e92731b5c2458104008d8714cd
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22
b5a9baac0b53c708a5279b1ddfe54ec7f0a40699210e0caf05419d0aa1b330d9
b90fb5127e1b2f7b008076e4e1c5e41becb5d5286615643b738b04ff42516184
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdd7fc1fdca4c78b9603c6dfd105dce4e0a4719da5ec3e950a2a5359f64a69d4
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c4c63c343ab564468df88e50d95efcc7521db14a063b5876ea43899c333ebeda
c97c9953abec796c4b0bd74a315a62e21947e66246a8f19ac91f0650325a405d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc0332152a10847dd14cf6bcebfa22b8e399d268b24fdf0381241f58c9d13f1e
cf0bc04f014f0ba1d65c050fa9d2c49183d65bff457becdd380ced028e97e1c1
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d237f9147434eb7ca13c686da4346e03a6210da929e3e7f251370d2d0a149823
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d592c0b82ba76a89bc6acafae00f450ea96f8454e9be9df612d88b3cc55eec71
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
d841b6859d2469f63df65c0a91d70da822367d82810d4d08900d79b21bdddc19
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e89c53d125513c76e61d13e99b7ab3f2fe9852d69b30d0832c7296390054a99c
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f366287eaa5627dc7ee48d1fcb79d20bceae8238ee2f1dd772f059685fe9c799
f498ff46829b1f4476db5ca3fd697a92852f92b9aef0d95e650608f1b7ca41dd
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6
fac7e70537856ea25914d86e832ad8bde01820db230cc243778544bfe84ed0d3