www.elfcosmetics.com Open in urlscan Pro
165.254.56.77 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.elfcosmetics.com/skin-care/
Submission: On February 05 via manual (February 5th 2023, 8:57:34 am UTC) from US — Scanned from DE

Summary HTTP 144 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 43 IPs in 3 countries across 30 domains to perform 144 HTTP transactions. The main IP is 165.254.56.77, located in Los Angeles, United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 113339.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 8th 2022. Valid for: a year.

This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	165.254.56.77 165.254.56.77	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
33	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
12	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.189.32 13.224.189.32	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1b55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
4	2600:9000:21f... 2600:9000:21f3:5a00:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.138.159 18.66.138.159	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:230... 2600:9000:2304:1e00:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::ac43:b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	99.86.4.22 99.86.4.22	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
1	140.174.14.76 140.174.14.76	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1	34.117.233.127 34.117.233.127	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.224.189.128 13.224.189.128	16509 (AMAZON-02) (AMAZON-02)
12	91.235.133.113 91.235.133.113	30286 (THM) (THM)
2	34.206.197.18 34.206.197.18	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21c... 2600:9000:21c7:be00:13:d6f4:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.60 13.32.121.60	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1ad3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:210... 2600:9000:2104:8400:a:7914:b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	13.110.58.157 13.110.58.157	14340 (SALESFORCE) (SALESFORCE)
1	13.110.60.156 13.110.60.156	14340 (SALESFORCE) (SALESFORCE)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
2	52.209.148.203 52.209.148.203	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	54.164.85.149 54.164.85.149	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:21f... 2600:9000:21f3:7a00:1b:50c2:4000:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	138.128.247.123 138.128.247.123	36007 (KAMATERA) (KAMATERA)
5	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
144	43

7 165.254.56.77 (Los Angeles, United States)

ASN393259 (YOTTAA-AS-1, US)

www.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn-fsly.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-32.fra2.r.cloudfront.net

cdn-scripts.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.208.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:5a00:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.138.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-159.fra60.r.cloudfront.net

cdn.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:1e00:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 99.86.4.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-22.fra6.r.cloudfront.net

async-px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 140.174.14.76 (Frankfurt am Main, Germany)

ASN393259 (YOTTAA-AS-1, US)

qoe-1.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.233.127 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 127.233.117.34.bc.googleusercontent.com

elfco11111.pcapredict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-128.fra2.r.cloudfront.net

plugins-media.perfectcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 91.235.133.113 (United States)

ASN30286 (THM, US)

imgs.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.197.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-197-18.compute-1.amazonaws.com

px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21c7:be00:13:d6f4:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-60.fra60.r.cloudfront.net

track.custora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1ad3 (United States)

ASN13335 (CLOUDFLARENET, US)

edge.curalate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:8400:a:7914:b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.58.157 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg1-c5-iad4.na153-ia4.force.com

elfcosmetics.secure.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.60.156 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg1-c5-iad4.na153-ia4.salesforce.com

elfcosmetics.my.salesforce-sites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.148.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-148-203.eu-west-1.compute.amazonaws.com

api.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

w2txo5aarsrc7wgdy3dnhtm5krmv3khpbh4m3aru949ac14405448909am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.85.149 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-85-149.compute-1.amazonaws.com

t.custora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7a00:1b:50c2:4000:93a1 (United States)

ASN16509 (AMAZON-02, US)

external-api.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.128.247.123 (New York, United States)

ASN36007 (KAMATERA, US)

web1.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	yottaa.net cdn-fsly.yottaa.net — Cisco Umbrella Rank: 16621 qoe-1.yottaa.net — Cisco Umbrella Rank: 7502	1 MB
20	dynamicyield.com cdn.dynamicyield.com — Cisco Umbrella Rank: 7862 st.dynamicyield.com — Cisco Umbrella Rank: 7570 async-px.dynamicyield.com — Cisco Umbrella Rank: 7590 px.dynamicyield.com — Cisco Umbrella Rank: 27939	268 KB
13	signifyd.com cdn-scripts.signifyd.com — Cisco Umbrella Rank: 8921 imgs.signifyd.com — Cisco Umbrella Rank: 8179	90 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	230 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	41 KB
9	googlesyndication.com 4 redirects ade.googlesyndication.com — Cisco Umbrella Rank: 296 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	2 KB
7	elfcosmetics.com www.elfcosmetics.com — Cisco Umbrella Rank: 113339	97 KB
5	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 1881	154 KB
4	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3687 cdn.acsbapp.com — Cisco Umbrella Rank: 4081 web1.acsbapp.com — Cisco Umbrella Rank: 4915	199 KB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3026 w2txo5aarsrc7wgdy3dnhtm5krmv3khpbh4m3aru949ac14405448909am1.e.aa.online-metrix.net	17 KB
3	usehero.com cdn.usehero.com — Cisco Umbrella Rank: 33802 api.usehero.com — Cisco Umbrella Rank: 35473	28 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	239 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	237 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2567
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	139 KB
2	jebbit.com js.jebbit.com — Cisco Umbrella Rank: 50631 external-api.jebbit.com — Cisco Umbrella Rank: 29228	94 KB
2	custora.com track.custora.com — Cisco Umbrella Rank: 81563 t.custora.com — Cisco Umbrella Rank: 67186	7 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	13 KB
1	cdnwidget.com e.cdnwidget.com — Cisco Umbrella Rank: 10385	100 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	40 KB
1	salesforce-sites.com elfcosmetics.my.salesforce-sites.com	3 KB
1	force.com 1 redirects elfcosmetics.secure.force.com — Cisco Umbrella Rank: 333760	643 B
1	curalate.com edge.curalate.com — Cisco Umbrella Rank: 8299	33 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2478	6 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4478	5 KB
1	perfectcorp.com plugins-media.perfectcorp.com — Cisco Umbrella Rank: 176953	116 KB
1	pcapredict.com elfco11111.pcapredict.com — Cisco Umbrella Rank: 279139	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	948 B
1	cquotient.com cdn.cquotient.com — Cisco Umbrella Rank: 6197	19 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 630	304 B
144	30

	Domain	Requested by
33	cdn-fsly.yottaa.net	www.elfcosmetics.com cdn-fsly.yottaa.net
13	async-px.dynamicyield.com	cdn.dynamicyield.com
12	imgs.signifyd.com	www.elfcosmetics.com imgs.signifyd.com
12	cdn.cookielaw.org	www.elfcosmetics.com cdn.cookielaw.org
10	www.google-analytics.com	www.elfcosmetics.com
8	ade.googlesyndication.com	4 redirects www.elfcosmetics.com
7	www.elfcosmetics.com	cdn-fsly.yottaa.net www.elfcosmetics.com
5	assets.bounceexchange.com	www.elfcosmetics.com
4	cdn.dynamicyield.com	www.elfcosmetics.com cdn.dynamicyield.com
3	www.googletagmanager.com	www.elfcosmetics.com
2	www.facebook.com
2	h.online-metrix.net	imgs.signifyd.com
2	api.usehero.com	cdn.usehero.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	connect.facebook.net	www.elfcosmetics.com
2	px.dynamicyield.com	cdn.dynamicyield.com
2	cdn.acsbapp.com	acsbapp.com
2	cdn.jsdelivr.net	www.elfcosmetics.com
1	e.cdnwidget.com
1	web1.acsbapp.com
1	external-api.jebbit.com	js.jebbit.com
1	t.custora.com
1	w2txo5aarsrc7wgdy3dnhtm5krmv3khpbh4m3aru949ac14405448909am1.e.aa.online-metrix.net
1	region1.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.elfcosmetics.com
1	elfcosmetics.my.salesforce-sites.com
1	elfcosmetics.secure.force.com	1 redirects
1	js.jebbit.com	www.elfcosmetics.com
1	edge.curalate.com	www.elfcosmetics.com
1	cdn.pdst.fm	www.elfcosmetics.com
1	tag.wknd.ai	www.elfcosmetics.com
1	track.custora.com	www.elfcosmetics.com
1	cdn.usehero.com	www.elfcosmetics.com
1	pagead2.googlesyndication.com	www.elfcosmetics.com
1	plugins-media.perfectcorp.com	www.elfcosmetics.com
1	elfco11111.pcapredict.com	www.elfcosmetics.com
1	qoe-1.yottaa.net	www.elfcosmetics.com
1	fonts.googleapis.com	client
1	st.dynamicyield.com	www.elfcosmetics.com
1	cdn.cquotient.com	www.elfcosmetics.com
1	acsbapp.com	www.elfcosmetics.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cdn-scripts.signifyd.com	www.elfcosmetics.com
144	43

This site contains links to these domains. Also see Links.

Domain
shadefinder.elfcosmetics.com
instagram.com
www.facebook.com
www.youtube.com
www.pinterest.com
twitter.com
www.snapchat.com
www.linkedin.com
www.tiktok.com
blog.elfcosmetics.com
www.elfbeauty.com
elfcosmetics.onelink.me
privacyportal-cdn.onetrust.com
cookiepedia.co.uk
tcf.cookiepedia.co.uk
www.onetrust.com
accessibe.com

Subject Issuer	Validity	Valid
*.elfcosmetics.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-08` - `2023-10-22`	a year	crt.sh
*.yottaa.net GlobalSign RSA OV SSL CA 2018	`2022-09-08` - `2023-10-10`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
cdn-scripts.signifyd.com Amazon	`2022-08-02` - `2023-08-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.acsbapp.com GTS CA 1P5	`2023-01-06` - `2023-04-06`	3 months	crt.sh
*.dynamicyield.com Amazon	`2022-09-19` - `2023-10-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.cquotient.com Amazon	`2022-05-05` - `2023-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.pcapredict.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-22` - `2023-08-22`	a year	crt.sh
*.perfectcorp.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-11` - `2023-03-11`	a year	crt.sh
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2	`2022-12-19` - `2023-12-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.usehero.com Amazon	`2022-09-28` - `2023-10-26`	a year	crt.sh
*.custora.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
tag.wknd.ai R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-01-28` - `2023-04-28`	3 months	crt.sh
*.jebbit.com Amazon	`2022-06-23` - `2023-07-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-14` - `2023-02-12`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
api.usehero.com Amazon RSA 2048 M02	`2023-02-05` - `2024-03-05`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2022-06-08` - `2023-07-10`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2023-01-25` - `2023-04-25`	3 months	crt.sh
e.cdnwidget.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.elfcosmetics.com/skin-care/
Frame ID: 951F78DE9D37D75B9FE6A30BEAB35573
Requests: 131 HTTP requests in this frame

Frame: https://imgs.signifyd.com/fp/check.js;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909&jb=35312426687b6777355f616c646d75732c687b6735556164666d757325303a3b382e607160773549627265656f2c6a73683d41687a67656d2d3230313833
Frame ID: AAF3725893EB900126254DF71CC51C7B
Requests: 9 HTTP requests in this frame

Frame: https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909
Frame ID: 5E857EF00ACFF9B67CC1FB47B50DF99F
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909
Frame ID: E29134544566F2DD57E5D39255BC6B48
Requests: 2 HTTP requests in this frame

Frame: https://imgs.signifyd.com/fp/top_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909
Frame ID: C01B781B02C1BC604E0C3FD9B82D12D4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6D03D66356929E6D2D260DF5E4B8B323
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Skin Care Products | e.l.f. SKIN | e.l.f. Cosmeticsbinocularsunlockgiftshopping baggoogle-elfSign InBack ButtonSearch IconFilter Icon

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

Dynamic Yield (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

cdn\.dynamicyield\.\w+/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

144
Requests

96 %
HTTPS

47 %
IPv6

30
Domains

43
Subdomains

43
IPs

3
Countries

3128 kB
Transfer

9972 kB
Size

34
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://shadefinder.elfcosmetics.com/?utm_source=elf-cosmetics&utm_medium=web&utm_campaign=mime-shade-finder&utm_term=link-global-navigation-face
Title: Foundation Shade Finder

Search URL Search Domain Scan URL

URL: https://instagram.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eyeslipsfacedotcom

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://twitter.com/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/e-l-f-cosmetics/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@elfyeah/

Search URL Search Domain Scan URL

URL: http://blog.elfcosmetics.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.elfbeauty.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://elfcosmetics.onelink.me/wTtZ/WebsiteFooter

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/41508589-2ea0-4f6f-a103-922358595624/4d9f0146-ffb8-404e-9f05-73841fe03610.html
Title: Do Not Sell or Share My Personal Info/Opt Out of Targeted Ads

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=en
Title: | View Full Legal Text Opens in a new Tab

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility By Learn More

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=1439915693796;gtm=45He3210;gcs=G100;u6=%2Fskin-care%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CKnKwNSB_vwCFdoEogMdxgYDdQ;type=retarget;cat=globa0;ord=1439915693796;gtm=45He3210;gcs=G100;u6=%2Fskin-care%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F

Request Chain 22

https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=skinc0;ord=2197535736123;gtm=45He3210;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COvNwNSB_vwCFVeQGAodrxEFrg;type=retarget;cat=skinc0;ord=2197535736123;gtm=45He3210;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F

Request Chain 23

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=1239810491441;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPLOwNSB_vwCFcYLewodyukJPA;type=elf8j0;cat=glo_flap;ord=1239810491441;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F

Request Chain 24

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flcv;ord=3098791494670;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;u2=Skin%20Care;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPbPwNSB_vwCFZQLewodN8EH8w;type=elf8j0;cat=glo_flcv;ord=3098791494670;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;u2=Skin%20Care;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F

Request Chain 103

https://elfcosmetics.secure.force.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1675587446544 HTTP 301
https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1675587446544

144 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.elfcosmetics.com/skin-care/ 549 KB
94 KB 558ms
104ms Document
text/html 165.254.56.77
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.77 Los Angeles, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 733b963758ecbfdcb18b7b5cd660d6edac3119d35b020183309d3abe1e800f64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cf-cache-status: DYNAMIC
cf-ray: 794a13235946385b-LHR
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 05 Feb 2023 08:57:26 GMT
pragma: no-cache
vary: accept-encoding
x-dw-request-base-id: pHT0zytc32MBAAB_
x-varnish-cache: miss
x-yottaa-metrics: 3421a5fe3835/[7,-,-] 34D1a5fe384d/[-,9.626]
x-yottaa-optimizations: ob/1001000000100001100 si/34D1a5fe384d-1675448518-4002434923 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0

GET
H2 200 AssistantRegular.woff2
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw4de7574d/fonts/ 16 KB
17 KB 176ms
16ms Font
font/woff2 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw4de7574d/fonts/AssistantRegular.woff2?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 400efdf33f8a4a3eaa2b9f6bd5134f1f2920dd0d2c9f9199c27087550e89876b

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Thu, 02 Mar 2023 09:23:20 GMT
date: Sun, 05 Feb 2023 08:57:26 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 278630
x-yottaa-optimizations: ob/0 si/2311cc8d59ce-1674092148-39461415 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16488
x-served-by: cache-fra-eddf8230137-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587446.487027,VS0,VE1
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 23214047a109/[15,14,-] 2311cc8d59ce/[-,17.472]
accept-ranges: bytes
cf-ray: 792fddc54c0a05ed-IAD
x-dw-request-base-id: Y5fdigje2GMBAAB_
x-cache-hits: 1

GET
H2 200 AssistantBold.woff2
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw82d4e320/fonts/ 16 KB
17 KB 193ms
34ms Font
font/woff2 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw82d4e320/fonts/AssistantBold.woff2?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c66960fd249e74cd61ae9b9ed92f21e038feb67be2f7c4c9ced6f00cfb193bf5

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Thu, 09 Feb 2023 02:06:15 GMT
date: Sun, 05 Feb 2023 08:57:26 GMT
via: 1.1 varnish
cf-cache-status: MISS
age: 2260696
x-yottaa-optimizations: ob/0 si/2511cc02853d-1673299081-1716932709 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16748
x-served-by: cache-fra-eddf8230137-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587446.487446,VS0,VE1
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2521cc028529/[329,328,-] 2511cc02853d/[-,330.717]
accept-ranges: bytes
cf-ray: 7872d77c5e5f2554-SJC
x-dw-request-base-id: X6-yQxfIvGMBAAB_
x-cache-hits: 1

GET
H2 200 fontawesome-webfont.woff2
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw00716dd6/fonts/ 55 KB
56 KB 176ms
18ms Font
font/woff2 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw00716dd6/fonts/fontawesome-webfont.woff2?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Wed, 01 Mar 2023 18:46:59 GMT
date: Sun, 05 Feb 2023 08:57:26 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 462614
x-yottaa-optimizations: ob/0 si/3211a5fec642-1674141628-971230800 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 56780
x-served-by: cache-fra-eddf8230137-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587446.487193,VS0,VE1
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3221cc02d1b1/[26,24,-] 3211a5fec642/[-,28.345]
accept-ranges: bytes
cf-ray: 791e51fa99a6eae1-DFW
x-dw-request-base-id: Y5fiT6MQ2GMBAAB_
x-cache-hits: 1

GET
H2 200 jquery-2.1.1.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/lib/jquery/ 82 KB
29 KB 180ms
23ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/lib/jquery/jquery-2.1.1.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:55 GMT
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 85453
x-yottaa-optimizations: ob/1001 si/3211a5fec6ea-1674141628-339356082 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29492
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587446.487056,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 3221a5fec65e/[216,212,-] 3211a5fec6ea/[hit]
accept-ranges: bytes
cf-ray: 794249fe5887e5ca-DFW
x-dw-request-base-id: pHR22lsh3mMBAAB_
x-cache-hits: 1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 25 KB
9 KB 38ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4ki7PtkHDuSPC1vGdOaknQ==
age: 70545
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8384
x-ms-lease-status: unlocked
last-modified: Thu, 02 Feb 2023 13:33:36 GMT
server: cloudflare
etag: 0x8DB05221689032C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3a8b6a68-201e-0101-2064-379f4e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 794a7043be64360a-FRA

GET
H2 200 style.min.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/ 803 KB
803 KB 124ms
15ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e20ee57257b36b58cc2b3bed635a3a921cb2e9de07a55319bb38040f72076ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:55 GMT
date: Sun, 05 Feb 2023 08:57:26 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 85112
x-yottaa-optimizations: ob/100000000 si/2311cc8d59ce-1674092148-44568667 tts/1668030183789 ti/5a0c9b7632f01c35d4210314 ai/5a0c9b7632f01c35d42102ae tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 821851
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true
last-modified: Thu, 02 Feb 2023 17:26:03 GMT
server: cloudflare
x-timer: S1675587446.486032,VS0,VE2
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2591582
x-yottaa-metrics: 23214047a168/[302,14,-] 2311cc8d59ce/[-,304.857]
accept-ranges: bytes
cf-ray: 79425cea9c2b13b9-IAD
x-dw-request-base-id: X69hTlsh3mMBAAB_
x-cache-hits: 1

GET
H2 200 EswHooks.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/js/ 11 KB
3 KB 15ms
14ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/js/EswHooks.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a8112252b50b4b89f7b39ecd63b218133284fcd7e1e5bef85baf3bc80220d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:12:03 GMT
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 85523
x-yottaa-optimizations: ob/1001 si/33118cae0c60-1674156647-669726979 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3109
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587447.540521,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c2f/[29,27,-] 33118cae0c60/[hit]
accept-ranges: bytes
cf-ray: 7942484daa7fb0ee-ATL
x-dw-request-base-id: X68tT2Mh3mMBAAB_
x-cache-hits: 1

GET
H2 200 EswCss.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/ 9 KB
2 KB 118ms
8ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/EswCss.css?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a43d16995a1116f83c7704b3c1acdae8672693ae7d259a57f3634b6ad6a956b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:54 GMT
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 85510
x-yottaa-optimizations: ob/11001 si/3211a5fec642-1674141628-982622748 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1991
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587446.486150,VS0,VE1
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31104000
x-yottaa-metrics: 3221a5fec69b/[148,145,-] 3211a5fec642/[hit]
accept-ranges: bytes
cf-ray: 7942489ddbd5e726-DFW
x-dw-request-base-id: X69VTloh3mMBAAB_
x-cache-hits: 1

GET
H2 200 global.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1675501912684/css/ 30 KB
5 KB 120ms
11ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1675501912684/css/global.css?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef4a0a386be0745346bdbbb04735249591dcc13e2d36a444f2ff08f70b236868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:55 GMT
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 85493
x-yottaa-optimizations: ob/11001 si/2311cc8d59cd-1674092148-740854275 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4444
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587446.486553,VS0,VE1
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31104000
x-yottaa-metrics: 23214047a14a/[33,28,-] 2311cc8d59cd/[hit]
accept-ranges: bytes
cf-ray: 794249085af92016-IAD
x-dw-request-base-id: pHSS2lsh3mMBAAB_
x-cache-hits: 1

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 3 KB
3 KB 88ms
25ms Script
application/javascript 13.224.189.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-32.fra2.r.cloudfront.net
Software: /
Resource Hash: 6c001a720eae05d8d2d5a92802da26190532eafe73006c206bc88c99dd885ae4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:38:46 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 1120
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
content-length: 3193
x-amz-cf-id: -cgUEaJe5jJRio0gpnyAtGC45X3eaa5E9NAAkT9J7OeAWI4nOMdxBw==

GET
H2 200 changeUp.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/ 11 KB
2 KB 122ms
13ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/changeUp.css?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da82efb118fda9e35bc261a8bf56b59345bfb6401fb41b932db66717db106532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:55 GMT
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85419
x-yottaa-optimizations: ob/100011001 si/2311cc8d59cd-1674092148-740855186 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2144
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587446.486619,VS0,VE1
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31104000
x-yottaa-metrics: 2321cc8d59d7/[20,13,-] 2311cc8d59cd/[hit]
accept-ranges: bytes
cf-ray: 79424ad49f615ae7-IAD
x-dw-request-base-id: pHR92lsh3mMBAAB_
x-cache-hits: 1

GET
H2 200 changeUp.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/js/ 3 KB
1 KB 9ms
9ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/js/changeUp.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0232c842afa32c041223fc8ef697660bae9caeac0a4ea9d596d421cd5a7e46ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:59 GMT
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85176
x-yottaa-optimizations: ob/1000 si/3211a5fec643-1674153490-1015124708 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 994
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587447.554118,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 3221a5fec60c/[18,16,-] 3211a5fec643/[-,20.485]
accept-ranges: bytes
cf-ray: 794250c58dd1e7c3-DFW
x-dw-request-base-id: pHQS218h3mMBAAB_
x-cache-hits: 1

GET
H2 200 6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 4 KB
2 KB 31ms
17ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a687ab1a8045dcd662c262daace7e26921853deb833a1c692db5164604a0ee74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3yShfoOvlLxFnNTjthG/qA==
age: 10468
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1600
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 21:54:37 GMT
server: cloudflare
etag: 0x8DAEF67705C85AE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0332d83b-501e-0089-0d50-2161c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 794a70453bd6383c-FRA
expires: Mon, 06 Feb 2023 08:57:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 466 KB
116 KB 103ms
66ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7996dbaba58104d247df22c8a586b2f82bada5ab3ba2c052e5cd06782849be7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118313
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Feb 2023 08:57:26 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 41ms
25ms XHR
application/json 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 794a70457c932bda-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 383 KB
92 KB 18ms
18ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uPFqyxtrxGqJsyAvB7RnSg==
age: 11356
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93482
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:45 GMT
server: cloudflare
etag: 0x8DADC66BDFA5EC7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0c8d1147-001e-0152-523a-2c8341000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 794a7045c911360a-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/96dfacc1-ada2-4b34-8a7d-2680b39d017c/ 200 KB
34 KB 25ms
24ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/96dfacc1-ada2-4b34-8a7d-2680b39d017c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7704375b3e9267d0f55e59bb604f42daa4e367d2e08cdf531c95f79c9a11f9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NtGqCbD3ey1LCjJpMdwNVQ==
age: 578
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 35034
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 21:54:38 GMT
server: cloudflare
etag: 0x8DAEF67715F50CA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a16327d9-201e-00c9-5c50-21482c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 794a70461cba383c-FRA
expires: Mon, 06 Feb 2023 08:57:26 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 366 KB
52 KB 17ms
17ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd8674529ba24417006d03d19ee1825d391b49c092b515e4a68ebc887738a66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DMNqc0JhK6ffMS5kgly3hA==
age: 10613
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 53422
x-ms-lease-status: unlocked
last-modified: Sat, 04 Feb 2023 07:33:12 GMT
server: cloudflare
etag: 0x8DB068212314BCF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6cde9bbe-f01e-00e2-7c72-383c94000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 794a70461cbb383c-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 68 KB
15 KB 21ms
21ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otTCF.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jNSx0jAViofB7ggqqp6FUQ==
age: 11356
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15011
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:44 GMT
server: cloudflare
etag: 0x8DADC66BD0C2AD7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bdd5c82e-101e-00ca-44ea-0e4b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 794a70461961360a-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
12ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 07:14:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6194
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 05 Feb 2023 09:14:12 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 431 KB
167 KB 129ms
98ms Script
application/x-javascript 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca69954ce4d8e083e5abbc5173a25bdb7bf9b46adeb0259442b9c8103855815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 31 Jan 2023 16:15:30 GMT
server: cloudflare
etag: W/"6bcae-63d93ea2-df0c309c5a2d9525;;;"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
cf-ray: 794a70469ab939eb-FRA
access-control-allow-headers: *
expires: Mon, 06 Feb 2023 08:57:26 GMT

GET
H2

200

src=9231397;dc_pre=CKnKwNSB_vwCFdoEogMdxgYDdQ;type=retarget;cat=globa0;ord=1439915693796;gtm=45He3210;gcs=G100;u6=%2Fskin-care%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~oref=https%3A%2F...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=1439915693796;gtm=45He3210;gcs=G100;u6=%2Fskin-care%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~ore...
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CKnKwNSB_vwCFdoEogMdxgYDdQ;type=retarget;cat=globa0;ord=1439915693796;gtm=45He3210;gcs=G100;u6=%2Fskin-care%2F;u4=False;u8=undefine...

42 B
107 B

65ms
64ms

Image
image/gif

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CKnKwNSB_vwCFdoEogMdxgYDdQ;type=retarget;cat=globa0;ord=1439915693796;gtm=45He3210;gcs=G100;u6=%2Fskin-care%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F?

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CKnKwNSB_vwCFdoEogMdxgYDdQ;type=retarget;cat=globa0;ord=1439915693796;gtm=45He3210;gcs=G100;u6=%2Fskin-care%2F;u4=False;u8=undefined;u10=undefined;u12=undefined;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=9231397;dc_pre=COvNwNSB_vwCFVeQGAodrxEFrg;type=retarget;cat=skinc0;ord=2197535736123;gtm=45He3210;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=skinc0;ord=2197535736123;gtm=45He3210;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F?
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COvNwNSB_vwCFVeQGAodrxEFrg;type=retarget;cat=skinc0;ord=2197535736123;gtm=45He3210;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.co...

42 B
107 B

66ms
66ms

Image
image/gif

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COvNwNSB_vwCFVeQGAodrxEFrg;type=retarget;cat=skinc0;ord=2197535736123;gtm=45He3210;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F?

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COvNwNSB_vwCFVeQGAodrxEFrg;type=retarget;cat=skinc0;ord=2197535736123;gtm=45He3210;gcs=G100;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10742279;dc_pre=CPLOwNSB_vwCFcYLewodyukJPA;type=elf8j0;cat=glo_flap;ord=1239810491441;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;~oref=https%3A%2F%2Fwww.elfcosme...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=1239810491441;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;~oref=https%3A%2F%2...
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPLOwNSB_vwCFcYLewodyukJPA;type=elf8j0;cat=glo_flap;ord=1239810491441;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%...

42 B
118 B

63ms
63ms

Image
image/gif

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPLOwNSB_vwCFcYLewodyukJPA;type=elf8j0;cat=glo_flap;ord=1239810491441;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F?

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPLOwNSB_vwCFcYLewodyukJPA;type=elf8j0;cat=glo_flap;ord=1239810491441;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10742279;dc_pre=CPbPwNSB_vwCFZQLewodN8EH8w;type=elf8j0;cat=glo_flcv;ord=3098791494670;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;u2=Skin%20Care;~oref=https%3A%2F...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flcv;ord=3098791494670;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;u2=Skin%20Care;~ore...
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPbPwNSB_vwCFZQLewodN8EH8w;type=elf8j0;cat=glo_flcv;ord=3098791494670;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%...

42 B
107 B

68ms
68ms

Image
image/gif

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPbPwNSB_vwCFZQLewodN8EH8w;type=elf8j0;cat=glo_flcv;ord=3098791494670;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;u2=Skin%20Care;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F?

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPbPwNSB_vwCFZQLewodN8EH8w;type=elf8j0;cat=glo_flcv;ord=3098791494670;gtm=45He3210;gcs=G100;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F;u2=Skin%20Care;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 13 KB
3 KB 18ms
17ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vO8A/abKpoPacUrvSk9OSw==
age: 10611
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:35 GMT
server: cloudflare
etag: 0x8DADC66B7AF38D0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6c44022e-f01e-008f-43fe-0e96ba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 794a7046ed94383c-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ 61 KB
13 KB 17ms
16ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mBGnk7IXt0USbYmXZQhmOw==
age: 10611
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12540
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:37 GMT
server: cloudflare
etag: 0x8DADC66B90C98A8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 61113c84-a01e-009c-71ff-0ea35b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 794a7046ed95383c-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 21 KB
4 KB 17ms
17ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 10611
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 713828ee-201e-004a-0afe-0ee881000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 794a7046ed96383c-FRA

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 13ms
12ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 02:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21629
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api_dynamic.js Show response
cdn.dynamicyield.com/api/8772046/ 939 KB
113 KB 98ms
26ms Script
application/javascript 2600:9000:21f3:5a00:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5a00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: df127feca5eb1a5be2aca5f6099cf60bc7417ca1fddf3613aa46aef769062877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified: Sun, 05 Feb 2023 06:46:23 GMT
server: DYCDN
age: 19
x-amz-cf-pop: FRA2-C2
etag: W/"984dd0b6fac18712586822cb57f15f24"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=30
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: rgiqpFN5CnHdWuW1ka_gIe_9pGYhRJjqBtHPTq2uu_dMCGPq3TVeNw==

GET
H2 200 api_static.js Show response
cdn.dynamicyield.com/api/8772046/ 283 KB
83 KB 80ms
13ms Script
application/javascript 2600:9000:21f3:5a00:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5a00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: ec668bf5aba2c026c628a4217bf81e63c567128678f405dc2f0eb3b1bf21462e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 07:07:54 GMT
content-encoding: gzip
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified: Sun, 05 Feb 2023 06:46:24 GMT
server: DYCDN
age: 6575
x-amz-cf-pop: FRA2-C2
etag: W/"ddf93b62fae30b44c04f0379f6918f81"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: 7R0XXihatCW2tlF7fz2WwWdu7Z6YogcLE__ttL2JFDLqIF3_Uyi63g==

GET
H2 200 splide.min.css
cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/css/ 4 KB
2 KB 42ms
11ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/css/splide.min.css

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27732930
x-jsd-version: 2.4.21
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19168-FRA, cache-hhn4080-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"102c-M7+BfeLRxTmUwlsz98mdry3uV50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXAwM4BPlI9IL4LkkogEePy8FPzQBszHybgWKa%2FFmkaFctL0eUPUwbrhIGPEv6aQcmh3BoycKGyG2rmbXkyp7O5CSZTxivEl%2BmZ%2BjXAGDHdfj5Hml3kJ6u%2Fk6nYw2OCYJE47REuZjSwWX7euvOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 794a7052ac3ebba4-FRA

GET
H2 200 splide.min.js Show response
cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/js/ 28 KB
11 KB 44ms
14ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/js/splide.min.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a609c6dfff57a1865067c376468a736ee9f8d0578ef52c3063738c8c30986c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27732935
x-jsd-version: 2.4.21
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19129-FRA, cache-hhn4054-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"7170-eq1ZE4HBpvEGZCwKn41rAbub2NI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msMmMUvG%2BGR4pR1ds2u%2FWhIR7yUhYBDA6qB58Nr6H4JosW6356zUE%2BfNAG6tiG96iWmGUjdfWz2EfPtNV82z5I6WHURt5f0B3ot4lP5D2MgrBoW7ouaIW44Z3hPTfqUt0xjSwhwhXdryiqsqbBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 794a7052ac41bba4-FRA

GET
H2 200 appstore-download.png
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw07d40bc1/homepage/2020/05/ 4 KB
5 KB 22ms
11ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw07d40bc1/homepage/2020/05/appstore-download.png?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5fb3ebbf40563c91f4e8565aa6257ed735ca0a075f0f78b18bddda655cc8434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Tue, 28 Feb 2023 02:37:32 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 461453
x-yottaa-optimizations: ob/10000000000101 si/3211a5fec6eb-1674141628-1216741229 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4370
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587449.728773,VS0,VE1
content-type: image/webp
cache-control: public, max-age=31104000
x-yottaa-metrics: 3221a5fec61a/[4,-,1675122167174] 3211a5fec6eb/[hit]
accept-ranges: bytes
cf-ray: 791e10e79816e993-DFW
x-dw-request-base-id: X69Bl-zb1WMBAAB_
x-cache-hits: 1

GET
H2 200 plugins.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/js/ 283 KB
78 KB 18ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/js/plugins.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96a3358dcb988a6b2d0d6f409533b6e242b79f248d58bb9731860246481eb585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:55 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 85521
x-yottaa-optimizations: ob/1001 si/33118cae0c61-1674156646-656403167 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 79878
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587449.728280,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cf0/[105,99,-] 33118cae0c61/[hit]
accept-ranges: bytes
cf-ray: 7942486749f2b094-ATL
x-dw-request-base-id: X69xTlsh3mMBAAB_
x-cache-hits: 1

GET
H2 200 app.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/js/ 538 KB
148 KB 23ms
13ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/js/app.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63b23bb7eeba804d6fd7e301dafcf863a7a00811834c72faa92e18f45b7c83d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:56 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85521
x-yottaa-optimizations: ob/1001 si/33118cae0c65-1674156646-249904949 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 151283
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587449.728848,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c7e/[24,18,-] 33118cae0c65/[hit]
accept-ranges: bytes
cf-ray: 794248672a8fe3ae-ATL
x-dw-request-base-id: Y5eYglwh3mMBAAB_
x-cache-hits: 1

GET
H2 200 global.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1675501912684/js/ 1 KB
867 B 21ms
12ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1675501912684/js/global.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5ae643e89170860b9bca1805cb663625a9006ecfcdf8749d3ee7d498d40629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:55 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 85521
x-yottaa-optimizations: ob/1001 si/33118cae0c62-1674156646-1970101155 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 509
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587449.729207,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c8d/[70,70,-] 33118cae0c62/[hit]
accept-ranges: bytes
cf-ray: 79424867294bb097-ATL
x-dw-request-base-id: Y5dyglsh3mMBAAB_
x-cache-hits: 1

GET
H2 200 rangetouch.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/lib/ 2 KB
1 KB 26ms
18ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/lib/rangetouch.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 020da0825330e19eef417005d005ad730b7c875200d5f16057bcd32230f30b84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:55 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85411
x-yottaa-optimizations: ob/1000 si/33118cae0c63-1674156646-1911819341 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1045
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587449.729211,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cd5/[10,9,-] 33118cae0c63/[-,11.618]
accept-ranges: bytes
cf-ray: 79424b19df07b166-ATL
x-dw-request-base-id: X69tTlsh3mMBAAB_
x-cache-hits: 1

GET
H2 200 dwanalytics-22.2.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/internal/jscript/ 6 KB
3 KB 28ms
21ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/internal/jscript/dwanalytics-22.2.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa85b802ec0dc2fbf7655b1b6a4e41f47dbc5d4774653a00ba258bf24954481e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:59 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85411
x-yottaa-optimizations: ob/1000 si/33118cae0c64-1674156647-2077053520 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2669
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587449.729448,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c85/[10,9,-] 33118cae0c64/[-,11.229]
accept-ranges: bytes
cf-ray: 79424b19deb8ad52-ATL
x-dw-request-base-id: Y5fxgl8h3mMBAAB_
x-cache-hits: 1

GET
H2 200 dwac-21.7.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/internal/jscript/ 5 KB
2 KB 25ms
19ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/internal/jscript/dwac-21.7.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36c44bc84b94a5ae0dd5fe6fc014df9fa5ad4c0e4ce2ef8d818f18853ab9b4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:59 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85521
x-yottaa-optimizations: ob/1001 si/33118cae0c62-1674156646-1970101159 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1914
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587449.729653,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c91/[10,9,-] 33118cae0c62/[hit]
accept-ranges: bytes
cf-ray: 79424867ba4fb03f-ATL
x-dw-request-base-id: X6_TTl8h3mMBAAB_
x-cache-hits: 1

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ 65 KB
19 KB 64ms
10ms Script
application/javascript 18.66.138.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.138.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-138-159.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09997b6cba6fd1ffb6aaf43c2900c4f5d3bc291913be9105eb91e8a4a1277d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:17:43 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Wed, 18 Jan 2023 16:09:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 2385
x-amz-server-side-encryption: AES256
etag: W/"0497920c3a1175f967fd3029b4026318"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: NqknzneIR5ZophU-SEG63qM34LwLV2RQ7St39xtzmETmcrJkjl6qeA==

GET
H2 200 applepay.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/internal/jscript/ 14 KB
4 KB 22ms
18ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/internal/jscript/applepay.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9320fb9cf32f0763c597acec29a63ffb220d538acd75e75b47e2029258c4471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:58 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85502
x-yottaa-optimizations: ob/1001 si/33118cae0c60-1674156647-669727317 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3919
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
server: cloudflare
x-timer: S1675587449.729416,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0c71/[13,12,-] 33118cae0c60/[hit]
accept-ranges: bytes
cf-ray: 794248e2ac9ab02a-ATL
x-dw-request-base-id: Y5fOgl4h3mMBAAB_
x-cache-hits: 1

GET
H2 200 st Show response
st.dynamicyield.com/ 115 KB
10 KB 218ms
138ms Script
text/javascript 2600:9000:2304:1e00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=ru8hlfuwy0bdwzjpidupv9g57fysidqf&ref=&scriptVersion=1.156.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22CATEGORY%22%2C%22lng%22%3A%22en_US%22%2C%22data%22%3A%5B%22skin%22%5D%7D
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:1e00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 052ed97f4837611b6e71f66a72d68eb7679a2afcaf4cdee753dd1fcfaf4e2180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
content-encoding: gzip
via: 1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: 2JziRA1HNMxkfQa2yWEECtXcG6BLc_-4LYBsmGIBd_FNYj0chMRBVg==
expires: Sun, 05 Feb 2023 08:57:28 GMT

GET
H2 200 back-to-top.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/images/svg-icons/ 280 B
659 B 59ms
58ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/images/svg-icons/back-to-top.svg?yocs=3_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c74f254c6706f1b11f2d701bbc57dad1913884b1e64020bb1971368784840d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:58 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85494
x-yottaa-optimizations: ob/1000 si/2511cc028a74-1674081171-71687410 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 214
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true
last-modified: Thu, 02 Feb 2023 17:26:02 GMT
server: cloudflare
x-timer: S1675587449.928568,VS0,VE1
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2591965
x-yottaa-metrics: 2521cc02858d/[16,16,-] 2511cc028a74/[-,17.468]
accept-ranges: bytes
cf-ray: 7942662a9f3796b9-SJC
x-dw-request-base-id: pHTt2l4h3mMBAAB_
x-cache-hits: 1

GET
H2 200 feedback.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/images/svg-icons/ 281 B
538 B 59ms
58ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/images/svg-icons/feedback.svg?yocs=3_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6176ab5474618b01560e91abd7c354b6116cf9de79963c6c9860e89a2459f7cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:56 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: MISS
age: 84679
x-yottaa-optimizations: ob/1000 si/2311cc8d59cf-1674092143-636783205 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 219
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true
last-modified: Thu, 02 Feb 2023 17:26:02 GMT
server: cloudflare
x-timer: S1675587449.928757,VS0,VE1
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2591146
x-yottaa-metrics: 2321cc8d59d6/[26,24,-] 2311cc8d59cf/[-,27.943]
accept-ranges: bytes
cf-ray: 79425cf9dfbf57cc-IAD
x-dw-request-base-id: pHSZ2lwh3mMBAAB_
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 filter-icon.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/images/svg-icons/ 161 B
442 B 45ms
45ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/images/svg-icons/filter-icon.svg?yocs=3_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1365c6a538bc58872fc90f6e55cd557e3557a2768c41176e21613603fdc3bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:12:43 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85420
x-yottaa-optimizations: ob/1000 si/23114047a14c-1674092146-1663821131 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 161
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true
last-modified: Thu, 02 Feb 2023 17:26:02 GMT
server: cloudflare
x-timer: S1675587449.928534,VS0,VE1
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2591933
x-yottaa-metrics: 23214047a1e3/[18,16,-] 23114047a14c/[-,22.169]
accept-ranges: bytes
cf-ray: 79425d7c2f1a6fa4-IAD
x-dw-request-base-id: X6_IUosh3mMBAAB_
x-cache-hits: 1

GET
H2 200 arrow-small-down.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/images/svg-icons/ 182 B
595 B 45ms
45ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/images/svg-icons/arrow-small-down.svg?yocs=3_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8c28bf98680bb13b1e6d33e54d8ea946b0858fb06244acc56d3cd20d8df91e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:11:56 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85456
x-yottaa-optimizations: ob/1000 si/2311cc8d59ce-1674092148-44569005 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 173
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true
last-modified: Thu, 02 Feb 2023 17:26:02 GMT
server: cloudflare
x-timer: S1675587449.928523,VS0,VE1
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2591924
x-yottaa-metrics: 23214047a1e4/[15,13,-] 2311cc8d59ce/[-,17.219]
accept-ranges: bytes
cf-ray: 79425d7a7a2005f4-IAD
x-dw-request-base-id: Y5ePglwh3mMBAAB_
x-cache-hits: 1

GET
H2 200 heart-black-outline.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/images/svg-icons/ 678 B
686 B 45ms
45ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/images/svg-icons/heart-black-outline.svg?yocs=3_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99300e0d5861d8a16e61d4d04aac369b990bd3d1b501860d105eae4bbc3237d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:12:01 GMT
date: Sun, 05 Feb 2023 08:57:28 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85494
x-yottaa-optimizations: ob/1000 si/2311cc8d59cd-1674092148-740864347 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 384
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true
last-modified: Thu, 02 Feb 2023 17:26:02 GMT
server: cloudflare
x-timer: S1675587449.928529,VS0,VE1
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2591967
x-yottaa-metrics: 23214047a168/[13,12,-] 2311cc8d59cd/[-,15.149]
accept-ranges: bytes
cf-ray: 79425d302b3113b9-IAD
x-dw-request-base-id: pHQ022Eh3mMBAAB_
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 30 KB
30 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 282941064f69458a172fd4afde71d175e6052eef6a63affe4c2bd3e924a26712

Request headers

Referer
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 24 KB
24 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cf5ecbc6fdf0be77cf51c616aab7400551c43efeff3ada55df9a2ae34873ca6

Request headers

Referer
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 us.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/lib/flag-icon-css/flags/4x3/ 24 KB
2 KB 9ms
8ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/lib/flag-icon-css/flags/4x3/us.svg?yocs=3_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9921de3508095a5524f6f35a0fa6d22077ed495adc9d58605ce53c8e0b89c4f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 09:12:04 GMT
date: Sun, 05 Feb 2023 08:57:29 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 85457
x-yottaa-optimizations: ob/1000 si/23114047a14c-1674092146-1663820851 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1862
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true
last-modified: Thu, 02 Feb 2023 17:26:02 GMT
server: cloudflare
x-timer: S1675587449.011967,VS0,VE1
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2591931
x-yottaa-metrics: 23214047a162/[13,12,-] 23114047a14c/[-,16.341]
accept-ranges: bytes
cf-ray: 79425d0d9cae2042-IAD
x-dw-request-base-id: Y5deg2Qh3mMBAAB_
x-cache-hits: 1

GET
H2 200 0223_Ecomm_PDP_VDAY_Bundle_SweetDreams.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7c397853/2023/VdayBundles/ 3 KB
4 KB 14ms
12ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7c397853/2023/VdayBundles/0223_Ecomm_PDP_VDAY_Bundle_SweetDreams.jpg?sw=352&sh=352&sm=fit&sfrm=jpg&strip=false&yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 706e10506d3b98ef2d9ea478eebba4e0b39e8998f0304c1847c32309700ef840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 3c0c0202765b2b7b973e2ad3371dd028.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sfrm=jpg&sw=352&sh=352&sm=fit&strip=false
x-amz-cf-pop: LAX50-P2
x-yottaa-optimizations: ob/10000000000100 si/2511cc028a76-1674081171-840080368 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
age: 924785
content-length: 3050
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
x-amz-expiration: expiry-date="Fri, 23 Feb 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
server: cloudflare
x-timer: S1675587449.045972,VS0,VE1
content-type: image/webp
cache-control: public, max-age=31104000
x-yottaa-metrics: 2521cc02852b/[2,-,1674657541634] 2511cc028a76/[-,3.196]
accept-ranges: bytes
cf-ray: 78f1c182de5696a2-SJC
x-amz-cf-id: Umx1e7P0EfAmtlZBZJRftLx1Wnz1rVZoX8eeq2_QxvgnBdBbHpegiQ==
x-cache-hits: 1

GET
H2 200 57167_CLOSED_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw603e0e85/2023/HolyHydration!TripleBounceSerum/ 2 KB
2 KB 42ms
40ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw603e0e85/2023/HolyHydration!TripleBounceSerum/57167_CLOSED_R.jpg?sw=352&sh=352&sm=fit&sfrm=png&strip=false&yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b10a95eb8a746e01643c70f2c83d54c9f9a868668bf4deaf786640a7e35957e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sfrm=png&sw=352&sh=352&sm=fit&strip=false
x-amz-cf-pop: IAD89-P1
x-yottaa-optimizations: ob/10000000000100 si/2311cc8d59ce-1674092148-33933998 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
age: 437267
content-length: 1682
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
x-amz-expiration: expiry-date="Tue, 23 Jan 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
server: cloudflare
x-timer: S1675587449.046988,VS0,VE1
content-type: image/webp
cache-control: public, max-age=31104000
x-yottaa-metrics: 23214047a164/[4,-,1675149446343] 2311cc8d59ce/[-,6.836]
accept-ranges: bytes
cf-ray: 7920aae72aaf1757-IAD
x-amz-cf-id: wmgDRk42-2C2oefv_8NdqjOBKOwLGJojyGm3Vb0j-Rk7BXRlintwuw==
x-cache-hits: 1

GET
H2 200 84244_OPENA_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbff4ca79/2023/GoodVibesCollection/ 9 KB
9 KB 41ms
39ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbff4ca79/2023/GoodVibesCollection/84244_OPENA_R.jpg?sw=352&sh=352&sm=fit&sfrm=png&strip=false&yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03996886ae95a6da3568e5c4428eb578e7d6b81c5ab38086d29375f8033d251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 f37b209b1204cf49e60f18749dfc7dcc.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status: HIT
x-amz-cf-pop: DFW56-P6
x-amz-meta-cleanquerystring: sfrm=png&sw=352&sh=352&sm=fit&strip=false
x-yottaa-optimizations: ob/10000000000100 si/3211a5fec6ea-1673546749-221054622 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
age: 1506866
content-length: 9136
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
x-amz-expiration: expiry-date="Sat, 17 Feb 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
server: cloudflare
x-timer: S1675587449.046763,VS0,VE1
content-type: image/webp
cache-control: public, max-age=31104000
x-yottaa-metrics: 3221a5fec616/[17,-,1674077641879] 3211a5fec6ea/[-,19.993]
accept-ranges: bytes
cf-ray: 78ba73cd38962d2c-DFW
x-amz-cf-id: AAlZIOF3QjPHywCZ4GRJRxM5SoTswjSbAf1MBB2OzuuBI6qBF3vt8g==
x-cache-hits: 1

GET
H2 200 57277_CLOSED_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3bf3c741/2023/Suntouchable!WhoaGlow/ 4 KB
4 KB 14ms
12ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3bf3c741/2023/Suntouchable!WhoaGlow/57277_CLOSED_R.jpg?sw=352&sh=352&sm=fit&sfrm=png&strip=false&yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6bd5c18a0b5f22943755b582e4563fc2eefb3ac72edf205d70223f10c42db60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status: HIT
x-amz-cf-pop: JFK50-P2
x-amz-meta-cleanquerystring: sfrm=png&sw=352&sh=352&sm=fit&strip=false
x-yottaa-optimizations: ob/10000000000101 si/3811cc023143-1674763518-1998857692 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
age: 418890
content-length: 3638
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
x-amz-expiration: expiry-date="Fri, 19 Jan 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
server: cloudflare
x-timer: S1675587449.046546,VS0,VE1
content-type: image/webp
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02314d/[3,-,1675165644711] 3811cc023143/[hit]
accept-ranges: bytes
cf-ray: 7922365efa1bc40e-EWR
x-amz-cf-id: oioplGlnXW_k8Fj_Fwtj5emDSAIj5Xho2napld6MaBBafVU5pd4tIw==
x-cache-hits: 1

GET
H2 200 57581_CLOSED_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbee87592/2023/57581AdvancedNightRetinoidSerum/ 2 KB
2 KB 54ms
52ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbee87592/2023/57581AdvancedNightRetinoidSerum/57581_CLOSED_R.jpg?sw=352&sh=352&sm=fit&sfrm=png&strip=false&yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee8b10bbec64d87e5618ac55ab296928dde4b6ea4d657fb2e477103dd7762379

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 126bc2e5c4c1b9ac0ffa004edc6f02c4.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status: HIT
x-amz-cf-pop: IAD89-P1
x-amz-meta-cleanquerystring: sfrm=png&sw=352&sh=352&sm=fit&strip=false
x-yottaa-optimizations: ob/10000000000100 si/33118cae0c61-1665731370-1496194038 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
age: 2254171
content-length: 2082
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
x-amz-expiration: expiry-date="Sat, 13 Jan 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
server: cloudflare
x-timer: S1675587449.046717,VS0,VE1
content-type: image/webp
cache-control: public, max-age=31104000
x-yottaa-metrics: 33218cae0cee/[3,-,1673330650622] 33118cae0c61/[-,3.537]
accept-ranges: bytes
cf-ray: 787336b62d05ad1b-ATL
x-amz-cf-id: q7ftciLtM8HTaCfZaq1RMF32OOeIYKTc39uhnkGrDvX0Bl1B-XVz2A==
x-cache-hits: 1

GET
H2 200 81570_SCMOI_Closed_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw844fd0d8/2022/HolyHydration!NewPackaging/81570-HH!Fa... 3 KB
3 KB 14ms
13ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw844fd0d8/2022/HolyHydration!NewPackaging/81570-HH!FaceCreamSPF30/elf.com/81570_SCMOI_Closed_R.jpg?sw=352&sh=352&sm=fit&sfrm=png&strip=false&yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe5e3530722e6ca252ee9aa538d556708be0b522f6501143d7db16da9ac5b920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 88c99b4a125fda7fb36df6bd93b5daf0.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sfrm=png&sw=352&sh=352&sm=fit&strip=false
x-amz-cf-pop: JFK51-C1
x-yottaa-optimizations: ob/10000000000101 si/3811cc023146-1674087507-1081297703 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
age: 964289
content-length: 2878
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
x-amz-expiration: expiry-date="Sun, 12 Nov 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
server: cloudflare
x-timer: S1675587449.046510,VS0,VE1
content-type: image/webp
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023154/[3,-,1674619687404] 3811cc023146/[hit]
accept-ranges: bytes
cf-ray: 78ee2555c8458c2a-EWR
x-amz-cf-id: 5qENSy6Wkgs30RxDt-YWMIrq-V35EZRYCY8VggXWNuXPsmkCNEtJug==
x-cache-hits: 1

GET
H2 200 82829_SCMOI_Closed_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw72935124/2022/HolyHydration!NewPackaging/82829-HH!Fa... 2 KB
3 KB 52ms
51ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw72935124/2022/HolyHydration!NewPackaging/82829-HH!FaceCream/elf.com/82829_SCMOI_Closed_R.jpg?sw=352&sh=352&sm=fit&sfrm=png&strip=false&yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e03d61d6826e0ed8714a2d09d8398bb4e56c0a3ebf8dfdd668c9972aa7f75671

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 199b065e4c1253c9590e1b5e57083906.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status: HIT
x-amz-cf-pop: IAD89-P1
x-amz-meta-cleanquerystring: sfrm=png&sw=352&sh=352&sm=fit&strip=false
x-yottaa-optimizations: ob/10000000000100 si/2311cc8d59cd-1674092148-710223670 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
age: 1119043
content-length: 2526
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
x-amz-expiration: expiry-date="Fri, 09 Feb 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
server: cloudflare
x-timer: S1675587449.046494,VS0,VE1
content-type: image/webp
cache-control: public, max-age=31104000
x-yottaa-metrics: 23214047a15f/[4,-,1674466625750] 2311cc8d59cd/[-,7.061]
accept-ranges: bytes
cf-ray: 78df8c7a8bdd8245-IAD
x-amz-cf-id: iUC_fWOhgGgKwdN02p7Uv8FTG59Xj5BIyMoaAq9UCNqh6VGh0r0N_g==
x-cache-hits: 1

GET
H2 200 59910_SCREM_Closed_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw44d0f80d/2022/HolyHydration!NewPackaging/ 3 KB
4 KB 14ms
13ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw44d0f80d/2022/HolyHydration!NewPackaging/59910_SCREM_Closed_R.jpg?sw=352&sh=352&sm=fit&sfrm=png&strip=false&yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5422955f82dc8678935d157a1f5c59c97c33c6881b5d02b2175ff923b496e54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 57bad7de768de965f7b4e76ba1ed4d64.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status: HIT
x-amz-cf-pop: SFO5-C1
x-amz-meta-cleanquerystring: sfrm=png&sw=352&sh=352&sm=fit&strip=false
x-yottaa-optimizations: ob/10000000000100 si/2511cc0285b8-1673299103-1453767891 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
age: 1559327
content-length: 3102
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
x-amz-expiration: expiry-date="Sun, 30 Apr 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
server: cloudflare
x-timer: S1675587449.046490,VS0,VE1
content-type: image/webp
cache-control: public, max-age=31104000
x-yottaa-metrics: 2521cc0285ab/[2,-,1674026679471] 2511cc0285b8/[-,3.036]
accept-ranges: bytes
cf-ray: 78b5979a8a229806-SJC
x-amz-cf-id: NBXGk0cdJ057D-p7-M-P-DFGl-WEa5ptBj1YoFzRwmukxUV1C6i3XA==
x-cache-hits: 1

GET
H2 200 CSRF-GetToken Show response
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 234 B
729 B 201ms
201ms Fetch
application/json 165.254.56.77
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/CSRF-GetToken
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/js/app.min.js?yocs=F_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.77 Los Angeles, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 31174440338ecbade8a0ae13af4dca0801ed29e5a9e0b4ec8d74e8e0572b03c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/skin-care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-varnish-cache: miss
pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/34D1a5fe384d-1675448518-4002435059 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe3899/[170,167,-] 34D1a5fe384d/[-,171.757]
cf-ray: 794a7055092b23fb-LHR
x-dw-request-base-id: X68xsXlv32MBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CSRF-GetToken Show response
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 234 B
729 B 201ms
201ms Fetch
application/json 165.254.56.77
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/CSRF-GetToken
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/js/app.min.js?yocs=F_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.77 Los Angeles, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 72a38e6a2701418467ff27a861175848b76f35ec595826243c2b117ab41eda84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/skin-care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-varnish-cache: miss
pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/34D1a5fe384d-1675448518-4002435061 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe3898/[173,170,-] 34D1a5fe384d/[-,175.285]
cf-ray: 794a70552e4b74f1-LHR
x-dw-request-base-id: Y5egz3lv32MBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 EShopWorld-GetEswLandingFooterBar Show response
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 262 B
727 B 195ms
194ms XHR
text/html 165.254.56.77
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/EShopWorld-GetEswLandingFooterBar
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/Sites-elf-us-Site/-/en_US/v1675501912684/lib/jquery/jquery-2.1.1.min.js?yocs=F_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.77 Los Angeles, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: acb3511f732562de4549b37fe6f6a43a7cd624c8e7dc81fabe5fa05d43ded188

Request headers

Accept: */*
Referer: https://www.elfcosmetics.com/skin-care/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-varnish-cache: miss
date: Sun, 05 Feb 2023 08:57:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/34D1a5fe384d-1675448518-4002435062 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-length: 195
pragma: no-cache
vary: Accept-Encoding
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe3897/[164,160,-] 34D1a5fe384d/[-,166.582]
cf-ray: 794a70555c957792-LHR
x-dw-request-base-id: X68ysXlv32MBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1173718532&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&ul=en-us&de=UTF-8&dt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Product%20Impression&_u=aHgAAAABAAAAAAAEKk~&cid=602255288.1675587447&uid=&tid=UA-432816-1&_gid=852277591.1675587449&gtm=45He3210n81T7MZLHP&gcs=G100&cg5=category&cd1=%3A%20&cd4=0&cd5=&cd6=&cd7=&cd8=false&cd9=0&cd10=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537&cd14=category&cd15=&cd21=US&cd19=602255288.1675587447&z=1196058449

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:52:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
521 B 18ms
18ms Fetch
image/svg+xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 6489
x-ms-lease-status: unlocked
last-modified: Thu, 02 Feb 2023 13:33:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 77a77888-501e-00ef-5317-37d398000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 794a70556f25383c-FRA

POST
H2 200 Api-SetTrackingAllowed
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 0
0 192ms
192ms Fetch
text/html 165.254.56.77
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetTrackingAllowed
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.77 Los Angeles, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/skin-care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-varnish-cache: pass
pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/34D1a5fe384d-1675448518-4002435072 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe3895/[143,142,-] 34D1a5fe384d/[-,162.589]
accept-ranges: bytes
cf-ray: 794a7055c9588867-LHR
x-dw-request-base-id: Y5eoz3lv32MBAAB_
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 Api-SetCookieData
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 0
0 192ms
192ms Fetch
text/html 165.254.56.77
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetCookieData
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.77 Los Angeles, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.elfcosmetics.com/skin-care/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-varnish-cache: pass
pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/34D1a5fe384d-1675448518-4002435073 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe3894/[157,155,-] 34D1a5fe384d/[-,159.752]
accept-ranges: bytes
cf-ray: 794a7055bc280089-LHR
x-dw-request-base-id: Y5enz3lv32MBAAB_
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 21ms
21ms Image
image/png 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 11359
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Thu, 02 Feb 2023 13:33:39 GMT
server: cloudflare
etag: 0x8DB052217DDADB5
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: db08534d-301e-007c-090c-3745d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 794a7055ac1b360a-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 21ms
20ms Image
image/svg+xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 08:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 11359
x-ms-lease-status: unlocked
last-modified: Thu, 02 Feb 2023 13:33:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f447d889-501e-00c6-113d-37a5da000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 794a7055ac1e360a-FRA

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/elfcosmetics.com/ 155 B
355 B 301ms
261ms Fetch
application/json 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/elfcosmetics.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60840bb96e068bb96036e1332f5b4ff0f16cb29a6ecfbdfc9b018613257100dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 05 Feb 2023 08:56:11 GMT
server: cloudflare
etag: W/"9b-63df6f2b-fcb0d3b7a6776335;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
cf-ray: 794a7055ed29bba9-FRA
access-control-allow-headers: *
expires: Mon, 06 Feb 2023 08:57:29 GMT

GET
H2 200 PLP_skincare_M.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw5a3dcccf/marketing-tiles/2022/03/ 6 KB
6 KB 15ms
15ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.93/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw5a3dcccf/marketing-tiles/2022/03/PLP_skincare_M.jpg?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 113eb0ccd10bc7efb5f02bc69f1ec44f685c82a69691cc6d5075a08513963b49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 18 Feb 2023 17:24:28 GMT
date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 1190583
x-yottaa-optimizations: ob/10000000000100 si/3211a5fec642-1674141628-947890843 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5912
x-served-by: cache-fra-eddf8230096-FRA
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
x-timer: S1675587449.237192,VS0,VE1
content-type: image/webp
cache-control: public, max-age=31104000
x-yottaa-metrics: 3221cc02d143/[4,-,1674392148907] 3211a5fec642/[-,6.545]
accept-ranges: bytes
cf-ray: 78d872312a972e63-DFW
x-dw-request-base-id: pHQEC8x8yWMBAAB_
x-cache-hits: 1

GET
H2 200 dy-coll-min.js Show response
cdn.dynamicyield.com/scripts/1.156.0/ 181 KB
59 KB 14ms
14ms Script
application/javascript 2600:9000:21f3:5a00:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5a00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: cf310e0e80dab6dd13b7aca4cae9eac4a496aebdbb8fdea5e3899dd9d2d6cb28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 09:38:02 GMT
content-encoding: gzip
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 08:21:59 GMT
server: DYCDN
age: 429568
x-amz-cf-pop: FRA2-C2
etag: W/"7a632cb874bc685cfbf70c6e117e6bc1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: h7Ial7wNEczoZY3Z6lhRdEzXeaenGpy19McMm3JCeCPY1ijnllqz_w==

GET
H2 200 dpx
async-px.dynamicyield.com/ 0
0 164ms
106ms Fetch 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/dpx?cnst=1&_=64260&name=User%20Session&props=undefined&uid=-7070651172777922695&sec=8772046&cl=dk.w.c.ws.&ses=3bfeda086d7a993cfa0e5705c52b7bd2&l=def&p=1&sd=&rf=&trf=0&aud=1092373.1167412.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.799438.799440&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%22-2690191492598344256%22%2C%222%22%2C%223%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%22-2690191491037306117%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%22-2690191492509078144%22%2C%221%22%2Cnull%5D%2C%5B%221261284%22%2C%2211209913%22%2C%2227119924%22%2C0%2Cnull%2Cnull%2C%22-2690191491134919555%22%2C%221%22%2Cnull%5D%2C%5B%221319536%22%2C%2211449246%22%2C%2227343816%22%2C0%2Cnull%2Cnull%2C%22-2690191491143326524%22%2C%221%22%2Cnull%5D%2C%5B%221353627%22%2C%2211652521%22%2C%2227486467%22%2C0%2Cnull%2Cnull%2C%22-2690191489619760684%22%2C%221%22%2Cnull%5D%5D&expSes=25136&tsrc=Direct&reqts=1675587449300&rri=5016756&geoData=DE_NI_Langen
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: EvKnaKSn48X4pSyq_Za3EorAIaKRewCctKx4gj6GA3LyNtU3j7CzOA==
expires: 0

GET
H2 200 dpx
async-px.dynamicyield.com/ 0
0 161ms
106ms Fetch 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/dpx?cnst=1&_=707415&name=New_User&props=%7B%7D&uid=-7070651172777922695&sec=8772046&cl=dk.w.c.ws.&ses=3bfeda086d7a993cfa0e5705c52b7bd2&l=def&p=1&sd=&rf=&trf=0&aud=1092373.1167412.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%22-2690191492598344256%22%2C%222%22%2C%223%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%22-2690191491037306117%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%22-2690191492509078144%22%2C%221%22%2Cnull%5D%2C%5B%221261284%22%2C%2211209913%22%2C%2227119924%22%2C0%2Cnull%2Cnull%2C%22-2690191491134919555%22%2C%221%22%2Cnull%5D%2C%5B%221319536%22%2C%2211449246%22%2C%2227343816%22%2C0%2Cnull%2Cnull%2C%22-2690191491143326524%22%2C%221%22%2Cnull%5D%2C%5B%221353627%22%2C%2211652521%22%2C%2227486467%22%2C0%2Cnull%2Cnull%2C%22-2690191489619760684%22%2C%221%22%2Cnull%5D%5D&expSes=25136&tsrc=Direct&reqts=1675587449305&rri=4460269&geoData=DE_NI_Langen
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: UfSfdwHht9m6wrXRYE0aBuy0iYjD_OXS7MnOTbyaMCvKyFZBY4mJDA==
expires: 0

POST
H2 200 uia Show response
async-px.dynamicyield.com/ 0
381 B 162ms
115ms XHR
text/plain 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/uia?cnst=1&_=1675587449312
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: SQ1VbtyP0fuPg844O35ToMc0ip-lJOqRXjVC0F6A8h8CTg-MOotg2g==
expires: 0

GET
H2 200 749c6f13acdc595b94722ead533b2f5e.json Show response
cdn.dynamicyield.com/variations/8772046/551945/14545970/ 6 KB
2 KB 37ms
15ms XHR
application/json 2600:9000:21f3:5a00:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/variations/8772046/551945/14545970/749c6f13acdc595b94722ead533b2f5e.json
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/api/8772046/api_static.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5a00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 0370180367dcefc047e253451bca36b21d15c3614bfdbcea0ef226f12a006bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 09:36:16 GMT
content-encoding: gzip
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
age: 84074
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
last-modified: Thu, 19 Jan 2023 19:57:35 GMT
server: DYCDN
etag: W/"749c6f13acdc595b94722ead533b2f5e"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: hHr-BtuFQUCWEqv7JViAucUhPg0vOTvLn-Sh5Zew2eAKSVDJXHceVA==

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 133ms
107ms Fetch 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=44536&uid=-7070651172777922695&sec=8772046&t=ri&e=1071690&p=1&ve=9891223&va=%5B25820092%5D&ses=3bfeda086d7a993cfa0e5705c52b7bd2&expSes=25136&aud=1092373.1167412.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&expVisitId=-2690191491037306117&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1675587449333&rri=3349172
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: LDvBc8PpY9o9j67Cxf3rtGTGEPrMkOPfOj3TdHsnJdmh13TPLZM2OQ==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 130ms
105ms Fetch 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=285077&uid=-7070651172777922695&sec=8772046&t=ri&e=1122259&p=1&ve=10259311&va=%5B26195955%5D&ses=3bfeda086d7a993cfa0e5705c52b7bd2&expSes=25136&aud=1092373.1167412.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&expVisitId=-2690191492509078144&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1675587449334&rri=1400155
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: 7PNz3PrYKadn5upw-TrNgO1g_D8AOM0HP_Eb83gV0pX0hawEQb8QrQ==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 130ms
106ms Fetch 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=725013&uid=-7070651172777922695&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=3bfeda086d7a993cfa0e5705c52b7bd2&expSes=25136&aud=1092373.1167412.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&expVisitId=-2690191491134919555&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1675587449335&rri=9581239
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: gGxDaWOdAT3bYPJlqpXsMqZFWU_B21KmlyG9VEo7PfGGm_PaFlzizw==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 130ms
107ms Fetch 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=717261&uid=-7070651172777922695&sec=8772046&t=ri&e=1319536&p=1&ve=11449246&va=%5B27343816%5D&ses=3bfeda086d7a993cfa0e5705c52b7bd2&expSes=25136&aud=1092373.1167412.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&expVisitId=-2690191491143326524&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1675587449335&rri=923763
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: lqh9Xz4WgvXD_g65cpm1rav4Qm0rrdE4-YrsjqMadFXfy1fuvmpssg==
expires: 0

GET
H2 200 css
fonts.googleapis.com/ 2 KB
948 B 140ms
52ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Feb 2023 08:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 07:05:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Feb 2023 08:57:29 GMT

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eb19f86c6d5d6ec3a08289ba115cc4493a9c9528c0f16bed609aa3c7ea5fa5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 batch
async-px.dynamicyield.com/ 0
384 B 303ms
281ms Ping
text/plain 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1675587449410_369330
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: olwY7JZL9jUfDlBangXBzQI5A6LP8mY8UsVJMMrGpNyLoLx6SgPX9g==
expires: 0

GET
H2 200 dpx
async-px.dynamicyield.com/ 0
0 282ms
282ms Fetch 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/dpx?cnst=1&_=773001&name=Skincare_Notification_Served&props=%7B%7D&uid=-7070651172777922695&sec=8772046&cl=dk.w.c.ws.&ses=3bfeda086d7a993cfa0e5705c52b7bd2&l=def&p=1&sd=&rf=&trf=0&aud=1092373.1167412.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%22-2690191492598344256%22%2C%222%22%2C%223%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%22-2690191491037306117%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%22-2690191492509078144%22%2C%221%22%2Cnull%5D%2C%5B%221261284%22%2C%2211209913%22%2C%2227119924%22%2C0%2Cnull%2Cnull%2C%22-2690191491134919555%22%2C%221%22%2Cnull%5D%2C%5B%221319536%22%2C%2211449246%22%2C%2227343816%22%2C0%2Cnull%2Cnull%2C%22-2690191491143326524%22%2C%221%22%2Cnull%5D%2C%5B%221353627%22%2C%2211652521%22%2C%2227486467%22%2C0%2Cnull%2Cnull%2C%22-2690191489619760684%22%2C%221%22%2Cnull%5D%2C%5B%221077848%22%2C%229970747%22%2C%2225862342%22%2C0%2Cnull%2Cnull%2C%22-2690191489678258345%22%2C%221%22%2Cnull%5D%2C%5B%221267591%22%2C%2211602858%22%2C%2227287619%22%2C0%2Cnull%2Cnull%2C%22-2690191490088224010%22%2C%221%22%2Cnull%5D%5D&expSes=25136&tsrc=Direct&reqts=1675587449424&rri=2889708&geoData=DE_NI_Langen
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: tfLLjzS6lUMGM02234qjUPndXwboMvXzfva5w2ZEKuvxUqN3SVd80w==
expires: 0

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
191 B 159ms
7ms Ping
text/json 140.174.14.76
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 140.174.14.76 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 05 Feb 2023 08:57:29 GMT
access-control-expose-headers: X-Results-Data-Source
access-control-allow-credentials: true
cache-control: no-cache
timing-allow-origin: *
content-type: text/json

GET
H2 200 sensor.js Show response
elfco11111.pcapredict.com/js/ 100 KB
15 KB 59ms
18ms Script
text/javascript 34.117.233.127
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://elfco11111.pcapredict.com/js/sensor.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.233.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 127.233.117.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 8c1c5f9c8a912bc93249e8db2db25bb493f6e33f034899807f4032cf365b7111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:55:24 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.2
age: 125
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=60
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754

GET
H2 200 sdk.js Show response
plugins-media.perfectcorp.com/c695/ 406 KB
116 KB 942ms
907ms Script
application/javascript 13.224.189.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins-media.perfectcorp.com/c695/sdk.js?apiKey=WZAntXUwJQKcfXEl4AR5w==
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef01c7ec294cd078695a8594328731d6b2c20661f29c58a21d333acb4207ab8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:31 GMT
content-encoding: gzip
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Mon, 06 Jul 2020 07:42:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "8c5f7ea7a694971e1dc455e14f45fe1a"
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 118334
x-amz-cf-id: IIOsINPounz-eAKgTYYMXdkhGWyh_k8QWzf4fY_sMlI8yDh0CcFYAQ==

GET
H/1.1 200
OK tags.js Show response
imgs.signifyd.com/fp/ 93 KB
13 KB 120ms
17ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/tags.js?org_id=w2txo5aa&session_id=aHR0cHM6Ly93d3cuZWxmY29zbWV0aWNzLmNvbS9jODNlZjQ0ZDg4YmMyMDQ4MjhmZDY3OTZhMA==&pageid=2

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

2f15c02b4eef658e3ad476fcef05fdcdfcf05bb8e8b4133fa87fd13391083cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 08:57:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 clog Show response
px.dynamicyield.com/ 0
227 B 327ms
97ms XHR
text/plain 34.206.197.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.dynamicyield.com/clog
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.197.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-197-18.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

POST
H2 200 clog Show response
px.dynamicyield.com/ 0
228 B 326ms
97ms XHR
text/plain 34.206.197.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.dynamicyield.com/clog
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.197.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-197-18.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 239 KB
30 KB 176ms
176ms Fetch
application/json 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f8c6032340e6a0f2e86510435fb617e0a60939510c1ebe90e89807a2973ee69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 31 Jan 2023 15:43:03 GMT
server: cloudflare
etag: W/"3bb7f-63d93707-d4a63582b68b1b7;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
cf-ray: 794a70578ee9bba9-FRA
access-control-allow-headers: *
expires: Mon, 06 Feb 2023 08:57:29 GMT

GET
H2 200 / Show response
pagead2.googlesyndication.com/pagead/conversion/698270988/ 0
0 94ms
27ms Script
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/conversion/698270988/?random=1675587446771&cv=11&fst=1675587446771&bg=ffffff&guid=ON&async=1&gtm=45He3210&gcs=G100&gcd=G100&u_w=1600&u_h=1200&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN%20%7C%20e.l.f.%20Cosmetics&value=0&bttype=purchase&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 loader.js Show response
cdn.usehero.com/ 90 KB
27 KB 91ms
16ms Script
application/javascript 2600:9000:21c7:be00:13:d6f4:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usehero.com/loader.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:be00:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 312e12643c29fd6e4995d56d0da28f8e031184a16a8bc9fc9318518cdf20e877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:17:00 GMT
content-encoding: gzip
via: 1.1 f9d671af272d3b5b3c683203ae8f4cc8.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jan 2023 11:12:15 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
age: 2430
etag: W/"9cca8411b58aa7067e4a1a4f1c8375d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 6IlRFLBtwHibM3HGPt0aAW8QmEdYasgGF0HNYdMnqgusx7iw1k4gFw==

GET
H2 200 pixel.js Show response
track.custora.com/ 6 KB
7 KB 104ms
9ms Script
application/javascript 13.32.121.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.custora.com/pixel.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-60.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9ffe1174d267725dc5c46203d0795ec0c2e489e270a8368b73303bb894e7a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:24:55 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
last-modified: Wed, 18 Nov 2020 11:16:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 83024
etag: "bacb17d20515386f491f96447886b038"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6571
x-amz-cf-id: shn1HiHsnPqmIhNbnuOIgZ8wERUusPUxBG-6NMxn6RLT8EY1aIGtKg==

GET
H2 200 i.js Show response
tag.wknd.ai/4142/ 14 KB
5 KB 192ms
15ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/4142/i.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: c6d3c52f48a05a46ca5afc4012cf410574e50142685d46524eab322fcb9ec10c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:48:33 GMT
content-encoding: gzip
via: 1.1 google
age: 536
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4608
server: istio-envoy
etag: 8d02168f7ec0f1
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 55ms
17ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:56:31 GMT
content-encoding: gzip
age: 58
x-guploader-uploadid: ADPycdvgL_0H6IlaIx6X6mTtbxaUFL8QF_sk_fuR118cqAUY2qYMnml0GhjKusKzvTAIP0SghRx1lAbi9YMVwbqpt4yfpQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Sun, 05 Feb 2023 09:56:31 GMT

GET
H2 200 site.min.js Show response
edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/ 155 KB
33 KB 473ms
405ms Script
application/javascript 2606:4700::6812:1ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/site.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6e1f05e590ddd81cdedefacedca609d2560b65de9fe51a4e030051275671e14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:30 GMT
x-amz-version-id: rAPtwPRhHwqv1BJ92ckJkXT_MvvXb78H
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Oct 2022 18:38:06 GMT
server: cloudflare
x-amz-request-id: 3Z1GQV49Z6YGESAP
etag: W/"647f47fa8fb971578f4df9d7f106f74f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800,s-maxage=1800
x-amz-replication-status: COMPLETED
cf-ray: 794a70586abf5cb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Ws/JeeeIKv2XPugW6uE7/IFM3e+/MdvuwiY1gmurvIufNESYGzGN40oBGfqYAvmD4Ibny8/7E/8=

GET
H2 200 widget.js Show response
js.jebbit.com/companion/v1/ 93 KB
93 KB 131ms
17ms Script
application/javascript 2600:9000:2104:8400:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8400:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dce1686ab8414249a2135c0d765b4694cc13a0942c338dc426935e96a47e7692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 16:59:08 GMT
x-amz-version-id: Z5t5auaXvD4ix8cwr5LKWH0g55_Cgbhv
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 16:58:51 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 57502
etag: "99bd67c027ceb666c6600277adf4f317"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 94964
x-amz-cf-id: GEoLWLcWqNmu0icdRZdB7x5UKjsFJXXVcrlBA7HtZUnu8QdqU4LG4w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 62ms
18ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 05 Feb 2023 08:57:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gtwrcT2KlwGr1qnA8biTufQCKGjDDxjTObD23+cXmXfk6tuZtwsgpv1UlU7ExU4/6V5WOkSRiykrWywl5Mh5+w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
80 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2015321c2021a00f0ee429128025769db5a2f4126ed2df80e6d1652631babeb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81534
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Feb 2023 08:57:29 GMT

GET
H/1.1 200
OK check.js;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F Show response
imgs.signifyd.com/fp/ Frame AAF3 261 KB
43 KB 27ms
27ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/check.js;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909&jb=35312426687b6777355f616c646d75732c687b6735556164666d757325303a3b382e607160773549627265656f2c6a73683d41687a67656d2d3230313833

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/tags.js?org_id=w2txo5aa&session_id=aHR0cHM6Ly93d3cuZWxmY29zbWV0aWNzLmNvbS9jODNlZjQ0ZDg4YmMyMDQ4MjhmZDY3OTZhMA==&pageid=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

8626dc28786a01e7644621da2607f06200c86e66772536108d38644122719621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 08:57:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
tmx-nonce: 949ac14405448909
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
imgs.signifyd.com/fp/ Frame AAF3 81 B
475 B 48ms
16ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 08:57:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
imgs.signifyd.com/fp/ Frame AAF3 81 B
475 B 48ms
15ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 08:57:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

nfEmbeddedService.js Show response
elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/
Redirect Chain

https://elfcosmetics.secure.force.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1675587446544
https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1675587446544

5 KB
3 KB

1054ms
112ms

Script
application/x-javascript

13.110.60.156
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1675587446544

Protocol

HTTP/1.1

Server

13.110.60.156 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg1-c5-iad4.na153-ia4.salesforce.com

Software

Resource Hash

05afd7115e1e4e6835deb4080f8b300a058786683a9ef7ec2af25e4038885905

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 08:57:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 6 Nov 2019 02:20:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
Content-Length: 1781
X-XSS-Protection: 0
Expires: Wed, 22 Mar 2023 08:57:31 GMT

Redirect headers

Location: https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1675587446544
Date: Sun, 05 Feb 2023 08:57:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Security-Policy: upgrade-insecure-requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 148ms
146ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
server: Google Frontend
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 0edbcdcac518fd2ba381b7ee7068fc2e
function-execution-id: tak7eq10fbbq
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 196ms
126ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Sun, 05 Feb 2023 08:57:29 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
server: Google Frontend
x-cloud-trace-context: e13ba31bc14d37481266cc3b406a7326
x-powered-by: Express

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 05 Feb 2023 09:47:22 GMT

GET
H2 200 display Show response
api.usehero.com/webplugin/ 58 B
578 B 280ms
280ms XHR
application/json 52.209.148.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&state=untouched&outboundFeature=&visitorId=f9f8c2ed-d5ae-4e56-8912-88b983402939

Requested by

Host: cdn.usehero.com
URL: https://cdn.usehero.com/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.148.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-148-203.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f661fda8a4434526ffc0d69153d9aa81dd2d0f28241ca9814e41bc9cd4c692c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-hero-api-version: 2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:30 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
etag: W/"3a-iMwA4Q8ZsNwYTnyWRfyYbQ6JkGo"
access-control-max-age: 21600 always
access-control-allow-methods: *
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-country: DE
x-time-zone: Europe/Berlin
x-geo-latitude: 51.29930
x-geo-longitude: 9.49100
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Language, authorization, x-hero-application-id, x-hero-api-version, x-api-version, x-cache-control, twilio, x-dashboard-request
content-length: 58
x-accuracy: 200
x-request-id: f08f01bb-5f70-4392-b5df-5d47fc6a690c

OPTIONS
H2 200 display
api.usehero.com/webplugin/ Frame 0
0 249ms
171ms Preflight
text/plain 52.209.148.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.148.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-148-203.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hero-api-version
Access-Control-Request-Method: GET
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Accept-Language,authorization,x-hero-application-id,x-hero-api-version,x-api-version,x-cache-control,twilio,x-dashboard-request
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 21600 always
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 05 Feb 2023 08:57:29 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-accuracy: 200
x-country: DE
x-geo-latitude: 51.29930
x-geo-longitude: 9.49100
x-request-id: 25901379-0ebe-451d-9da7-6ea2e59c9aae
x-time-zone: Europe/Berlin

GET
H2 200 swiper.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.6/js/ 268 KB
40 KB 44ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.6/js/swiper.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e6fdfe0de25d903ebf13597e3ac3615fb3c50df486cdf1da967650fcabae659

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3805470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39981
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-43186"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UErZxsGLnE92pQQ9iqTkRxXHqwysTtdNFA7yVkzebg2ykIMGfv%2BN1m0Mx07sx%2BuLniXbcZ2h6rhu97BiUxePAdxPoG%2BCZBge0WixRAss%2FPKjIGzDCwQNKZkWTAyZLhm4UuapUkx7e2knNdxnKZH1nRR%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 794a7058e8242bb5-FRA
expires: Fri, 26 Jan 2024 08:57:29 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 50ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je3210&_p=1173718532&gcs=G100&cid=602255288.1675587447&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675587449&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&dt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN%20%7C%20e.l.f.%20Cosmetics&uid=&en=page_view&_fv=1&_ss=2&ep.delivery_iso_country=US&ep.page_type=category&up.user_logged_in=false&up.user_country=US&upn.user_age=0&up.user_has_transacted=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
imgs.signifyd.com/fp/ Frame AAF3 81 B
536 B 56ms
18ms XHR
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/check.js;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909&jb=35312426687b6777355f616c646d75732c687b6735556164666d757325303a3b382e607160773549627265656f2c6a73683d41687a67656d2d3230313833

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, w2txo5aa/949ac14405448909ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 08:57:29 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 05 Feb 2023 08:57:29 GMT
Server: Apache
Etag: 345a965c7a614a05a62d8499829b8837
Content-Type: image/png
Access-Control-Allow-Origin: https://www.elfcosmetics.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Fri, 04 Feb 2028 08:57:29 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F Show response
imgs.signifyd.com/fp/ Frame 5E85 91 KB
14 KB 23ms
22ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

6a637bc02ad11ec8b8b4c580abf278ec0333bd5f8f5bce0f03332f2a942d471f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 05 Feb 2023 08:57:29 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
imgs.signifyd.com/fp/ Frame AAF3 0
387 B 19ms
19ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 08:57:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F Show response
h.online-metrix.net/fp/ Frame E291 104 KB
16 KB 81ms
20ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

71c9ebb95f4f4f1d2aab2506e72a2d3bffb77b4bfb37d01d1bfbf127896d460b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 05 Feb 2023 08:57:29 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F Show response
imgs.signifyd.com/fp/ Frame C01B 90 KB
14 KB 32ms
20ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/top_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

6781ccc10328f5a3633dfdb3f05a91850a82ce7cd04fbc4b83ab7d544cc7ea0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 05 Feb 2023 08:57:29 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
imgs.signifyd.com/fp/ Frame AAF3 0
218 B 28ms
28ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909&ja=31303038242e6b3f382e723f3024643d3b34383870333a3a322463663d333c3a38703b3032322e7972793738723a26647a723f3124393e38382c3132383a24393c30382e3b323a3824313638322c333a383224393e32302e33323a32243824322e67763f633838306b686b6c693535666c6c6e66336d6b3234313b3435303e6a31693f61266d66373c2e79636c3f38342c64603d687c7670712d3b432d3a4e27324475777d2c6d646e6167796f6776696371246967652f3044716363642d6969786f25324c26667235607c7c78732533492f3a4e2f324e757d77246d64666367716d677c61617b266b6d6d273046796961662561697867273046267266373b2e7a6a3f35306c38386b693c686366686533313b6a3f3b30376165386e3b6a6e623a663e26626035613369323264393f36396e6c3b363a31336c346d3e6e30313e633364353763692c627b653f556b666e6577792d383a31302c6a7162354b607a676d65253a3a3938332662716575375f616e6467757324627b607d354b6a726d6f652c6c606b35362e64666f3f38266c677e78353a2476786c374f74692d384c556e616e6d77662e65697c68723d3c3a383b6e316b30686569383a65366b61353438383a3a696c33353736303b646c3c3d3a303b3633663665636b383c6c693b36636e686e37383b3b3931393c6124703578647d6f696e5f6e66697b62253d476c61667b6d21706477676b66577561666c6d77715d6d6f6661695772646b7b67702535476c6b647b6f23726e7d6d636e55696e65626555616172676a697c2d35456669667b6d2b7064776d6964577975696b69746b656d273d4d6e636c7167217a6e7d6f616c57796a6d616b77637c6f2d3d4f64636e7b6f2b70667d6d636e5f7865636c786469716d7225354d6c69647965297266756d61665f7664615f7264697b6d7a2d374564636c7967297864776f636c5d66657663667c7a2d3f47646364796f217a647f6d696e55737467577e616d7f6572253d4f6e6966736d237a6c7f6f616e5f626376632d3d476e6964716524656c5561357f6d606f66556760474c27383a39263a27303220457a65644f462f32304f532732383a26382d323043607867656375652b5d65684f44253238454c51442d30384d5b273232332e3a273a38204d786f6c454e2532324f592d3a3a454e51442f38304f5b2f38303124302732384b607a676d697565235f6d684b61765d6568436174253a3257676a4f4e49464f4e455d6b6e797669666b676c556370706179712f394a2d3832475a5c55686c6f666e556d69646d63782d3b4a2d3a3045585c556b67666f7a5d68756c6e6d725f60636c64576e6e67697c27334027323a47505c5764646563765d626c67646e2d3b482730324d525e5f6c7a6b6d5f646f7076682d3b4a2d3a3045585c557b606b646d7055746f707c75726d5d6c6d6c2d314a2d3a32455a565f7e67707c7d706d55616d6f70726779796167645d60727c692f33482d383a45585e5f7665707c7d7a6d5f636f657a7a6d7973616d645f786f7c63253b402530384d5a5c577c67787677726f5d6e6164766d785d636c69736d7e786778636127314a2f38304f505e5573524d4227334a2d3a384745535f6d666d656f6e7c5d636e6e6d705f75616c74273b4a273a384747535d6462655d7a6d66666d785d6f6b706d637a2f3b4a2f30324d4d5955737e69646e61726e5f66657a617e697c6976657b2f3b4a2f32384d4f53557c6d78747d70655d6e646d697c2d314227303045475b577c67707e7770675f666e656b7c57666b6c6769782f33482d383a4f45595f7665707c7d7a6d5f6861646c576e666f69762f33482d3a304f4d515f766d70767d7a6d5d68636e6655646467697657666b6c6761722739482d3a3a4d4751577c6f727e6d7255617278617b5f676a626d6b7425334a2f3a385d454a45465f6967646f72576075646e6d70576e646d6176273348273a385f474a4d4e5d616f6d72786f7b7b6f665d766d727e75786d556b7374692531422d3a385f4d42474c576967657a726d7179656e577c65787c777267576d766b2d3b40253032574f404f44576167677270677373676e557c6d727677706d556f7469392f394225383055454a4f44576b6f6d707a6f7b7b6f6457766f787e7d7a655f7b3174612d3b402d3a38554540454c5561676578706d797167665f7467727e7d7a6f5d71317c695573786f682f33422f3232574d4a4f44576465627d6d577a6f6e6c6778657857616e66672733402d3a325f4d4a454c5d66657a7660577c67707e7770672533402f38385f4f40454e576e78617d57687f66666f7271253b4a2d3a385745424f46576465736d5d696f647c6d78742d3142273a38554d4a4f4e5f6f776c7e6b576c7a637f3b3424656c5f6a37396e6e3f6664643c3d3e306e6c693e30376f3630626d386d3f3c6432353d3e3e393a346c363835332e7f676c7e3f496c7c6d6e2d3a384b6e612c267d65647a354b667e676e2732304b78637b2d38324d726d644d4c2f3a3a4f6e67636e67266b6b6c353a&jb=313d37266e79354f6772616e6c6327324c3726382d303822556b6c646f75792f3a3844562730383b3a2e3a2d394825323a576b6e3e3c2d3b4a253230703c3c212f3238437a70666d5f6562436b74273a4e373b3f2631362730302249405c454e2d38412730306c6b616f2d3a3a4567616365232538384962726f676527324e39383126302e353c3b3c263b313127383059696e6172612732443d3b35263b3e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 08:57:29 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
w2txo5aarsrc7wgdy3dnhtm5krmv3khpbh4m3aru949ac14405448909am1.e.aa.online-metrix.net/fp/ Frame AAF3 81 B
438 B 92ms
15ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w2txo5aarsrc7wgdy3dnhtm5krmv3khpbh4m3aru949ac14405448909am1.e.aa.online-metrix.net/fp/clear.png?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 08:57:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
17ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1173718532&t=event&ni=0&cu=USD&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&ul=en-us&de=UTF-8&dt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ecommerce&ea=impression&_u=aHgAAAALAAAAAAAMKk~&cid=602255288.1675587447&tid=UA-432816-14&_gid=876380134.1675587449&gtm=45He3210n81T7MZLHP&gcs=G100&il1nm=skin&il1pi1ca=skin&il1pi1cd11=&il1pi1cd12=&il1pi1pr=21&il1pi1cd13=0&il1pi1nm=Sweet%20Dreams%20-%20Skincare%20Set&il1pi1id=17196&il1pi1ps=1&il1pi2ca=skin&il1pi2cd11=&il1pi2cd12=&il1pi2pr=12&il1pi2cd13=0&il1pi2nm=Holy%20Hydration!%20Triple%20Bounce%20Serum&il1pi2id=57167&il1pi2br=e.l.f.%20Skin&il1pi2ps=2&il1pi3ca=skin&il1pi3cd11=&il1pi3cd12=&il1pi3pr=4&il1pi3cd13=0&il1pi3nm=Good%20Vibes%20Only%20Cloud%209%20Cleansing%20Cloud&il1pi3id=84244&il1pi3br=e.l.f.%20Cosmetics&il1pi3ps=3&il1pi4ca=skin&il1pi4cd11=&il1pi4cd12=&il1pi4pr=14&il1pi4cd13=0&il1pi4nm=Suntouchable!%20Whoa%20Glow%20SPF%2030&il1pi4id=57277UP&il1pi4br=e.l.f.%20Cosmetics&il1pi4ps=4&il1pi5ca=skin&il1pi5cd11=&il1pi5cd12=&il1pi5pr=22&il1pi5cd13=0&il1pi5nm=Youth%20Boosting%20Advanced%20Night%20Retinoid%20Serum&il1pi5id=57581&il1pi5br=e.l.f.%20Skin&il1pi5ps=5&il1pi6ca=skin&il1pi6cd11=&il1pi6cd12=&il1pi6pr=13&il1pi6cd13=0&il1pi6nm=Holy%20Hydration!%20Face%20Cream%20-%20SPF%2030&il1pi6id=81570&il1pi6br=ELF%20Cosmetics&il1pi6ps=6&z=483288773

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:52:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
17ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1173718532&t=event&ni=0&cu=USD&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&ul=en-us&de=UTF-8&dt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ecommerce&ea=impression&_u=aHgAAAALAAAAAAAMKk~&cid=602255288.1675587447&tid=UA-432816-14&_gid=2002464446.1675587450&gtm=45He3210n81T7MZLHP&gcs=G100&il1nm=skin&il1pi1ca=skin&il1pi1cd11=&il1pi1cd12=&il1pi1pr=13&il1pi1cd13=0&il1pi1nm=Holy%20Hydration!%20Face%20Cream&il1pi1id=82829&il1pi1br=ELF%20Cosmetics&il1pi1ps=7&il1pi2ca=skin&il1pi2cd11=&il1pi2cd12=&il1pi2pr=11&il1pi2cd13=0&il1pi2nm=Holy%20Hydration!%20Makeup%20Melting%20Cleansing%20Balm&il1pi2id=59910&il1pi2br=ELF%20Cosmetics&il1pi2ps=8&il1pi3ca=skin&il1pi3cd11=&il1pi3cd12=&il1pi3pr=16&il1pi3cd13=0&il1pi3nm=Vitamin%20C%20Serum&il1pi3id=57074&il1pi3br=ELF%20Cosmetics&il1pi3ps=9&il1pi4ca=skin&il1pi4cd11=&il1pi4cd12=&il1pi4pr=6&il1pi4cd13=0&il1pi4nm=Holy%20Hydration!%20Daily%20Cleanser&il1pi4id=59990&il1pi4br=ELF%20Cosmetics&il1pi4ps=10&il1pi5ca=skin&il1pi5cd11=&il1pi5cd12=&il1pi5pr=10&il1pi5cd13=0&il1pi5nm=Holy%20Hydration!%20Eye%20Cream&il1pi5id=57014&il1pi5br=ELF%20Cosmetics&il1pi5ps=11&il1pi6ca=skin&il1pi6cd11=&il1pi6cd12=&il1pi6pr=13&il1pi6cd13=0&il1pi6nm=Holy%20Hydration!%20Face%20Cream%20-%20Fragrance%20Free&il1pi6id=82828&il1pi6br=ELF%20Cosmetics&il1pi6ps=12&z=2106187618

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:52:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
17ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1173718532&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&ul=en-us&de=UTF-8&dt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6HgACAALBAAAAAAMKk~&cid=602255288.1675587447&uid=&tid=UA-432816-1&_gid=1428366529.1675587450&gtm=45He3210n81T7MZLHP&gcs=G100&cg5=category&cd1=%3A%20&cd4=0&cd5=&cd6=&cd7=&cd8=602255288.1675587447&cd9=0&cd10=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537&cd14=category&cd15=&cd21=US&cd2=0.1956003783096505_1675587449362&cd99=test&z=88864351

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:52:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1173718532&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&ul=en-us&de=UTF-8&dt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=6HgACAALBAAAAAAMKk~&cid=602255288.1675587447&uid=&tid=UA-432816-1&_gid=1454077932.1675587450&gtm=45He3210n81T7MZLHP&gcs=G100&cg5=category&cd1=%3A%20&cd4=0&cd5=&cd6=&cd7=&cd8=602255288.1675587447&cd9=0&cd10=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537&cd14=category&cd15=&cd21=US&cd19=602255288.1675587447&z=2067331594

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:52:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1638306756445368 Show response
connect.facebook.net/signals/config/ 388 KB
110 KB 16ms
16ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1638306756445368?v=2.9.95&r=stable

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3cce4b0378624286a621141992dd28ad77229e3103d84ee17b772f89c7945b5e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 05 Feb 2023 08:57:29 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 112617
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: zLo+imM8A59JVIeX9+9nlH825ZV+sfPLU4Ic96YawjyUGv2YPxno29Tipz7N0AE5zBl3dPJJlE7kaYzfqL1FtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pv
t.custora.com/ 43 B
105 B 656ms
93ms Image
image/gif 54.164.85.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.custora.com/pv?a=8f1a98db0530a45&b=web&vi=8ca149f8-f38f-40f0-99a2-4c0ebeffee65&h=www.elfcosmetics.com&p=%2Fskin-care%2F&t=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN%20%7C%20e.l.f.%20Cosmetics&ag=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&ts=1675587449844
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.85.149 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-85-149.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:30 GMT
content-type: image/gif

GET
H/1.1 204
No Content clear.png Show response
imgs.signifyd.com/fp/ Frame 5E85 0
387 B 18ms
17ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 08:57:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 5f89bf4a-c3a2-4794-a15b-9e97ea69d85f
https://www.elfcosmetics.com/ 56 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.elfcosmetics.com/5f89bf4a-c3a2-4794-a15b-9e97ea69d85f
Requested by: Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c94b4779bff56e7086c76e350336d941709016205282c9271a887f1547f717c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 57234
Content-Type: text/css

GET
H2 200 launcher_configs Show response
external-api.jebbit.com/moments/v2/ 2 B
487 B 523ms
43ms XHR
application/json 2600:9000:21f3:7a00:1b:50c2:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZ3d3cuZWxmY29zbWV0aWNzLmNvbSUyRnNraW4tY2FyZSUyRg==&completedLightboxCampaigns=W10=&jebbitCookies=

Requested by

Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1b:50c2:4000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block
x-amz-cf-id: uYTHDnsj8JXS_soRhCT_Wm0zmhTmoQXVSeTi7JY2mhe1yKAlQazJkA==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 430ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&rl=&if=false&ts=1675587449993&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675587449975.2065683646&ic=fbpixel&it=1675587449816&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 05 Feb 2023 08:57:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 logomono.svg
web1.acsbapp.com/apps/app/dist/media/ 4 KB
1 KB 483ms
89ms Image
image/svg+xml 138.128.247.123
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web1.acsbapp.com/apps/app/dist/media/logomono.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: eded00575f65de726a63f811022d119ed582721233e74343735cad53930c2a76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:30 GMT
content-encoding: br
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1210
expires: Mon, 05 Feb 2024 08:57:30 GMT

GET
H2 200 __Analytics-Start
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 35 B
542 B 175ms
174ms Image
image/gif 165.254.56.77
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&res=1600x1200&cookie=1&ref=&title=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN%20%7C%20e.l.f.%20Cosmetics&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.9664413658761053&cmpn=&tz=US/Pacific&pcc=&pct=__ANNONYMOUS__&pcat=skin&pst-id=959fa4c4-634a-4580-a49c-714ba5223efa&pst-refs=[{%22name%22:%22Category%22,%22value%22:%22skin%22}]&pst-sort=category-default&pst-pers=false&pst-loc=en_US&pst-qloc=en_US&pst-show=true&pid-0=17196&pev-0=event3&pid-1=57167&pev-1=event3&pid-2=84244&pev-2=event3&pid-3=57277UP&pev-3=event3&pid-4=57581&pev-4=event3&pid-5=81570&pev-5=event3&pid-6=82829&pev-6=event3&pid-7=59910&pev-7=event3&pid-8=500008&pev-8=event3&pid-9=59990&pev-9=event3&pid-10=57014&pev-10=event3&pid-11=82828&pev-11=event3&dw_dnt=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 165.254.56.77 Los Angeles, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/skin-care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-varnish-cache: miss
pragma: no-cache
date: Sun, 05 Feb 2023 08:57:30 GMT
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/0 si/34D1a5fe384d-1675448518-4002435100 tts/1672772265772 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-metrics: 3421a5fe382d/[140,133,-] 34D1a5fe384d/[-,144.415]
accept-ranges: bytes
cf-ray: 794a705af80bdc83-LHR
x-dw-request-base-id: Y5e0z3pv32MBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F
imgs.signifyd.com/fp/ Frame AAF3 0
400 B 24ms
24ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/fp/clear1.png;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909&jf=34393a2671616c5d7a666c3f7466705f5e55693b7a6b7a39446866474b49783d2e7b63665d66697e6f3d3b3e3d3f35383d3437302e7b616c577479706d377f6d683a6d616e736b2e7b69645769657b353b323d313b32313132363a353a6930343c326167316430303a3b383e3a3a3063303c3e38696d396e30333a313237383b3c3a383030343f6b393c68396d646f65696d3f38646c306537306b6031313e33653266343837383e38326a6966316635396633396a3e333232323c3932343a3f3c3f34643e6231613f6c3d396c3632316e3d3b3e3d6669303d62326b3933396d343134316a3a6c316e35343037626f3a6c306930393833303a6439306e693c393b343b3b693c2c73636c55796967373332343e383a3a39303063696b6930683838343b353c696935626d6032326b6e346a693b32366334393d666a3e39673b3b6731606133636b6969393b3363313b3d3d6332393f6e39373330303239383830383735376a6b3e3d3c376c326b363e3c3963656a30646030693769393961306033363335303e3f336a6e636166663737686c3a30323437663a333d663e3c3a2c73696c723f30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 08:57:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=05C2635964AFA1650D75C87FE1C23C8F
h.online-metrix.net/fp/ Frame E291 0
400 B 23ms
23ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=05C2635964AFA1650D75C87FE1C23C8F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909&jf=3439342671616c5d7a666c3f7466705f46475a437e73795e6c5a6e62636b446f2e7b63665d66697e6f3d3b3e3d3f35383d3437302e7b616c577479706d377f6d683a6d616e736b2e7b69645769657b353b323d313b32313132363a353a6930343c326167316430303a3b383e3a3a3063303c3e38696d396e30333a313237383b3c3a38303034383b6a6c68363c646931323a6c64623b3065373d3d316e3c6b35643b3136683a316a3f323d3b61373b3037333b683a316c60676439693e383f6b39396461393535313138313c3e3537363d6c6b3d3b663c373e6332303e39663d31323a396a32316a6c633633303968376b693f3a3d3d3161643165363a3f3d3d3e6431616a382c73636c55796967373332343d383a3a393030643a39316e6b3338646e313f3b3f62326c3139366c6b643e3f3f37663031396f30696a6b333c383133636638326b693a303b6463636d686f663d3f693832613b30303238393a313d3533306c323a3e32373b643364683d3e32623e37373a6d69303b696931663234666b603d3a69666b3a3266603361676e3a6c306f643b34696f68653f2e796366723731

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=88494F678DFE9BBAA0CFE3A64725FA3F?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 08:57:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 main_697d8428dfe1f864dd84e72c2b4ab95f.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 382 KB
74 KB 175ms
14ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_697d8428dfe1f864dd84e72c2b4ab95f.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3bccd772536b4a6046bd6f304976ae19212ade727ad80db4d77429811d9a0be1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:32:26 GMT
content-encoding: br
age: 221104
x-guploader-uploadid: ADPycdtAFVLUIf4fLCUjZwrw3zcLHkMAu83lz8ea_U3SmRus8x2qz1bMPfbeRc8zicySO6OIE6dgRgf-Or_G-sc5Lr3Vvli396-c
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75509
last-modified: Thu, 02 Feb 2023 19:32:18 GMT
server: UploadServer
etag: "e07c8ee8d06ecb82e13a637c9edca2cb"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=fuCY0A==, md5=4HyO6NBuy4LhOmN8ntyiyw==
x-goog-generation: 1675366338564572
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 75509
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 02 Feb 2024 19:32:26 GMT

GET
H2 200 cjs_min_49801052853ad1235b09865bb69bab38.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 46 KB
15 KB 178ms
27ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_49801052853ad1235b09865bb69bab38.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 142dbca8a2feffa53e0ef3c28709f1b373db78da8620506161eba84448fc31b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:50:59 GMT
content-encoding: gzip
age: 525991
x-guploader-uploadid: ADPycdtnZhxYryW1wSVYqoRF7SBZUQ8Zv9LiFxqr-nwzFqKUebs2y9PQLLiIlHCUpK75AzYxMFM9pRDbYbhns-JIJn2ueQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15029
last-modified: Tue, 10 Jan 2023 17:07:47 GMT
server: UploadServer
etag: "5ca7ce197294d4641e9b4dc1ced77d14"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=Jkwxvg==, md5=XKfOGXKU1GQem03Bztd9FA==
x-goog-generation: 1673370467237945
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15029
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Tue, 30 Jan 2024 06:50:59 GMT

GET
H/1.1 204
No Content clear.png Show response
imgs.signifyd.com/fp/ Frame AAF3 0
387 B 18ms
17ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=ahr0chm6ly93d3cuzwxmy29zbwv0awnzlmnvbs9jodnlzjq0zdg4ymmymdq4mjhmzdy3otzhma&nonce=949ac14405448909&jac=1&je=32383626247f6d6b35393f3a2e3334322430383126333b3b24726f3d6e6d2c68697c79763f273f482f3238646f7c656c2f3230253b493926383025324b2f3a3a797469767f732f3a3a2533492732306b60637a6f616c672730322f354c2e69776c623f616337623b6f3c6d3e3233616169693c6638693d693139383931363b3c3e6a3d6333313f333e6a3e6430666e34323e383033306465366e38316e6b6c3a34373b266f7a3b356e336d6f373b616166353f3b3c3f3d3437663a3e33333c3f3f383465333264666b6a303939336161

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 08:57:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 104ms
103ms Fetch 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=735766&uid=-7070651172777922695&sec=8772046&t=ri&e=1077848&p=1&ve=9970747&va=%5B25862342%5D&ses=3bfeda086d7a993cfa0e5705c52b7bd2&expSes=25136&aud=1092373.1167412.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&expVisitId=-2690191489678258345&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1675587450408&rri=6905103
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:30 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: I8lHYIq8XojXy93nfveFNKbWnvBV9DU3t4Dapsu_qtaBW9MdZ6qgbg==
expires: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-77063135-2&l=ymkDataLayer

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2abaf9fe429b9b5dac859adc5fdf859deb773812ecfb610d8270f3e51e69295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43915
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Feb 2023 08:57:30 GMT

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 159ms
115ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ids-catch-all&severity=Error&error=TypeError%253A%2520Cannot%2520read%2520properties%2520of%2520undefined%2520(reading%2520%27initPostDeviceGraph%27)%250A%2520%2520%2520%2520at%2520t.exports.triggerClientCallback%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fcjs_min_49801052853ad1235b09865bb69bab38.js%253A2%253A6994)%250A%2520%2520%2520%2520at%2520https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fcjs_min_49801052853ad1235b09865bb69bab38.js%253A2%253A29083%250A%2520%2520%2520%2520at%2520u%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fcjs_min_49801052853ad1235b09865bb69bab38.js%253A2%253A33459)%250A%2520%2520%2520%2520at%2520v._invoke%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fcjs_min_49801052853ad1235b09865bb69bab38.js%253A2%253A33254)%250A%2520%2520%2520%2520at%2520D.forEach.t.%253Ccomputed%253E%2520%255Bas%2520next%255D%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fcjs_min_49801052853ad1235b09865bb69bab38.js%253A2%253A33882)%250A%2520%2520%2520%2520at%2520r%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fcjs_min_49801052853ad1235b09865bb69bab38.js%253A2%253A5031)%250A%2520%2520%2520%2520at%2520c%2520(https%253A%252F%252Fassets.bounceexchange.com%252Fassets%252Fsmart-tag%252Fversioned%252Fcjs_min_49801052853ad1235b09865bb69bab38.js%253A2%253A5242)&cookieID=&deviceID=&BXWID=4142&warpspeed=2%5EHIykD&loadID=&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 08:57:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 inbox_6424cb18bd68fadd3f1395637e663bb8.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 73 KB
19 KB 15ms
14ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox_6424cb18bd68fadd3f1395637e663bb8.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 78d566d84342550fc2075fb4016094a423cb9b717d481ee34fc634c079ceff0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 01:13:40 GMT
content-encoding: br
age: 978230
x-guploader-uploadid: ADPycdsv1HuBpKCE1Si2KIsELpryqodEpXmiDCR0G-GCAEOIwzMy6nqS6EnJ36XI3Jekq6sqkAik2E5m5vl4fwHU1hXioD2Q7SKI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19183
last-modified: Mon, 23 Jan 2023 14:57:55 GMT
server: UploadServer
etag: "28a270a5e8e0b25e86a05cb43a8e0359"
x-goog-generation: 1674485875819705
x-goog-hash: crc32c=FvXyjQ==, md5=KKJwpejgsl6GoFy0Oo4DWQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19183
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 25 Jan 2024 01:13:40 GMT

GET
H2 200 sms_2579b6aa71148c3eb940153c85a653a0.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 39 KB
11 KB 16ms
15ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/sms_2579b6aa71148c3eb940153c85a653a0.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dfefa61fe882292c7c193f4ece20008118662c4e11e8be644ccf5f308cccebee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:45:26 GMT
content-encoding: br
age: 223924
x-guploader-uploadid: ADPycdviWJ8AivoaZfCU_5pffKkJaeMCHLjSYpbtGXDow25uFISImGj8IxystKzae4Ay97MDxzIX6eUwkxATWBJM0rvCzw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11092
last-modified: Tue, 31 Jan 2023 15:03:52 GMT
server: UploadServer
etag: "a6c55fdf06b50974dfa5433b6176c2dc"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=I6kX8Q==, md5=psVf3wa1CXTfpUM7YXbC3A==
x-goog-generation: 1675177432193860
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 11092
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 02 Feb 2024 18:45:26 GMT

GET
H2 200 onsite_8ae76e7011e535c7fe621711e8067004.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 162 KB
35 KB 16ms
16ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_8ae76e7011e535c7fe621711e8067004.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 04f4aa77e8c73e766cb84241a9e0db549e1188fd3b162c12c37b0f4fb05bf1aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:32:30 GMT
content-encoding: br
age: 221100
x-guploader-uploadid: ADPycdtsn1txNW4Uy8v5v-ler3QIW_Wi39SJjv9id3uOzMoLNSlcreQu2Zhm1k7_zOTr1MEc6BImlxU2vbwJyoaE-01vhgT9JtWl
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35102
last-modified: Thu, 02 Feb 2023 19:32:23 GMT
server: UploadServer
etag: "be493fed22f76a2283b0c739444026a5"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=zNaSQQ==, md5=vkk/7SL3aiKDsMc5REAmpQ==
x-goog-generation: 1675366343128848
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 35102
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 02 Feb 2024 19:32:30 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 6D03 0
52 B 15ms
14ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.elfcosmetics.com
Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 08:57:30 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 12ms
12ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/skin-care/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 08:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2560
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 05 Feb 2023 10:14:50 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
12ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:52:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50708
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpx
async-px.dynamicyield.com/ 0
0 101ms
101ms Fetch 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/dpx?cnst=1&_=809165&name=PLP_Visit&props=%7B%7D&uid=-7070651172777922695&sec=8772046&cl=dk.w.c.ws.&ses=3bfeda086d7a993cfa0e5705c52b7bd2&l=def&p=1&sd=&rf=&trf=0&aud=1092373.1167412.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%22-2690191492598344256%22%2C%222%22%2C%223%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%22-2690191491037306117%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%22-2690191492509078144%22%2C%221%22%2Cnull%5D%2C%5B%221261284%22%2C%2211209913%22%2C%2227119924%22%2C0%2Cnull%2Cnull%2C%22-2690191491134919555%22%2C%221%22%2Cnull%5D%2C%5B%221319536%22%2C%2211449246%22%2C%2227343816%22%2C0%2Cnull%2Cnull%2C%22-2690191491143326524%22%2C%221%22%2Cnull%5D%2C%5B%221353627%22%2C%2211652521%22%2C%2227486467%22%2C0%2Cnull%2Cnull%2C%22-2690191489619760684%22%2C%221%22%2Cnull%5D%2C%5B%221077848%22%2C%229970747%22%2C%2225862342%22%2C0%2Cnull%2Cnull%2C%22-2690191489678258345%22%2C%221%22%2Cnull%5D%2C%5B%221267591%22%2C%2211602858%22%2C%2227287619%22%2C0%2Cnull%2Cnull%2C%22-2690191490088224010%22%2C%221%22%2Cnull%5D%2C%5B%22787996%22%2C%227471637%22%2C%2220117327%22%2C0%2Cnull%2Cnull%2C%22-2690191492531281797%22%2C%221%22%2Cnull%5D%5D&expSes=25136&tsrc=Direct&reqts=1675587453902&rri=3608730&geoData=DE_NI_Langen
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:33 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: 4oijYRdJiCvH41f2JawBjHrAHR_e3aTjcUHwa_0XtYTQYEAlBYHvcA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 102ms
102ms Fetch 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=137591&uid=-7070651172777922695&sec=8772046&t=ri&e=787996&p=1&ve=7471637&va=%5B20117327%5D&ses=3bfeda086d7a993cfa0e5705c52b7bd2&expSes=25136&aud=1092373.1167412.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.1766794.799438.799440&expVisitId=-2690191492531281797&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1675587453907&rri=3416383
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:33 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: AXNUW2_isH_BCJr6G48i8KvDlsBoDF_tw9Hgsz5TXSQVbpdIDfgS2g==
expires: 0

POST
H2 200 batch
async-px.dynamicyield.com/ 0
384 B 107ms
107ms Ping
text/plain 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1675587453979_288580
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.156.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-22.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 08:57:34 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: UyW7OJx1B8HDVPH-3mKoV5xz6Dk9IvWGHt32uyfDzjvRdB_0EjTvog==
expires: 0

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.currency Value: USD
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: OYkBT_wHCKo0lwJ7r5cz0y0VgvmSQn7pApo
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.InternationalUser Value:
www.elfcosmetics.com/	1970-01-20 13:45:39	Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92 Value: abX7YVsWcVtkqiHzc6toaBASs4
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.location Value: US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: currentLocale Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.sessionid Value: abX7YVsWcVtkqiHzc6toaBASs4
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.LanguageIsoCode Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: 5F8Hp_TIsDqPhPM518OjbvDDhBGajcZ5uYmSzMXK4L8lWhIAryGsDNzIooC6xWOCxivkX1zfeENTbKfMkxzrZw==
.elfcosmetics.com/	1970-01-20 09:26:29	Name: _dyjsession Value: ru8hlfuwy0bdwzjpidupv9g57fysidqf
.elfcosmetics.com/	1969-12-31 23:59:59	Name: dy_fs_page Value: www.elfcosmetics.com%2Fskin-care
.elfcosmetics.com/	1970-01-20 09:26:29	Name: _dy_csc_ses Value: ru8hlfuwy0bdwzjpidupv9g57fysidqf
.elfcosmetics.com/	1970-01-20 10:09:39	Name: _dy_c_exps Value:
.dynamicyield.com/	1970-01-20 18:12:03	Name: DYID Value: -7070651172777922695
.elfcosmetics.com/	1970-01-20 18:12:03	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Feb+05+2023+08%3A57%3A29+GMT%2B0000+(GMT)&version=202211.2.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2Fskin-care%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2CSTACK42%3A0
.elfcosmetics.com/	1970-01-20 10:09:39	Name: _dycnst Value: dg
.elfcosmetics.com/	1970-01-20 10:09:39	Name: _dyid Value: -7070651172777922695
.elfcosmetics.com/	1969-12-31 23:59:59	Name: _dyfs Value: 1675587449286
.elfcosmetics.com/	1970-01-20 10:09:39	Name: _dycst Value: dk.w.c.ws.
.elfcosmetics.com/	1970-01-20 10:09:39	Name: _dy_geo Value: DE.EU.DE_NI.DE_NI_Langen
.elfcosmetics.com/	1970-01-20 10:09:39	Name: _dy_df_geo Value: Germany..Langen
.elfcosmetics.com/	1970-01-20 10:09:39	Name: _dy_toffset Value: 0
.elfcosmetics.com/	1970-01-20 09:26:29	Name: _cs_mk_ga Value: 0.1956003783096505_1675587449362
imgs.signifyd.com/	1970-01-20 19:02:27	Name: thx_guid Value: 3483958542b4c60aa70d707b2458c2d5
www.elfcosmetics.com/	1970-01-20 18:12:03	Name: __pdst Value: c47fa2030c844d51b966aad5d46dfaa5
.elfcosmetics.com/	1970-01-20 18:12:03	Name: hero-session-efcf9631-4c6b-4874-9f76-51f71464249a Value: author=client&expires=1707123449667&visitor=f9f8c2ed-d5ae-4e56-8912-88b983402939
.elfcosmetics.com/	1970-01-20 11:36:03	Name: _fbp Value: fb.1.1675587449975.2065683646
.elfcosmetics.com/	1970-01-20 18:12:03	Name: crl8.fpcuid Value: 9f10488f-8741-41c4-88f8-436de7eabfa8
www.elfcosmetics.com/	1970-01-20 18:12:24	Name: _dyid_server Value: -7070651172777922695
.elfcosmetics.com/	1970-01-20 09:26:29	Name: bounceClientVisit4142v Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0ApmAGYDGA9igLYUICWtKZDTRKA1mwB2AWloBDAE4UiIADQhJMECAC+QA
elfcosmetics.my.salesforce-sites.com/	1970-01-20 18:12:03	Name: BrowserId_sec Value: IBeCXqUzEe2aak0Py9CGzA
.elfcosmetics.com/	1970-01-20 18:12:03	Name: _dy_soct Value: 548957.1058632.1675587448574805.1108960.1675587448.ru8hlfuwy0bdwzjpidupv9g57fysidqf647796.1248068.1675587448.ru8hlfuwy0bdwzjpidupv9g57fysidqf681571.1306531.1675587448.ru8hlfuwy0bdwzjpidupv9g57fysidqf388568.656354.1675587448551945.1064733.1675587449437630.773707.1675587453

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
ade.googlesyndication.com
api.usehero.com
assets.bounceexchange.com
async-px.dynamicyield.com
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.acsbapp.com
cdn.cookielaw.org
cdn.cquotient.com
cdn.dynamicyield.com
cdn.jsdelivr.net
cdn.pdst.fm
cdn.usehero.com
cdnjs.cloudflare.com
connect.facebook.net
e.cdnwidget.com
edge.curalate.com
elfco11111.pcapredict.com
elfcosmetics.my.salesforce-sites.com
elfcosmetics.secure.force.com
external-api.jebbit.com
fonts.googleapis.com
geolocation.onetrust.com
h.online-metrix.net
imgs.signifyd.com
js.jebbit.com
pagead2.googlesyndication.com
plugins-media.perfectcorp.com
px.dynamicyield.com
qoe-1.yottaa.net
region1.google-analytics.com
st.dynamicyield.com
t.custora.com
tag.wknd.ai
track.custora.com
us-central1-adaptive-growth.cloudfunctions.net
w2txo5aarsrc7wgdy3dnhtm5krmv3khpbh4m3aru949ac14405448909am1.e.aa.online-metrix.net
web1.acsbapp.com
www.elfcosmetics.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.110.58.157
13.110.60.156
13.224.189.128
13.224.189.32
13.32.121.60
138.128.247.123
140.174.14.76
142.251.208.98
151.101.2.133
165.254.56.77
18.66.138.159
2001:4860:4802:32::178
2001:4860:4802:34::36
2001:4860:4802:36::36
2600:9000:2104:8400:a:7914:b00:93a1
2600:9000:21c7:be00:13:d6f4:3240:93a1
2600:9000:21f3:5a00:a:b89d:a6c0:93a1
2600:9000:21f3:7a00:1b:50c2:4000:93a1
2600:9000:2304:1e00:15:ad21:c740:93a1
2606:4700:10::6816:cc
2606:4700:10::ac43:b9b
2606:4700::6810:5614
2606:4700::6810:9540
2606:4700::6811:180e
2606:4700::6812:1ad3
2606:4700::6812:1b55
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:400d:802::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.102.193.48
34.117.233.127
34.120.253.250
34.206.197.18
34.98.72.95
35.244.142.80
52.209.148.203
54.164.85.149
91.235.132.130
91.235.133.113
91.235.134.131
99.86.4.22
020da0825330e19eef417005d005ad730b7c875200d5f16057bcd32230f30b84
0232c842afa32c041223fc8ef697660bae9caeac0a4ea9d596d421cd5a7e46ca
0370180367dcefc047e253451bca36b21d15c3614bfdbcea0ef226f12a006bdc
04f4aa77e8c73e766cb84241a9e0db549e1188fd3b162c12c37b0f4fb05bf1aa
052ed97f4837611b6e71f66a72d68eb7679a2afcaf4cdee753dd1fcfaf4e2180
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05afd7115e1e4e6835deb4080f8b300a058786683a9ef7ec2af25e4038885905
09997b6cba6fd1ffb6aaf43c2900c4f5d3bc291913be9105eb91e8a4a1277d71
113eb0ccd10bc7efb5f02bc69f1ec44f685c82a69691cc6d5075a08513963b49
12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3
142dbca8a2feffa53e0ef3c28709f1b373db78da8620506161eba84448fc31b6
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1e20ee57257b36b58cc2b3bed635a3a921cb2e9de07a55319bb38040f72076ea
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
2015321c2021a00f0ee429128025769db5a2f4126ed2df80e6d1652631babeb4
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
282941064f69458a172fd4afde71d175e6052eef6a63affe4c2bd3e924a26712
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6fdfe0de25d903ebf13597e3ac3615fb3c50df486cdf1da967650fcabae659
2f15c02b4eef658e3ad476fcef05fdcdfcf05bb8e8b4133fa87fd13391083cae
2f8c6032340e6a0f2e86510435fb617e0a60939510c1ebe90e89807a2973ee69
31174440338ecbade8a0ae13af4dca0801ed29e5a9e0b4ec8d74e8e0572b03c1
312e12643c29fd6e4995d56d0da28f8e031184a16a8bc9fc9318518cdf20e877
3b10a95eb8a746e01643c70f2c83d54c9f9a868668bf4deaf786640a7e35957e
3bccd772536b4a6046bd6f304976ae19212ade727ad80db4d77429811d9a0be1
3cce4b0378624286a621141992dd28ad77229e3103d84ee17b772f89c7945b5e
3cf5ecbc6fdf0be77cf51c616aab7400551c43efeff3ada55df9a2ae34873ca6
400efdf33f8a4a3eaa2b9f6bd5134f1f2920dd0d2c9f9199c27087550e89876b
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4a609c6dfff57a1865067c376468a736ee9f8d0578ef52c3063738c8c30986c9
4ca69954ce4d8e083e5abbc5173a25bdb7bf9b46adeb0259442b9c8103855815
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60840bb96e068bb96036e1332f5b4ff0f16cb29a6ecfbdfc9b018613257100dd
6176ab5474618b01560e91abd7c354b6116cf9de79963c6c9860e89a2459f7cf
63b23bb7eeba804d6fd7e301dafcf863a7a00811834c72faa92e18f45b7c83d3
6781ccc10328f5a3633dfdb3f05a91850a82ce7cd04fbc4b83ab7d544cc7ea0b
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a637bc02ad11ec8b8b4c580abf278ec0333bd5f8f5bce0f03332f2a942d471f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c001a720eae05d8d2d5a92802da26190532eafe73006c206bc88c99dd885ae4
6c94b4779bff56e7086c76e350336d941709016205282c9271a887f1547f717c
706e10506d3b98ef2d9ea478eebba4e0b39e8998f0304c1847c32309700ef840
71c9ebb95f4f4f1d2aab2506e72a2d3bffb77b4bfb37d01d1bfbf127896d460b
72a38e6a2701418467ff27a861175848b76f35ec595826243c2b117ab41eda84
733b963758ecbfdcb18b7b5cd660d6edac3119d35b020183309d3abe1e800f64
7704375b3e9267d0f55e59bb604f42daa4e367d2e08cdf531c95f79c9a11f9b5
78d566d84342550fc2075fb4016094a423cb9b717d481ee34fc634c079ceff0a
7996dbaba58104d247df22c8a586b2f82bada5ab3ba2c052e5cd06782849be7f
7eb19f86c6d5d6ec3a08289ba115cc4493a9c9528c0f16bed609aa3c7ea5fa5b
7f8c28bf98680bb13b1e6d33e54d8ea946b0858fb06244acc56d3cd20d8df91e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff
8626dc28786a01e7644621da2607f06200c86e66772536108d38644122719621
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8c1c5f9c8a912bc93249e8db2db25bb493f6e33f034899807f4032cf365b7111
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
96a3358dcb988a6b2d0d6f409533b6e242b79f248d58bb9731860246481eb585
9921de3508095a5524f6f35a0fa6d22077ed495adc9d58605ce53c8e0b89c4f6
99300e0d5861d8a16e61d4d04aac369b990bd3d1b501860d105eae4bbc3237d5
9c74f254c6706f1b11f2d701bbc57dad1913884b1e64020bb1971368784840d2
a1365c6a538bc58872fc90f6e55cd557e3557a2768c41176e21613603fdc3bf0
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a43d16995a1116f83c7704b3c1acdae8672693ae7d259a57f3634b6ad6a956b7
a687ab1a8045dcd662c262daace7e26921853deb833a1c692db5164604a0ee74
a6bd5c18a0b5f22943755b582e4563fc2eefb3ac72edf205d70223f10c42db60
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
acb3511f732562de4549b37fe6f6a43a7cd624c8e7dc81fabe5fa05d43ded188
b03996886ae95a6da3568e5c4428eb578e7d6b81c5ab38086d29375f8033d251
b5422955f82dc8678935d157a1f5c59c97c33c6881b5d02b2175ff923b496e54
b5fb3ebbf40563c91f4e8565aa6257ed735ca0a075f0f78b18bddda655cc8434
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c2abaf9fe429b9b5dac859adc5fdf859deb773812ecfb610d8270f3e51e69295
c66960fd249e74cd61ae9b9ed92f21e038feb67be2f7c4c9ced6f00cfb193bf5
c6d3c52f48a05a46ca5afc4012cf410574e50142685d46524eab322fcb9ec10c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cd5ae643e89170860b9bca1805cb663625a9006ecfcdf8749d3ee7d498d40629
cd8674529ba24417006d03d19ee1825d391b49c092b515e4a68ebc887738a66d
cf310e0e80dab6dd13b7aca4cae9eac4a496aebdbb8fdea5e3899dd9d2d6cb28
d6e1f05e590ddd81cdedefacedca609d2560b65de9fe51a4e030051275671e14
da82efb118fda9e35bc261a8bf56b59345bfb6401fb41b932db66717db106532
dce1686ab8414249a2135c0d765b4694cc13a0942c338dc426935e96a47e7692
df127feca5eb1a5be2aca5f6099cf60bc7417ca1fddf3613aa46aef769062877
dfefa61fe882292c7c193f4ece20008118662c4e11e8be644ccf5f308cccebee
e03d61d6826e0ed8714a2d09d8398bb4e56c0a3ebf8dfdd668c9972aa7f75671
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a8112252b50b4b89f7b39ecd63b218133284fcd7e1e5bef85baf3bc80220d8
e9320fb9cf32f0763c597acec29a63ffb220d538acd75e75b47e2029258c4471
ec668bf5aba2c026c628a4217bf81e63c567128678f405dc2f0eb3b1bf21462e
eded00575f65de726a63f811022d119ed582721233e74343735cad53930c2a76
ee8b10bbec64d87e5618ac55ab296928dde4b6ea4d657fb2e477103dd7762379
ef01c7ec294cd078695a8594328731d6b2c20661f29c58a21d333acb4207ab8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4a0a386be0745346bdbbb04735249591dcc13e2d36a444f2ff08f70b236868
f36c44bc84b94a5ae0dd5fe6fc014df9fa5ad4c0e4ce2ef8d818f18853ab9b4c
f661fda8a4434526ffc0d69153d9aa81dd2d0f28241ca9814e41bc9cd4c692c0
f9ffe1174d267725dc5c46203d0795ec0c2e489e270a8368b73303bb894e7a41
fa85b802ec0dc2fbf7655b1b6a4e41f47dbc5d4774653a00ba258bf24954481e
fe5e3530722e6ca252ee9aa538d556708be0b522f6501143d7db16da9ac5b920

www.elfcosmetics.com Open in urlscan Pro 165.254.56.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

144 Requests

96 %HTTPS

47 %IPv6

30 Domains

43 Subdomains

43 IPs

3 Countries

3128 kBTransfer

9972 kBSize

34 Cookies

17 Outgoing links

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.elfcosmetics.com Open in urlscan Pro
165.254.56.77 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

96 %
HTTPS

47 %
IPv6

30
Domains

43
Subdomains

43
IPs

3
Countries

3128 kB
Transfer

9972 kB
Size

34
Cookies

144 HTTP transactions
4 data transactions