www.elfcosmetics.com Open in urlscan Pro
140.174.14.97 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.elfcosmetics.com/mobile-app.html
Effective URL:
https://www.elfcosmetics.com/mobile-app
Submission: On May 06 via manual (May 6th 2024, 11:42:43 pm UTC) from IN — Scanned from DE

Summary HTTP 168 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 60 IPs in 5 countries across 44 domains to perform 168 HTTP transactions. The main IP is 140.174.14.97, located in Frankfurt am Main, Germany and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 80089.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.

This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 16	140.174.14.97 140.174.14.97	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
3	2606:4700:440... 2606:4700:4400::ac40:9ba6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
10	2606:4700:440... 2606:4700:4400::6812:2a49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
5	2606:4700:440... 2606:4700:4400::6812:25a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:275... 2600:9000:275d:1800:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.26.12.205 104.26.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:b200:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
6	18.172.112.91 18.172.112.91	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:1400:11:85b0:d600:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	204.2.49.55 204.2.49.55	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	23.42.12.106 23.42.12.106	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:480... 2a02:26f0:480:33::212:40ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.244.18.115 18.244.18.115	16509 (AMAZON-02) (AMAZON-02)
2	54.220.205.15 54.220.205.15	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:276... 2600:9000:2761:e00:13:d6f4:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:170... 2a02:26f0:1700:79b::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2.18.64.26 2.18.64.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:235... 2600:9000:2359:ee00:a:7914:b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	34.49.124.132 34.49.124.132	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
2 4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	54.170.22.54 54.170.22.54	16509 (AMAZON-02) (AMAZON-02)
1	3.66.24.191 3.66.24.191	16509 (AMAZON-02) (AMAZON-02)
2	54.229.140.92 54.229.140.92	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
5	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	34.149.117.55 34.149.117.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.95.120.72 34.95.120.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.239.87 34.149.239.87	15169 (GOOGLE) (GOOGLE)
1	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	34.246.105.29 34.246.105.29	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:5... 2600:1901:0:56e0::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	108.138.26.13 108.138.26.13	16509 (AMAZON-02) (AMAZON-02)
12	91.235.133.113 91.235.133.113	30286 (THM) (THM)
1	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
168	60

16 140.174.14.97 (Frankfurt am Main, Germany) 2 redirects

ASN393259 (YOTTAA-AS-1, US)

www.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:9ba6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.media.amplience.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn-fsly.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::6812:2a49 (United States)

ASN13335 (CLOUDFLARENET, US)

elfcosmetics.a.bigcontent.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-pxxt4gy2ig.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::6812:25a1 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:275d:1800:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:b200:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.172.112.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-91.fra60.r.cloudfront.net

async-px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:1400:11:85b0:d600:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.cnnx.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.2.49.55 (United States)

ASN393259 (YOTTAA-AS-1, US)

qoe-1.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.42.12.106 (Isando, South Africa)

ASN16625 (AKAMAI-AS, US)
PTR: a23-42-12-106.deploy.static.akamaitechnologies.com

static.ordergroove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:33::212:40ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-115.fra56.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.205.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-205-15.eu-west-1.compute.amazonaws.com

api.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2761:e00:13:d6f4:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:79b::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.64.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-26.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2359:ee00:a:7914:b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.49.124.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.124.49.34.bc.googleusercontent.com

sgtm.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.22.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-22-54.eu-west-1.compute.amazonaws.com

api.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.24.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-24-191.eu-central-1.compute.amazonaws.com

external-api.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.140.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-140-92.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.35 (San Francisco, United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

ut.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.117.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.117.149.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.120.72 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.120.95.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.239.87 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 87.239.149.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.105.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-105-29.eu-west-1.compute.amazonaws.com

srm.ba.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:56e0:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.26.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-13.fra56.r.cloudfront.net

cdn-scripts.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 91.235.133.113 (United States)

ASN30286 (THM, US)

imgs.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

w2txo5aacuw7nl6ak3qbkgkyq7u2af7h22mkgjtc8dddfb109aab1974am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	elfcosmetics.com 2 redirects www.elfcosmetics.com — Cisco Umbrella Rank: 80089 sgtm.elfcosmetics.com — Cisco Umbrella Rank: 175866	367 KB
14	signifyd.com cdn-scripts.signifyd.com — Cisco Umbrella Rank: 8143 imgs.signifyd.com — Cisco Umbrella Rank: 6962	69 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 312	170 KB
10	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 712	270 KB
10	dynamicyield.com cdn.dynamicyield.com — Cisco Umbrella Rank: 8814 st.dynamicyield.com — Cisco Umbrella Rank: 8494 async-px.dynamicyield.com — Cisco Umbrella Rank: 8693	246 KB
10	bigcontent.io elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 152476	104 KB
9	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2384 api.bounceexchange.com — Cisco Umbrella Rank: 2673	166 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 902	5 KB
5	paypal.com www.paypal.com — Cisco Umbrella Rank: 2954 t.paypal.com — Cisco Umbrella Rank: 3518	123 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	487 KB
5	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 2594	1004 B
4	googlesyndication.com 2 redirects ade.googlesyndication.com — Cisco Umbrella Rank: 317	1 KB
4	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3447 c.contentsquare.net — Cisco Umbrella Rank: 4542 srm.ba.contentsquare.net — Cisco Umbrella Rank: 17473	72 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2533	21 KB
4	px-cloud.net collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 212179	2 KB
4	yottaa.net cdn-fsly.yottaa.net — Cisco Umbrella Rank: 25251 Failed qoe-1.yottaa.net — Cisco Umbrella Rank: 10654	1 MB
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 5153 page.cdnbasket.net — Cisco Umbrella Rank: 5166 view.cdnbasket.net — Cisco Umbrella Rank: 5161	1014 B
3	jebbit.com js.jebbit.com — Cisco Umbrella Rank: 37156 external-api.jebbit.com — Cisco Umbrella Rank: 37043	61 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 345	14 KB
3	amplience.net cdn.media.amplience.net — Cisco Umbrella Rank: 14154	536 KB
2	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 2560 w2txo5aacuw7nl6ak3qbkgkyq7u2af7h22mkgjtc8dddfb109aab1974am1.e.aa.online-metrix.net	438 B
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 3992 e.cdnwidget.com — Cisco Umbrella Rank: 15436	335 B
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2599	16 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1160	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	73 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 911	22 KB
2	usehero.com cdn.usehero.com — Cisco Umbrella Rank: 63708 api.usehero.com — Cisco Umbrella Rank: 59256	29 KB
2	cquotient.com api.cquotient.com — Cisco Umbrella Rank: 42720	517 B
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 482	2 KB
2	ipify.org api.ipify.org — Cisco Umbrella Rank: 2924	229 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 456	98 B
1	linksynergy.com ut.rd.linksynergy.com — Cisco Umbrella Rank: 8843	414 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	274 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1376	637 B
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4545	6 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4578	12 KB
1	ordergroove.com static.ordergroove.com — Cisco Umbrella Rank: 29952	43 KB
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 7849	15 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 691	149 B
1	cnnx.link js.cnnx.link — Cisco Umbrella Rank: 9324	1 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	65 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	24 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 533	295 B
0	pointmediatracker.com Failed pixel.pointmediatracker.com Failed
168	44

	Domain	Requested by
16	www.elfcosmetics.com	2 redirects www.elfcosmetics.com cdn-fsly.yottaa.net analytics.tiktok.com
12	imgs.signifyd.com	www.elfcosmetics.com imgs.signifyd.com
12	cdn.cookielaw.org	cdn-fsly.yottaa.net cdn.cookielaw.org www.elfcosmetics.com
10	analytics.tiktok.com	www.elfcosmetics.com analytics.tiktok.com
10	elfcosmetics.a.bigcontent.io	www.elfcosmetics.com
8	assets.bounceexchange.com	www.elfcosmetics.com
6	ct.pinterest.com	s.pinimg.com www.elfcosmetics.com
6	async-px.dynamicyield.com	cdn.dynamicyield.com
5	www.googletagmanager.com	www.elfcosmetics.com
5	sdk.iad-05.braze.com	cdn-fsly.yottaa.net
4	ade.googlesyndication.com	2 redirects
4	sgtm.elfcosmetics.com	www.googletagmanager.com analytics.tiktok.com
4	collector-pxxt4gy2ig.px-cloud.net	www.elfcosmetics.com
3	bat.bing.com	www.elfcosmetics.com
3	www.paypal.com	www.elfcosmetics.com www.paypal.com
3	www.google-analytics.com	www.elfcosmetics.com www.google-analytics.com
3	cdn.dynamicyield.com	www.elfcosmetics.com
3	cdn.media.amplience.net	www.elfcosmetics.com
3	cdn-fsly.yottaa.net	www.elfcosmetics.com
2	cdn-scripts.signifyd.com	www.elfcosmetics.com
2	www.paypalobjects.com	www.elfcosmetics.com
2	t.paypal.com
2	c.contentsquare.net
2	js.jebbit.com	www.elfcosmetics.com
2	www.redditstatic.com	www.elfcosmetics.com www.redditstatic.com
2	connect.facebook.net	www.elfcosmetics.com
2	s.pinimg.com	www.elfcosmetics.com
2	api.cquotient.com	cdn-fsly.yottaa.net
2	secure.adnxs.com	1 redirects
2	api.ipify.org	cdn-fsly.yottaa.net
1	w2txo5aacuw7nl6ak3qbkgkyq7u2af7h22mkgjtc8dddfb109aab1974am1.e.aa.online-metrix.net
1	h.online-metrix.net	imgs.signifyd.com
1	e.cdnwidget.com
1	api.bounceexchange.com	www.elfcosmetics.com
1	idsync.rlcdn.com
1	ids.cdnwidget.com	analytics.tiktok.com
1	srm.ba.contentsquare.net	analytics.tiktok.com
1	view.cdnbasket.net	analytics.tiktok.com
1	page.cdnbasket.net	analytics.tiktok.com
1	data.cdnbasket.net	analytics.tiktok.com
1	ut.rd.linksynergy.com	www.elfcosmetics.com
1	www.facebook.com
1	external-api.jebbit.com	js.jebbit.com
1	api.usehero.com	cdn.usehero.com
1	alb.reddit.com
1	region1.google-analytics.com	www.googletagmanager.com
1	tag.wknd.ai	www.elfcosmetics.com
1	cdn.usehero.com	www.elfcosmetics.com
1	t.contentsquare.net	www.elfcosmetics.com
1	websdk.appsflyer.com	www.elfcosmetics.com
1	static.ordergroove.com	www.elfcosmetics.com
1	tag.rmp.rakuten.com	www.elfcosmetics.com
1	qoe-1.yottaa.net	www.elfcosmetics.com
1	insight.adsrvr.org
1	js.cnnx.link	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.elfcosmetics.com
1	www.google.com	1 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	st.dynamicyield.com	www.elfcosmetics.com
0	pixel.pointmediatracker.com Failed
168	60

This site contains links to these domains. Also see Links.

Domain
cdn.dynamicyield.com
st.dynamicyield.com
rcom.dynamicyield.com
apps.apple.com
play.google.com
www.tiktok.com
www.instagram.com
www.pinterest.com
www.facebook.com
www.youtube.com
twitter.com
www.snapchat.com
www.linkedin.com
www.elfbeauty.com
elfcosmetics.onelink.me
preferences.elfcosmetics.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.elfcosmetics.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-25` - `2024-10-25`	a year	crt.sh
dm.amplience.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-20` - `2024-08-14`	a year	crt.sh
*.yottaa.net GlobalSign RSA OV SSL CA 2018	`2023-09-13` - `2024-10-14`	a year	crt.sh
*.bigcontent.io GeoTrust TLS RSA CA G1	`2024-04-02` - `2025-05-03`	a year	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-15` - `2024-09-13`	a year	crt.sh
sdk.iad-05.braze.com E1	`2024-04-19` - `2024-07-18`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.dynamicyield.com Amazon RSA 2048 M02	`2023-09-03` - `2024-10-01`	a year	crt.sh
ipify.org GTS CA 1P5	`2024-03-21` - `2024-06-19`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
js.cnnx.link Amazon RSA 2048 M02	`2023-07-11` - `2024-08-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
tag.rmp.rakuten.com GTS CA 1D4	`2024-03-31` - `2024-06-29`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
*.ordergroove.com Go Daddy Secure Certificate Authority - G2	`2023-08-04` - `2024-08-17`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
t.contentsquare.net Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
*.cquotient.com Amazon RSA 2048 M02	`2024-03-05` - `2025-04-03`	a year	crt.sh
*.usehero.com Amazon RSA 2048 M02	`2023-08-28` - `2024-09-24`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-14` - `2024-05-14`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.jebbit.com Amazon RSA 2048 M02	`2024-04-23` - `2025-05-21`	a year	crt.sh
tag.wknd.ai R3	`2024-03-19` - `2024-06-17`	3 months	crt.sh
sgtm.elfcosmetics.com GTS CA 1D4	`2024-03-17` - `2024-06-15`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
api.usehero.com Amazon RSA 2048 M03	`2024-01-06` - `2025-02-03`	a year	crt.sh
dep.ba.contentsquare.net Amazon RSA 2048 M03	`2024-02-18` - `2025-03-19`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.rd.linksynergy.com ZeroSSL RSA Domain Secure Site CA	`2024-01-23` - `2025-01-22`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2024-03-19` - `2024-06-17`	3 months	crt.sh
data.cdnbasket.net GTS CA 1D4	`2024-05-04` - `2024-08-02`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2024-03-13` - `2024-06-11`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2024-03-17` - `2024-06-15`	3 months	crt.sh
srm.ba.contentsquare.net Amazon RSA 2048 M02	`2023-11-07` - `2024-12-06`	a year	crt.sh
ids.cdnwidget.com R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.wunderkind.co R3	`2024-04-04` - `2024-07-03`	3 months	crt.sh
e.cdnwidget.com R3	`2024-05-04` - `2024-08-02`	3 months	crt.sh
cdn-scripts.signifyd.com Amazon RSA 2048 M01	`2023-07-03` - `2024-07-31`	a year	crt.sh
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2	`2023-10-20` - `2024-11-20`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-03-20` - `2024-10-21`	7 months	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-03-20` - `2024-10-21`	7 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.elfcosmetics.com/mobile-app
Frame ID: C2571880EBCD27A1543051B12D966EAD
Requests: 151 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.63.0&integrationType=SDK
Frame ID: CA153AB0036C8E19BD9CA93003ED2A93
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 676E5C7E01718D9169C9E75AD1AC6BAC
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: A892F58BFA0C17CAA351CAE5CBAFCB53
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 38DC6A3A8832BE65C6BA82D731EC5CF4
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/0ZdSesE75aiQrGBs?42a7ac11c6790e1d=6IxDxeZ-yzqxdsmdyFhX5J8UkhVoMAXezIadoTTvGpZR1HF9fSOYKkIASFu2E_8hmbzyWE3KGlsBc4Mzcutc-9aJIXt7zNiEZ9IXA3Sti3TySopDX_GUG3N1efItpBpJH_hGYtxBlKb_hOF1PuED6NwVs8VemdNRCGu25-x2c-7TrDLry2kYTE5ldPv7RJIGoFUZt2NHbGA6JGnp&jb=3d33262e62736f7d375761646e6f7d792e6a7367355d63666c65757b2f383a31392662716a7f3d4b60726f656f266279683d49627a6f6d6d2d383a393a3e
Frame ID: A42C97DE3067ECA24363D125383644E3
Requests: 10 HTTP requests in this frame

Frame: https://imgs.signifyd.com/lZisQjjHN0E8rIiw?1165311f24d4f626=LpAxzbSh78jLKNdNZWu7KkllNVALwPogiZdGPL0oV0kZMalIdn8bT7HKPWmfbcmZkEPDAMGW5hcW_WERA9prh4WBLBmYJtZk8SkUwJqTTyZ5vDrAecXSs6FyeBZoNEpbcYQQLOIJsITSeevNYsG9eqq98Fga3ZcxbaszyzvaRtydmjp9pjvhdYYx3h3SfZAzjbdfpzvv4iIeTaIeCt4
Frame ID: 62D4A03ECD1FA009DD64E893CD4158A0
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/yzV1s7t4b-7ynsKc?d738cb355a824ea0=Mw7WFTctvxn1Ff4v_P1G9KxFZfNUZiO-fSv5fxznGK5cDL5IV6xkFblpyhivu2VGUdauRhP7rRnVXtJ2NMgiOfsHYRoQdg7qZxsLz7Mnrij8b-hEfC-6XS9UudOfdRhIj1cgBb44OHYATQoQd6xFKBv1HYiHtwnDeTUNVbCaokGQt2yDoVwaK7EqCRAwJxr4jH2usJCFQdIOmpl_RyWH
Frame ID: 69EB32AF4EEA6AD03926B720ABDD54A2
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/pPJ-AxVzj_DKRPmH?65225978803bbc92=PaNQn1chDaa0BHG5MAzNhdaCug-yVkNETxFTuIQnjhIze2jNqr0VcPx36K1rkEUjj9U2heh-5r7vFiiD3C6K44VhxtqUz5hCk6LyP8qs4IJvS3rxNw3xLRbo_MpeNZxDd9_g88ef-oPUJeyb-g94HsoUtDYIhyvRmzpdGnzq-rsHL7vlAlk91JTNCHTmOh3vbr8OBKgJL6L9JB-I0yD_
Frame ID: 688573798060300D5AD4C5393FFEC954
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discover and Shop e.l.f Cosmetics Mobile App | e.l.f. Cosmetics

Page URL History Show full URLs

https://www.elfcosmetics.com/mobile-app.html HTTP 301
https://www.elfcosmetics.com/mobile-app Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Dynamic Yield (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

cdn\.dynamicyield\.\w+/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

168
Requests

95 %
HTTPS

38 %
IPv6

44
Domains

60
Subdomains

60
IPs

5
Countries

4085 kB
Transfer

13265 kB
Size

61
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://st.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://rcom.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/e-l-f-cosmetics-skincare/id1488721704

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.follow.ElfCosmetics&hl=en_US&gl=US&pli=1

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@elfyeah/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eyeslipsfacedotcom

Search URL Search Domain Scan URL

URL: https://twitter.com/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/e-l-f-beauty

Search URL Search Domain Scan URL

URL: https://www.elfbeauty.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.elfbeauty.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://elfcosmetics.onelink.me/wTtZ/AcrossSiteCosmetics

Search URL Search Domain Scan URL

URL: https://preferences.elfcosmetics.com/dont_sell
Title: Do Not Sell My Personal Info/Opt Out of Targeted Ads

Search URL Search Domain Scan URL

URL: https://preferences.elfcosmetics.com/privacy
Title: Privacy Rights Request Form

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.elfcosmetics.com/mobile-app.html HTTP 301
https://www.elfcosmetics.com/mobile-app Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=-_xY26FG6epHQ-PgAvjaTKxXg8OFElXT6yoFmoFy1mE HTTP 303
https://www.elfcosmetics.com/callback?usid=9c5d9f78-e734-449f-85fc-52377c7c3038&code=PvhWb6OsUHcAR26DUyLi7EBV-0s6kJOfG3velCadGEE

Request Chain 33

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=153471037.1715038954&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3STMXv896608294za200&auid=533735745.1715038954 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=153471037.1715038954&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3STMXv896608294za200&auid=533735745.1715038954

Request Chain 47

https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2

Request Chain 96

https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=8582826534867;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CJS-0f2Z-oUDFXRLHgIdxswBVA;type=retarget;cat=globa0;ord=8582826534867;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app

Request Chain 98

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=5314989395228;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CP3A0f2Z-oUDFYpeHgIdYIcDOw;type=elf8j0;cat=glo_flap;ord=5314989395228;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app

168 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request mobile-app Show response
www.elfcosmetics.com/
Redirect Chain

https://www.elfcosmetics.com/mobile-app.html
https://www.elfcosmetics.com/mobile-app

980 KB
244 KB

277ms
276ms

Document
text/html

140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

8e5911127b4fdaba331a6d2137a6e954d7fcf4819f83693ec847d1ff9a47f389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 11 11
alt-svc: h3=":443"; ma=86400
cache-control: public, must-revalidate, s-maxage=900
content-encoding: gzip
content-length: 249053
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 23:42:31 GMT
etag: W/"d8095-luLFGkrf+w9c5663ruZ/TX62gAM"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-apigw-id: XX2iUFDjiYcENow=
x-amz-cf-id: Yig3vlomYF78hIrVYNgKl9fzbNTdQTIV7iP79_VO9A6bW3IbnD6Q_Q==
x-amz-cf-pop: FRA56-P7
x-amzn-remapped-connection: close
x-amzn-remapped-content-length: 884885
x-amzn-remapped-date: Mon, 06 May 2024 23:42:20 GMT
x-amzn-requestid: 4d06b4f3-7eb7-40f9-b7fa-851a931c3554
x-amzn-trace-id: Root=1-66396adb-76ddc29d61419e62002e4f76;Parent=45c182e16a3f0bed;Sampled=0;lineage=2b75b0e9:0
x-cache: Hit from cloudfront
x-yottaa-metrics: 36218cae0e2a/[169,122,-] 36D18cae0e61/[-,214.840]
x-yottaa-optimizations: ob/1000000100001000 si/36D18cae0e61-1714713947-4734947372 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-yottaa-os: 200

Redirect headers

age: 34 34
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=1200
content-length: 0
content-type: application/json
date: Mon, 06 May 2024 23:42:31 GMT
location: https://www.elfcosmetics.com/mobile-app
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-apigw-id: XX2e9FuOiYcEuhg=
x-amz-cf-id: juUQYk3fpIHRZIGyn0FyYo8OEpLrPzJRDo4uESe-y0OcZssxDcZHmQ==
x-amz-cf-pop: FRA56-P7
x-amzn-requestid: 041de75b-28f5-44af-8e86-645a56c6e834
x-amzn-trace-id: Root=1-66396ac5-011ad5342024083c7ab3c686;Parent=2d83cb60c7a1332f;Sampled=0;lineage=2b75b0e9:0
x-cache: Hit from cloudfront
x-yottaa-metrics: 36218cae0e29/[122,118,-] 36D18cae0e61/[-,123.287]
x-yottaa-optimizations: ob/1000 si/36D18cae0e61-1714713947-4734947371 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-yottaa-os: 301

GET
H2 200 init.js Show response
www.elfcosmetics.com/XT4Gy2ig/ 168 KB
75 KB 77ms
77ms Script
application/javascript 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: a091b4d1d344b10a0a0810695caeef3db3cacd6fe251654316822f93b71e4ddf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/mobile-app
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:31 GMT
content-encoding: gzip
etag: "2a075-az2BhBDsWveVih/1wPbPhBrcxv0"
active-cdn: Akamai
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
cache-control: max-age=600
x-yottaa-metrics: 36D18cae0e61/[-,3.766]
x-px-hash: YzcxYjIwMjY0ZjFkNzVjMTcxM2Y1ZTdjNmZjZDI3ZjI0ZDg1MDEwZjdhMmFkOTlhNTMxZmU4OTJhYzAxNTQyZQ==
x-yottaa-optimizations: ob/0 si/36D18cae0e61-1714713947-4734947374 tts/1715038951823 ti/0 ai/5a0c9b7632f01c35d42101b2

GET /
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/ 0
0

GET
H2 200 appstore-download
cdn.media.amplience.net/i/elfcosmetics/ 9 KB
9 KB 130ms
40ms Image
image/png 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/appstore-download

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f693b12a2e04ec57e72559407892e9b8b97c5c1cea493f1ba2de148e876295c

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
cf-cache-status: HIT
age: 21578
x-amp-srv: CF
edge-cache-tag: dw1L_SO2f,l4p5bDg2e,53K1AZSVG,UyB2-aY-L
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: eYgbFdMN_f
alt-svc: h3=":443"; ma=86400
content-length: 9428
x-xss-protection: 1; mode=block
x-amp-source-height: 120
last-modified: Mon, 06 May 2024 17:42:54 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-amp-source-width: 400
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 87fcd3c9eaf21e66-FRA
x-amp-published: Fri, 21 Apr 2023 04:27:09 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin: https://www.elfcosmetics.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin: https://www.elfcosmetics.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 vendor.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/ 2 MB
620 KB 105ms
51ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2e0bde8a120edcd0e126c139ff4c62dc420e43a86bb9e22c92044fdda3fc3ef

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA56-P7
age: 441425
x-yottaa-optimizations: ob/1100 si/36118cae0e1f-1706737520-2081380544 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
x-amz-meta-deploy: 742629
content-length: 634413
x-amz-meta-bundle: 11187
x-served-by: cache-fra-etou8220052-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1715038952.013154,VS0,VE2
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 36218cae0e49/[15,-,1714597526713] 36118cae0e1f/[-,141.182]
accept-ranges: bytes
x-amz-cf-id: b4fqcR-G6p8ex-FSj94LtaeR544XEzTMSIO6NjYzJZAk2X5ekibL2Q==
x-cache-hits: 1

GET
H2 200 main.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/ 2 MB
485 KB 83ms
29ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/main.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19cc36fffa37aa68e3eeb82532cb58611a1e1191cad33bf5edf5265f5930ff28

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA56-P7
age: 441425
x-yottaa-optimizations: ob/1100 si/36118cae0e22-1706737520-1375811321 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
x-amz-meta-deploy: 742629
content-length: 495663
x-amz-meta-bundle: 11187
x-served-by: cache-fra-etou8220052-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1715038952.013238,VS0,VE2
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 36218cae0e28/[14,-,1714597526528] 36118cae0e22/[-,105.504]
accept-ranges: bytes
x-amz-cf-id: cLdcp6JkgCvRGWv_EY6avXMwedBwv2v0AYpgOTnHUtp_ewnIlghObw==
x-cache-hits: 1

GET
H2 200 pages-product-list-product-list-page.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/ 42 KB
12 KB 79ms
25ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/pages-product-list-product-list-page.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2461f7629a9751a8ce13d4fa6465bd4dade527356dedaa1e07be6712694ec4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA56-P7
age: 441425
x-yottaa-optimizations: ob/1000 si/36118cae0e23-1706737520-706389071 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
x-amz-meta-deploy: 742629
content-length: 11877
x-amz-meta-bundle: 11187
x-served-by: cache-fra-etou8220052-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1715038952.013144,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 36218cae0e29/[115,113,-] 36118cae0e23/[-,118.046]
accept-ranges: bytes
x-amz-cf-id: W2RtTC11uIfdSWfmztocOQ0jYkXg1Qxtya51VBiVmTN7VsW2SKJdlg==
x-cache-hits: 1

GET
H2 200 playstore-download
cdn.media.amplience.net/i/elfcosmetics/ 13 KB
13 KB 68ms
39ms Image
image/png 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/playstore-download

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f86dbd47b7ff697f2b12968f6078e3634d24e1dbaa9f00ef562d278ad3cecd9

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
cf-cache-status: HIT
age: 21578
x-amp-srv: CF
edge-cache-tag: f-L-yOahg,l4p5bDg2e,2E3uDsGbL,UyB2-aY-L
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: vWiWknP3FL
alt-svc: h3=":443"; ma=86400
content-length: 13126
x-xss-protection: 1; mode=block
x-amp-source-height: 118
last-modified: Mon, 06 May 2024 17:42:54 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-amp-source-width: 400
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 87fcd3c9eaf51e66-FRA
x-amp-published: Fri, 21 Apr 2023 04:27:09 GMT

GET
H3 200 App_LP
elfcosmetics.a.bigcontent.io/v1/static/ 83 KB
84 KB 123ms
46ms Image
image/png 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/App_LP
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 615b75eddd683d2f18d95bda10b7e11d753c8b4bd95c8c14ae962ac96b867176

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
x-amz-version-id: null
cf-cache-status: HIT
age: 21578
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
content-length: 85236
last-modified: Mon, 06 May 2024 17:42:54 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 87fcd3ca3b0c9f2e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 short_arrow__1
elfcosmetics.a.bigcontent.io/v1/static/ 669 B
793 B 117ms
40ms Image
image/svg+xml 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/short_arrow__1
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 679e27a0c158ab0c2f595544d2852b2e1f1613fa1a065a2440b4bb7af23dc550

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
age: 21578
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 May 2024 17:42:54 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
cf-ray: 87fcd3ca3b089f2e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 IPHONE
cdn.media.amplience.net/i/elfcosmetics/ 513 KB
513 KB 68ms
40ms Image
image/png 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/IPHONE

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a90f3b36f2455fc6c76f9ad777671954126bdc45618423a01cfcf0cbfa49f21

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
cf-cache-status: HIT
age: 44560
x-amp-srv: CF
edge-cache-tag: AcwBHVxLK,l4p5bDg2e,NWi2ErC3B,UyB2-aY-L
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: 8Tdq4c2ow2
alt-svc: h3=":443"; ma=86400
content-length: 524927
x-xss-protection: 1; mode=block
x-amp-source-height: 886
last-modified: Mon, 06 May 2024 11:19:52 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-amp-source-width: 1410
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 87fcd3c9eaf61e66-FRA
x-amp-published: Fri, 21 Apr 2023 04:27:10 GMT

GET
H3 200 ACCESS_BS
elfcosmetics.a.bigcontent.io/v1/static/ 3 KB
1 KB 118ms
41ms Image
image/svg+xml 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/ACCESS_BS
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e00349ed94a2184d48889d637ad456366dbec2cbe67ffc211c8c21362cb46c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
age: 21578
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 May 2024 17:42:54 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
cf-ray: 87fcd3ca3b079f2e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 BUILD_WISH_LIST
elfcosmetics.a.bigcontent.io/v1/static/ 3 KB
2 KB 118ms
42ms Image
image/svg+xml 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/BUILD_WISH_LIST
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b56d2710f8114b062edd4b006df9739f523f14679b9fc7573259ed51d37ab45

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
age: 21578
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 May 2024 17:42:54 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
cf-ray: 87fcd3ca3b099f2e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 SCAN_RECEIPTS
elfcosmetics.a.bigcontent.io/v1/static/ 4 KB
2 KB 51ms
42ms Image
image/svg+xml 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/SCAN_RECEIPTS
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e54a8aca75cb5e527ffd22195b818f3ff4e7239a6dd8425f979e3180419abee5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
age: 21578
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 May 2024 17:42:54 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
cf-ray: 87fcd3ca3b0d9f2e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 VIRTUAL_TRY_ON
elfcosmetics.a.bigcontent.io/v1/static/ 7 KB
3 KB 53ms
44ms Image
image/svg+xml 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/VIRTUAL_TRY_ON
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9261c8148010a9582d8588220092d7759a8df8a77ccac58da63e9738486e8e7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
age: 21578
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 May 2024 17:42:54 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
cf-ray: 87fcd3ca3b0e9f2e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 BeautySquad_Logo-White
elfcosmetics.a.bigcontent.io/v1/static/ 7 KB
3 KB 73ms
72ms Image
image/svg+xml 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/BeautySquad_Logo-White
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9d4a41d3dcdef29d6b3888d8d5b9ab3fbcc673d4a120f0957221ebda7a40d3e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
age: 21578
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 May 2024 17:42:54 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
cf-ray: 87fcd3ca7b5c9f2e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 540 B
796 B 120ms
58ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: b0cd5d876887ae66f85a55a554d689ac330a2216586eaaf7a06dc766c08ea1e4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 May 2024 23:42:31 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 540

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 258ms
193ms Preflight 2606:4700:4400::6812:25a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 87fcd3d28edcbc03-FRA
content-encoding: gzip
date: Mon, 06 May 2024 23:42:33 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 92ms
35ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/main.js?yocs=1u_1y_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cfMMgqnnnYda745QhUdJrw==
age: 10984
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Mon, 06 May 2024 02:33:28 GMT
server: cloudflare
etag: 0x8DC6D74E9990068
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4232d336-901e-004a-3ecf-9f710e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87fcd3d188029bbc-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 491 KB
132 KB 128ms
64ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f85d2907085ad171fdb6d83384cf325aefed448be3dff94ab33f672459ffbfd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134429
x-xss-protection: 0
last-modified: Mon, 06 May 2024 22:31:06 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 May 2024 23:42:33 GMT

GET
H2 200 api_dynamic.js Show response
cdn.dynamicyield.com/api/8772046/ 501 KB
55 KB 161ms
78ms Script
application/javascript 2600:9000:275d:1800:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:1800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 48dd2343ac3ef3252a4ad22a98c496fc9f700e0b9c473de1e1e54e12a5518771

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:27 GMT
content-encoding: gzip
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2024 04:52:23 GMT
server: DYCDN
age: 12
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
etag: W/"ac17f5d871f587d81803cecaaff723c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=30
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: Bp9Zk5FMXZI-OAvmTudUs6mJXGJOP995KyiABZUyFezg7WwcxFpC9A==

GET
H2 200 api_static.js Show response
cdn.dynamicyield.com/api/8772046/ 388 KB
114 KB 111ms
29ms Script
application/javascript 2600:9000:275d:1800:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:1800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:05:50 GMT
content-encoding: gzip
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2024 04:52:24 GMT
server: DYCDN
age: 2204
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
etag: W/"64e0187feba0c97d38f8aabb6e6d66cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: Tb-ErleSasCFaM6tBbz42fGtJdvUu6mOtUdtu9hMtr9WE2ANTfyTpw==

GET
H2 200 / Show response
api.ipify.org/ 22 B
155 B 262ms
187ms XHR
application/json 104.26.12.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10c17d161ecec1d83304e8b6541dd9acaf374c7fb2c99f75262d4f5b84fe25d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
cf-ray: 87fcd3d1df1c9bd7-FRA
content-length: 22

GET
H2 200 / Show response
api.ipify.org/ 22 B
74 B 446ms
183ms XHR
application/json 104.26.12.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10c17d161ecec1d83304e8b6541dd9acaf374c7fb2c99f75262d4f5b84fe25d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
cf-ray: 87fcd3d2ffdd9bd7-FRA
content-length: 22

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 399 B
576 B 344ms
344ms XHR
application/json 2606:4700:4400::6812:25a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18280f9cb145047846d89977448ecfa5a2e1a4a4d168739fb9429da03fce9fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/json
Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 6afdc39e-29a1-4cdc-b2f2-13d622bc3e47
x-runtime: 0.162847
server: cloudflare
etag: W/"18280f9cb145047846d89977448ecfa5"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1715038956
access-control-max-age: 7200
x-ratelimit-limit: 500.0
cf-ray: 87fcd3d3bf9bbc03-FRA
x-ratelimit-remaining: 494.0

GET
H2

200

callback
www.elfcosmetics.com/
Redirect Chain

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=...
https://www.elfcosmetics.com/callback?usid=9c5d9f78-e734-449f-85fc-52377c7c3038&code=PvhWb6OsUHcAR26DUyLi7EBV-0s6kJOfG3velCadGEE

0
0

298ms
298ms

Fetch
application/json

140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/callback?usid=9c5d9f78-e734-449f-85fc-52377c7c3038&code=PvhWb6OsUHcAR26DUyLi7EBV-0s6kJOfG3velCadGEE

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Server

140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/mobile-app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 0
x-amz-cf-pop: FRA56-P7
age: 0
x-amzn-remapped-connection: close
x-amzn-requestid: 4a253311-4913-4240-858d-5fd69e8f9e54
x-yottaa-optimizations: ob/1000 si/36D18cae0e61-1714713947-4734947377 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
x-amz-apigw-id: XX2knE5nCYcEi-w=
content-length: 0
alt-svc: h3=":443"; ma=86400
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-66396aea-148c0e2358834cfc7edaa41a;Parent=37d7a71f9cf0aebc;Sampled=0;lineage=2b75b0e9:0
content-type: application/json
cache-control: public, max-age=604800
x-yottaa-os: 200
x-yottaa-metrics: 36218cae0e2d/[262,260,-] 36D18cae0e61/[-,262.873]
x-amzn-remapped-date: Mon, 06 May 2024 23:42:34 GMT
x-amz-cf-id: xGfaQ_fyooZoGVsfLQ7qViQpKmijvh42A6WrGgfQFeUqVOspZTvMnQ==

Redirect headers

date: Mon, 06 May 2024 23:42:33 GMT
x-correlation-id: 87fcd3d53afd1c85
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
age: 0
x-yottaa-optimizations: ob/0 si/36D18cae0e61-1714713947-4734947376 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
x-ratelimit-1m-remaining: 23233, 1947624
x-ratelimit-1m-reset: 26151, 26150
x-ratelimit-1m-limit: 24000, 2000000
vary: Accept-Encoding
location: https://www.elfcosmetics.com/callback?usid=9c5d9f78-e734-449f-85fc-52377c7c3038&code=PvhWb6OsUHcAR26DUyLi7EBV-0s6kJOfG3velCadGEE
cache-control: no-store
x-yottaa-os: 303
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=-_xY26FG6epHQ-PgAvjaTKxXg8OFElXT6yoFmoFy1mE
x-yottaa-metrics: 36218cae0e2c/[145,143,-] 36D18cae0e61/[-,146.051]
cf-ray: 87fcd3d53afd1c85-FRA
x-amz-cf-id: gEJpgLoqPcf4C01na2CQKiF6yq_wbNQcMBL1of3CTU8TB9vHn-stvg==

POST
H2 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 600 B
664 B 65ms
64ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4daa11163425a93a6704abc335ed09b2f3065bd9511130607d8e2aaffe3e8cff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 May 2024 23:42:32 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600

GET
H2 200 6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 6 KB
2 KB 112ms
45ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55baa715ccc8c2512bceb1c949c1d0927944ca327e7edd2d5fc312d2a41986e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 16830
content-md5: j7e7fSdncC8T3SCV/IpUig==
content-length: 1740
x-ms-lease-status: unlocked
last-modified: Mon, 08 Apr 2024 18:41:03 GMT
server: cloudflare
etag: 0x8DC57FB71838BE4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c3fb1654-801e-0031-68e4-89d890000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87fcd3d348a2bbe3-FRA
expires: Tue, 07 May 2024 23:42:33 GMT

GET
H2 200 st Show response
st.dynamicyield.com/ 118 KB
10 KB 199ms
130ms Script
text/javascript 2600:9000:2250:b200:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=l2ret03h1nabzuyhz13nujfldnlhs8yq&ref=&scriptVersion=2.32.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22OTHER%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:b200:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 82ab2a63548a69b69bf74bd3e6f0610d7d2e98d45f3af66a01dad8ce1c6fcef2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:33 GMT
content-encoding: gzip
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: 27ApWK1m4rkD2A4-FYm7Wvqaw_DySbr7JEjtJ4x0iNE6gFTZeKdhRQ==
expires: Mon, 06 May 2024 23:42:32 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 218ms
44ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept: application/json
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 87fcd3d6ac924d3a-FRA
access-control-allow-headers: Content-Type

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 165ms
25ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 May 2024 23:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 91
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 07 May 2024 01:41:03 GMT

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=153471037.1715038954&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3STMXv89660829...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=153471037.1715038954&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3...

42 B
65 B

90ms
37ms

Ping
image/gif

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=153471037.1715038954&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3STMXv896608294za200&auid=533735745.1715038954

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=153471037.1715038954&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dma_cps=sypham&dma=1&npa=0&gtm=45He4510n81WL3STMXv896608294za200&auid=533735745.1715038954
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 sync Show response
sdk.iad-05.braze.com/api/v3/content_cards/ 85 B
228 B 240ms
240ms XHR
application/json 2606:4700:4400::6812:25a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec3c6c170fd98bf2b831fc0cafc7f4232d92d1a84a16ff0c923a9e6a9d746246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest: true
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/json
BRAZE-SYNC-RETRY-COUNT: 0
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9;q=0.9
X-Braze-ContentCardsRequest: true
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 67edffb7-bf0e-45d4-a438-d5e866a0a939
x-runtime: 0.062189
server: cloudflare
etag: W/"ec3c6c170fd98bf2b831fc0cafc7f423"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1715038956
access-control-max-age: 7200
x-ratelimit-limit: 500.0
cf-ray: 87fcd3d709dabc03-FRA
x-ratelimit-remaining: 487.0

GET
H2 200 dy-coll-min.js Show response
cdn.dynamicyield.com/scripts/2.32.0/ 196 KB
65 KB 27ms
26ms Script
text/javascript 2600:9000:275d:1800:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:1800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Apr 2024 06:06:04 GMT
content-encoding: gzip
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
last-modified: Tue, 02 Apr 2024 09:13:12 GMT
server: DYCDN
age: 2568991
x-amz-cf-pop: FRA56-P11
etag: W/"65b3e284856fb8d657d1f6a3423618c7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: nODT97iHRDUPFC6jjuP9-PS81w4JiPl7Lok2oBC41ZqXqkWeDXB1ow==

OPTIONS
H2 200 sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 0
0 169ms
168ms Preflight 2606:4700:4400::6812:25a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 87fcd3d5f906bc03-FRA
content-encoding: gzip
date: Mon, 06 May 2024 23:42:34 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/ 404 KB
98 KB 49ms
48ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XJk1ZZTljtwHFT3qcIJg+w==
age: 73752
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99599
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:36 GMT
server: cloudflare
etag: 0x8DB82A15D413626
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80bad15d-801e-006c-2fda-12d214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87fcd3d74b269bbc-FRA

POST
H2 200 uia Show response
async-px.dynamicyield.com/ 0
383 B 318ms
125ms XHR
text/plain 18.172.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/uia?cnst=1&_=1715038954119
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-91.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:34 GMT
via: 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: VQ7VhJyC9UtLUCbhOpGLBMKcXmdTWO09IgD2iICW4CMRd2pW2MLAyw==
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 35ms
34ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1150093873&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dp=%2Fmobile-app&ul=de-de&de=UTF-8&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=789586426&gjid=484977391&cid=1191126275.1715038954&tid=UA-432816-1&_gid=451730125.1715038954&_r=1&_slc=1&gtm=45He4510n81WL3STMXv896608294za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&z=679360484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 264ms
122ms Fetch 18.172.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=822234&uid=-3625397444915139863&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=68f4dfd151eba3d34ab0edd4fe79d4cc&expSes=47939&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=-6357686820780358046&cgtgDecisionId=-6357686818383392919&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715038953170&rri=3045034
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-91.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:34 GMT
via: 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: 4dfipt8n921eO0gGQLGUud21NjuDIlhQSOESkRRX_y-7IpnS2AauXg==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 266ms
126ms Fetch 18.172.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=834845&uid=-3625397444915139863&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=68f4dfd151eba3d34ab0edd4fe79d4cc&expSes=47939&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=-6357686820336638933&cgtgDecisionId=-6357686819220802950&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715038953171&rri=9603023
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-91.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:34 GMT
via: 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: a1ifTXzaisbXlojWvalxl7pXksjAQ6BB21q_y6moem_v45zMF8z-zQ==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 266ms
126ms Fetch 18.172.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=696648&uid=-3625397444915139863&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=68f4dfd151eba3d34ab0edd4fe79d4cc&expSes=47939&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=-6357686818449113760&cgtgDecisionId=-6357686821495925479&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715038953172&rri=8469007
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-91.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:34 GMT
via: 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: 8-CRiudQxiupZDWPTo0qNJaRu_UaZwtyqFeuvCofwDhafc07uxoNYw==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 264ms
125ms Fetch 18.172.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=118167&uid=-3625397444915139863&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28207095%5D&ses=68f4dfd151eba3d34ab0edd4fe79d4cc&expSes=47939&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=-6357686820720674335&cgtgDecisionId=-6357686820799109266&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715038953173&rri=1437963
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-91.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:34 GMT
via: 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: RkOVDZCAKHrvZc-LYmo72TkBEIugiGMjosIGDA5aJ4ws1R9ViBLB8A==
expires: 0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/018ebeca-e8af-7f81-b182-0c90ba9664dd/ 158 KB
34 KB 45ms
45ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/018ebeca-e8af-7f81-b182-0c90ba9664dd/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5a9baac0b53c708a5279b1ddfe54ec7f0a40699210e0caf05419d0aa1b330d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11800
content-md5: 9wsMlq8mrfV+OngAz8tXzg==
content-length: 34664
x-ms-lease-status: unlocked
last-modified: Mon, 08 Apr 2024 18:41:16 GMT
server: cloudflare
etag: 0x8DC57FB7975EDF7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d7d31a7a-c01e-0030-49e4-89874c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87fcd3d7cba6bbe3-FRA
expires: Tue, 07 May 2024 23:42:34 GMT

GET
H2 200 cnxtag-min.js Show response
js.cnnx.link/roi/ 2 KB
1 KB 119ms
29ms Script
text/javascript 2600:9000:21f3:1400:11:85b0:d600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1400:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:39:40 GMT
via: 1.1 google, 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
age: 173
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
cache-control: max-age=600
x-amz-cf-id: YUlz8st3yUT_N95LXPdBCGQxjJ51LvH2WnYObM_R5B7F2CTBSCSiYg==

GET kpi
pixel.pointmediatracker.com/ 0
0

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2

43 B
1 KB

41ms
41ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:34 GMT
an-x-request-uuid: 0bf7ea18-afa8-4fc5-901e-458f1abee0bf
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:34 GMT
an-x-request-uuid: 719b8bd2-cfab-40d3-a91c-124d06e10fca
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
149 B 169ms
57ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
server: Kestrel
content-length: 70
content-type: image/gif

POST
H3 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 32 B
49 B 50ms
49ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 7586f9164e6bc95d916e3828d687c85f77cf253b34a5908fffa5f6f17dfd0d72

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

POST
H2 200 batch
async-px.dynamicyield.com/ 0
384 B 193ms
126ms Ping
text/plain 18.172.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1715038954246_472354
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-91.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:34 GMT
via: 1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: wwrKE8tiYTrsazrv5TGuXkwjBWUpewzDk9UjNm-aYQSmb58ACCktsw==
expires: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
25ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1150093873&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dp=%2Fmobile-app&ul=de-de&de=UTF-8&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=aEDAAEABAAAAACgAIAC~&jid=&gjid=&cid=1191126275.1715038954&tid=UA-432816-1&_gid=451730125.1715038954&gtm=45He4510n81WL3STMXv896608294za200&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=content&cd19=&cd21=US&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&z=1178823138

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 02:16:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77161
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 token Show response
www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 2 KB
2 KB 207ms
207ms Fetch
application/json 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

401fe26ee4e68286a3fb5befc287cf0acfc6a46aa8a83832da5b6386321d0aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
c_x-pwa-request: true
Referer: https://www.elfcosmetics.com/mobile-app
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: gzip
x-correlation-id: 87fcd3d849ec30ee
cf-cache-status: DYNAMIC
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
age: 0
x-yottaa-optimizations: ob/1000 si/36D18cae0e61-1714713947-4734947378 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
pragma: no-cache
x-ratelimit-1m-remaining: 23223, 1946872
x-ratelimit-1m-reset: 25642, 25641
vary: Accept-Encoding, User-Agent
x-ratelimit-1m-limit: 24000, 2000000
content-type: application/json
cache-control: no-store
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics: 36218cae0e2e/[170,168,-] 36D18cae0e61/[-,170.399]
cf-ray: 87fcd3d849ec30ee-FRA
x-amz-cf-id: XrFvzg_pB6SDJeB6U4j6nnJSjXAO_YIoFY-X0aO8i2wM2gYkN-cJqA==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 13 KB
3 KB 39ms
38ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5mNZducabMgxSDzBo+ZI8w==
age: 18605
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:30 GMT
server: cloudflare
etag: 0x8DB82A159AF8EA6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0c718e4e-201e-0081-6f27-129959000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87fcd3d89c0dbbe3-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/ 61 KB
13 KB 38ms
37ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: sXFDxCJwbPEMIT/8f5Prwg==
age: 26855
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:33 GMT
server: cloudflare
etag: 0x8DB82A15AFF8646
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 99943331-001e-00a9-52a5-21f8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87fcd3d89c0ebbe3-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 5 KB
2 KB 44ms
43ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: v0pzgeeelPwcAOki15i3HA==
age: 26855
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:32 GMT
server: cloudflare
etag: 0x8DB82A15AB9FB83
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cd67b2fb-901e-0094-1c03-248eea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87fcd3d89c10bbe3-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 21 KB
4 KB 40ms
39ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 22981
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b54dfe3f-901e-004f-6264-2348d7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87fcd3d89c11bbe3-FRA

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
191 B 620ms
217ms Ping
text/json 204.2.49.55
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.2.49.55 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 May 2024 23:42:34 GMT
access-control-expose-headers: X-Results-Data-Source
access-control-allow-credentials: true
cache-control: no-cache
timing-allow-origin: *
content-type: text/json

GET
H2 200 favicon.ico
www.elfcosmetics.com/ 34 KB
34 KB 83ms
82ms Other
image/x-icon 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/mobile-app
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 34494
x-amz-cf-pop: FRA56-P7
age: 63, 63
x-amzn-remapped-connection: close
x-amzn-requestid: d2999de9-8dc0-4995-85ba-6f4d98eed19e
x-yottaa-optimizations: ob/100 si/36D18cae0e61-1714713947-4734947379 tts/1710864117465 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: XXHzeHi_iYcEs4A=
content-length: 34494
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 May 2024 18:22:06 GMT
x-amzn-trace-id: Root=1-66392015-109fa187159ffb236db8d477;Parent=0fb9baf3e0ac1a20;Sampled=0;lineage=2b75b0e9:0
etag: W/"86be-18f4f243cb0"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=600, s-maxage=600
x-yottaa-metrics: 36218cae0e2f/[4,-,1715038864064] 36D18cae0e61/[-,5.099]
accept-ranges: bytes
x-amzn-remapped-date: Mon, 06 May 2024 18:23:18 GMT
x-amz-cf-id: PFyO7H8w5wozLmNx49oaYa2WDShBw1Raa7qTl3sOGx1APzuFm3ag1w==

GET
H2 200 110221.ct.js Show response
tag.rmp.rakuten.com/ 47 KB
15 KB 439ms
51ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.rmp.rakuten.com/110221.ct.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.147.102.34.bc.googleusercontent.com

Software

Resource Hash

0e808f51f2e171f19b5d0eb70e6482b93ea96723accfc77f2cd4c8cdefa618f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Mon, 06 May 2024 23:42:34 GMT
x-cache: hit
x-samesite: secure
content-type: text/javascript
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.paypal.com/sdk/ 419 KB
117 KB 414ms
34ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8fd5e6962bde33408bdd66280bbd176a5dac01576e07ab1c1bad79ec4848e5ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-+UHmMwYknZqIL1Rxm3wFAKHtC9kD+nGXbvYBqJd+wGI25+kE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-+UHmMwYknZqIL1Rxm3wFAKHtC9kD+nGXbvYBqJd+wGI25+kE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-+UHmMwYknZqIL1Rxm3wFAKHtC9kD+nGXbvYBqJd+wGI25+kE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-+UHmMwYknZqIL1Rxm3wFAKHtC9kD+nGXbvYBqJd+wGI25+kE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Mon, 06 May 2024 23:42:34 GMT
age: 577
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f6396227183df
server-timing: "traceparent;desc="00-0000000000000000000f6396227183df-7cc579740af8a891-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 117885
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220047-FRA, cache-fra-etou8220047-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f6396227183df-b9e6697d5f929b50-01
x-timer: S1715038955.792617,VS0,VE5
etag: W/"1cc7d-X3h+08pfcZF1+b9JnoyuIlxKqpY"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H/1.1 200
OK main.js Show response
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 146 KB
43 KB 898ms
229ms Script
application/javascript 23.42.12.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.42.12.106 Isando, South Africa, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-12-106.deploy.static.akamaitechnologies.com

Software

nginx / Express

Resource Hash

2e8fd8d487b4259dbdc6c529f742806377fae205c8dc7d0f35ac8797bafe5b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Date: Mon, 06 May 2024 23:42:35 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"db6eabd7a2ac6b935230c83262dc23ffabc8fe3c-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=900
Connection: keep-alive
Content-Length: 43335
Expires: Mon, 06 May 2024 23:57:35 GMT

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 415ms
32ms Script
application/javascript 2a02:26f0:480:33::212:40ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:33::212:40ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 23:42:34 GMT
Content-Encoding: gzip
x-amz-request-id: YNGC7PCXVN28Z00Q
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: vrDln2XCGOFSFkLE6Ln17Y/P092c846kqJOj1nLZLa1T5AvAIx9Wt+4jaFyZJcu85WAzx+0b3iU=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3203
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Tue, 07 May 2024 00:35:57 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 37ms
36ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 29327
x-ms-lease-status: unlocked
last-modified: Mon, 06 May 2024 02:33:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 762ad8e0-101e-005b-0164-9f4615000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87fcd3d93c399bbc-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
515 B 54ms
53ms Fetch
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 15080
x-ms-lease-status: unlocked
last-modified: Mon, 06 May 2024 02:33:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 177a7400-d01e-0020-50bc-9f2da5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87fcd3d94cb1bbe3-FRA

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 45ms
44ms Image
image/png 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 29327
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Mon, 06 May 2024 02:33:30 GMT
server: cloudflare
etag: 0x8DC6D74EAF80EF0
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 54e4e94e-f01e-003c-2664-9ff5b2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87fcd3d96c579bbc-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 45ms
45ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 23:42:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 84288
x-ms-lease-status: unlocked
last-modified: Thu, 02 May 2024 18:04:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e029ff83-401e-0043-13c3-9c6b80000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87fcd3d96c589bbc-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 325 KB
106 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3de1eef9be67750488b4d782a13d93fe3a13beb5bac1cc4093695ad52b8b337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 May 2024 23:42:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
100 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a196ba4f272586219eaa10072e7bf873ea5b92eb6ffa97bd5606e5fedc2efcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102641
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 May 2024 23:42:34 GMT

GET
H2 200 1a8bfa042c9c5.js Show response
t.contentsquare.net/uxa/ 295 KB
71 KB 362ms
36ms Script
application/javascript 18.244.18.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc9ea760e99c7aeb29b3da195ff38ecb90d6699e6e437ba9fb6ba5c8a2912b01

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 14:13:31 GMT
content-encoding: br
via: 1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 72162
last-modified: Mon, 06 May 2024 14:12:04 GMT
server: AmazonS3
etag: "66d6e9575960179e8cacdf4ecc4b23e8"
vary: Origin
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2mKWu8fLn77CHVCw5lkQ79PTZkzCgbU6DLbSP6e3X7bYefU6YNW8vw==

POST
H2 204 sessions Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 0
1 KB 598ms
598ms XHR
text/plain 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/mobile-app
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjljNWQ5Zjc4LWU3MzQtNDQ5Zi04NWZjLTUyMzc3YzdjMzAzOCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTUwMzg5MjQsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibXVrWnhiSktsWEVSeHJBWGxhWVlsYkpLOjpjaGlkOiAiLCJleHAiOjE3MTUwNDA3NTQsImlhdCI6MTcxNTAzODk1NCwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzNjM2NjI4ODY5MzQ1MjEyMCJ9.jAhJTPPa--Vu1-dKsw8FIHLLM_gwgpe3bO2ZByiEZhU8CRTGWMb_KHfPezgeqnbrP3LYeBATUdRAI5Q-1Y1uxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P7
age: 0
x-yottaa-optimizations: ob/0 si/36D18cae0e61-1714713947-4734947381 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
pragma: no-cache
allow: OPTIONS,POST
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics: 36218cae0e31/[561,559,-] 36D18cae0e61/[-,562.240]
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions
accept-ranges: bytes
cf-ray: 87fcd3d9bc952c23-FRA
x-dw-request-base-id: DRCoQupqOWYBAAB_
x-amz-cf-id: NzWKlat8xOR_imILDm8mf9gkQ2EqGF4crxPCcq3tQj9WhdQp9blu8g==
x-yottaa-os: 204
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 shoppercontext Show response
www.elfcosmetics.com/api/v1/ 114 B
874 B 572ms
571ms XHR
application/json 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjljNWQ5Zjc4LWU3MzQtNDQ5Zi04NWZjLTUyMzc3YzdjMzAzOCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTUwMzg5MjQsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibXVrWnhiSktsWEVSeHJBWGxhWVlsYkpLOjpjaGlkOiAiLCJleHAiOjE3MTUwNDA3NTQsImlhdCI6MTcxNTAzODk1NCwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzNjM2NjI4ODY5MzQ1MjEyMCJ9.jAhJTPPa--Vu1-dKsw8FIHLLM_gwgpe3bO2ZByiEZhU8CRTGWMb_KHfPezgeqnbrP3LYeBATUdRAI5Q-1Y1uxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.elfcosmetics.com/mobile-app
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 114
content-encoding: gzip
x-amz-cf-pop: FRA56-P7
age: 0
x-amzn-remapped-connection: close
x-amzn-requestid: a40cc46c-9520-4016-b752-ba653de70d7d
x-yottaa-optimizations: ob/1000 si/36D18cae0e61-1714713947-4734947382 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
x-amz-apigw-id: XX2ksFcwiYcEa6w=
content-length: 108
alt-svc: h3=":443"; ma=86400
etag: W/"72-HgdmTgyCF/DQfqnMU3u+4UstAzI"
x-amzn-trace-id: Root=1-66396aea-5430fb5675628ae85b2dfa88;Parent=7419ffa1725fff85;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 36218cae0e32/[535,534,-] 36D18cae0e61/[-,536.578]
x-amzn-remapped-date: Mon, 06 May 2024 23:42:34 GMT
x-amz-cf-id: T42zbxS6t_xgmpBc6Akp1LvGQao7cw-2vEn9OO00qYa-TR8wXiSrEA==

POST
H2 201 sync Show response
sdk.iad-05.braze.com/api/v3/content_cards/ 85 B
200 B 231ms
231ms XHR
application/json 2606:4700:4400::6812:25a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec3c6c170fd98bf2b831fc0cafc7f4232d92d1a84a16ff0c923a9e6a9d746246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest: true
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/json
BRAZE-SYNC-RETRY-COUNT: 0
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9;q=0.9
X-Braze-ContentCardsRequest: true
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 2804d335-397b-48e1-b6a2-cb0528c17c9a
x-runtime: 0.062290
server: cloudflare
etag: W/"ec3c6c170fd98bf2b831fc0cafc7f423"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1715038956
access-control-max-age: 7200
x-ratelimit-limit: 500.0
cf-ray: 87fcd3d98c45bc03-FRA
x-ratelimit-remaining: 484.0

GET
H2 200 geo-ip Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 179 B
894 B 587ms
585ms XHR
application/json 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=84.19.175.184

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json
c_x-pwa-request: true
Referer: https://www.elfcosmetics.com/mobile-app
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
sfdc_customization: HOOK
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-yottaa-optimizations: ob/1000 si/36D18cae0e61-1714713947-4734947383 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
age: 0
alt-svc: h3=":443"; ma=86400
allow: GET,HEAD,OPTIONS
content-type: application/json;charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=84.19.175.184
x-yottaa-metrics: 36218cae0e33/[550,549,-] 36D18cae0e61/[-,551.017]
cf-ray: 87fcd3daef7e4dcc-FRA
x-dw-request-base-id: HVqhAOpqOWYBAAB_
x-amz-cf-id: RtwBzUqKsrXkK3ukhkNlS0YJNB_ZRZxW_tU4omakLTyfOs3e6py7Bg==

GET
H2 200 geo-ip Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 179 B
893 B 1055ms
467ms XHR
application/json 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=84.19.175.184

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json
c_x-pwa-request: true
Referer: https://www.elfcosmetics.com/mobile-app
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
sfdc_customization: HOOK
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-yottaa-optimizations: ob/1000 si/36D18cae0e61-1714713947-4734947386 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
age: 0
alt-svc: h3=":443"; ma=86400
allow: GET,HEAD,OPTIONS
content-type: application/json;charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=84.19.175.184
x-yottaa-metrics: 36218cae0e36/[431,430,-] 36D18cae0e61/[-,432.358]
cf-ray: 87fcd3de9a1b910d-FRA
x-dw-request-base-id: HVrHAOtqOWYBAAB_
x-amz-cf-id: hK65GNzdX2NPVJzuURRE-K4nabaZuhhslW4juolmChVG0AdvSVkVdw==

GET
H2 200 baskets Show response
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abmukZxbJKlXERxrAXlaYYlbJK/ 11 B
878 B 402ms
402ms Fetch
application/json 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abmukZxbJKlXERxrAXlaYYlbJK/baskets?siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjljNWQ5Zjc4LWU3MzQtNDQ5Zi04NWZjLTUyMzc3YzdjMzAzOCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTUwMzg5MjQsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibXVrWnhiSktsWEVSeHJBWGxhWVlsYkpLOjpjaGlkOiAiLCJleHAiOjE3MTUwNDA3NTQsImlhdCI6MTcxNTAzODk1NCwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzNjM2NjI4ODY5MzQ1MjEyMCJ9.jAhJTPPa--Vu1-dKsw8FIHLLM_gwgpe3bO2ZByiEZhU8CRTGWMb_KHfPezgeqnbrP3LYeBATUdRAI5Q-1Y1uxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
c_x-pwa-request: true
Referer: https://www.elfcosmetics.com/mobile-app
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
sfdc_customization: HOOK
dnt: 0
cf-cache-status: DYNAMIC
x-correlation-id: 87fcd3dae8e71e50
x-content-type-options: nosniff
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-yottaa-optimizations: ob/1000 si/36D18cae0e61-1714713947-4734947384 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-encoding: gzip
x-cache: Miss from cloudfront
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 37
allow: GET,HEAD,OPTIONS
x-ratelimit-remaining: 999
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
sfdc_load: 3
cache-control: max-age=0,no-cache,no-store
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abmukZxbJKlXERxrAXlaYYlbJK/baskets?siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 87fcd3dae8e71e50-FRA
x-amz-cf-id: Ujxl3fPIabrWfA241ziQWx574k2hhlT0Z7nr2pCLqfKG751Vof-3Fg==
x-yottaa-metrics: 36218cae0e34/[364,363,-] 36D18cae0e61/[-,365.160]

POST
H2 200 viewPage Show response
api.cquotient.com/v3/activities/bbxc-elf-us/ 98 B
517 B 61ms
57ms Fetch
application/json 54.220.205.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/main.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.220.205.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-205-15.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

9b5a1f6ccd36751cf508090175a38cb8b6ddde3ed2ed3d461e8476b409eea787

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-cq-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.elfcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
strict-transport-security: max-age=15552000; includeSubdomains
server: envoy
etag: W/"62-g7+SAESz5AjBAg+/ewiFdWvrbys"
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
content-length: 98

GET
H2 200 loader.js Show response
cdn.usehero.com/ 98 KB
28 KB 150ms
33ms Script
application/javascript 2600:9000:2761:e00:13:d6f4:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usehero.com/loader.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:e00:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:13:21 GMT
content-encoding: gzip
via: 1.1 284574e4f15389d93bfcb84d196a92f0.cloudfront.net (CloudFront)
last-modified: Tue, 19 Sep 2023 07:56:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1753
x-amz-server-side-encryption: AES256
etag: W/"fbf714a58cbac38c0deea519667d9044"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: hsBFYwOEolsbbr1CKEy93ZYBsrPSg-9h4gmB-AekA2WwRFgmuhkS9g==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbfcd656d653b9d36320f2f06251515b759ff14ed4dd63c90bc583e54ba70c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76288
x-xss-protection: 0
last-modified: Mon, 06 May 2024 22:31:06 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 May 2024 23:42:34 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52a8af96bebfcacaa9674701adb036ea76fa494519babfd911548c03865c5fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76299
x-xss-protection: 0
last-modified: Mon, 06 May 2024 22:31:06 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 May 2024 23:42:34 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 146ms
30ms Script
application/javascript 2a02:26f0:1700:79b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:79b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "c292daff66d2a9db8fb67b7807bf3c7b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1881

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 139ms
26ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 06 May 2024 23:42:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=12, mss=1326, tbw=2800, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: bMyEfaZ/xOKyoWmRiDvCezk1RD/UHXToqZuk1CCzEKWdV/o2JwctMQ39rvVc0/TO97lLdMqA5p9SV+nSG4q/Sw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 38 KB
12 KB 142ms
29ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 57bd3463acfad02c222f7beac208f69df5507f7de42fa38b18a1e1e48df2a44a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 24 Apr 2024 17:35:49 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "c4d61fbb6e730a840c7f140cbb9bcd06"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 11214

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 123ms
49ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 06 May 2024 23:42:34 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD74848B70204524A4EF37B54B670903 Ref B: FRA31EDGE0116 Ref C: 2024-05-06T23:42:34Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 8 KB
3 KB 335ms
147ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BRR4GA0I9JJBU29G8GF0
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a4dab5d175f3cb60c99135465ec8b7df1c4b26c38a2d9b51d0d5d90490e582e4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: a29c8170.88cbb46
date: Mon, 06 May 2024 23:42:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2405062342358B05CD7E0C4475AFDEEF-4B9E6D0F08CF77C3-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time: 105,2.20.179.90
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=14, inner; dur=3
content-length: 2547
pragma: no-cache
server: nginx
x-tt-logid: 202405062342358B05CD7E0C4475AFDEEF
x-cache-remote: TCP_MISS from a23-220-104-16.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.220.104.16
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca79efa7db1c1963138724069c42ff4c1713d07505344cf8ab008b7a04f8d0d3d772ab3a4f20f7774970315bbb22f50da935f5814413b52d512294d28bc1ffa9523de318eab42d3b754ec5895471e1413ca681088d6b29c1626c40a43a3e7d459812
expires: Mon, 06 May 2024 23:42:35 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 309ms
127ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 58386815f4fcac72aeb4d07d1baa1688fee4039b95108baf13cfd2d427f5146c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 136576d4.88cbb45
date: Mon, 06 May 2024 23:42:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24050623423527E34B7CF6BD1BB1BE6C-7EDCAE38DAAC54E8-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time: 85,2.20.179.90
server-timing: cdn-cache; desc=MISS, edge; dur=79, origin; dur=6, inner; dur=3
content-length: 2088
pragma: no-cache
server: nginx
x-tt-logid: 2024050623423527E34B7CF6BD1BB1BE6C
x-cache-remote: TCP_MISS from a23-222-0-203.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.222.0.203
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca79efa7db1c1963138724069c42ff4c1713e63a950ebe452d3e0dea0b1d55e413fdfe5d449e98334c780e1c97c86ce0acfe03a1ffd61f4f0e20e7aad699f7bd5c4dbfd280858775b93a2986bca64fc4152c6030884b4927954127f20eec6cccda4e
expires: Mon, 06 May 2024 23:42:35 GMT

GET
H2 200 widget.js Show response
js.jebbit.com/companion/v1/ 44 KB
45 KB 123ms
28ms Script
text/javascript 2600:9000:2359:ee00:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:ee00:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc9709489aeba0f23cc18fd3d1ff6f2087e1381ba6dbe92e98738228d520fd54

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: j3bLD5VAFZVsHy8WM9iuVjqRLf9F9664
date: Mon, 06 May 2024 14:47:24 GMT
via: 1.1 fe1df26b55e8c12763613686df86f7f2.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2024 15:04:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 32110
x-amz-server-side-encryption: AES256
etag: "226557253164387c89ed4612b780f10f"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 45245
x-amz-cf-id: Y_pO-GGosxPr5Leri_BtZy7UgF80iNe8HOXqh5bTmw6mIf4pyy-DQg==

OPTIONS
H2 200 viewPage
api.cquotient.com/v3/activities/bbxc-elf-us/ Frame 0
0 182ms
55ms Preflight 54.220.205.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.220.205.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-205-15.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cq-client-id
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-cq-tenant, x-cq-client-id
access-control-allow-methods: POST
access-control-allow-origin: https://www.elfcosmetics.com
content-length: 0
date: Mon, 06 May 2024 23:42:34 GMT
server: envoy
strict-transport-security: max-age=15552000; includeSubdomains
x-envoy-upstream-service-time: 1

GET
H2 200 i.js Show response
tag.wknd.ai/4142/ 18 KB
6 KB 133ms
29ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/4142/i.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 948aeac9a8dbb591f76f1a03375169f95be2295930f2af45af19b533f5255831

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:26:49 GMT
content-encoding: gzip
via: 1.1 google
age: 945
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5820
server: istio-envoy
etag: ce4ad110a67db2
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 93ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je4510v879088318z8896608294za200&gcs=G100&gcd=13u3uPu2u5&npa=1&dma_cps=-&dma=1&cid=13688215.1715038955&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&_s=1&sid=1715038954&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=3783
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 65 B
127 B 346ms
273ms XHR
text/plain 34.49.124.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4510v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=1661713206.1715038955&ecid=181697344&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&sst.rnd=153471037.1715038954&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=1&sid=1715038955&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3860&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 65 B
127 B 374ms
318ms XHR
text/plain 34.49.124.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4510v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=1661713206.1715038955&ecid=181697344&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&sst.rnd=153471037.1715038954&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=2&sid=1715038955&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&en=pageview&ep.vendor_id=pinterest&ep.email=&_et=4&tfd=3878&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 65 B
305 B 328ms
272ms XHR
text/plain 34.49.124.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4510v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=1661713206.1715038955&ecid=181697344&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&sst.rnd=153471037.1715038954&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=3&sid=1715038955&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&en=page_view&ep.vendor_id=facebook&ep.event_id=1715039127506_17150395212965&ep.email=&ep.phone=&_et=4&tfd=3878&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET
H2 200 main.2bdc3040.js Show response
s.pinimg.com/ct/lib/ 69 KB
20 KB 29ms
28ms Script
application/javascript 2a02:26f0:1700:79b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:79b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "12a8f2d3ddbe2363a4a569b085d70d28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19942

GET
H2 200 t2_16331p_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 80ms
31ms XHR
application/json 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_16331p_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 98

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 78ms
24ms Image
image/gif 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1715038955099&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=95ec1378-8432-4c48-935b-d0955c4b5693&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_3ba1cddf&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2

200

src=9231397;dc_pre=CJS-0f2Z-oUDFXRLHgIdxswBVA;type=retarget;cat=globa0;ord=8582826534867;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=8582826534867;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124...
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CJS-0f2Z-oUDFXRLHgIdxswBVA;type=retarget;cat=globa0;ord=8582826534867;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;u...

42 B
107 B

70ms
69ms

Image
image/gif

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CJS-0f2Z-oUDFXRLHgIdxswBVA;type=retarget;cat=globa0;ord=8582826534867;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app?

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CJS-0f2Z-oUDFXRLHgIdxswBVA;type=retarget;cat=globa0;ord=8582826534867;npa=1;u6=%2Fmobile-app;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 display Show response
api.usehero.com/webplugin/ 118 B
1 KB 337ms
206ms XHR
application/json 54.170.22.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&state=untouched&outboundFeature=

Requested by

Host: cdn.usehero.com
URL: https://cdn.usehero.com/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.22.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-22-54.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2f94a92ee5b944dee469a9c3170546ea7d95ebee37bea2daee2b84caa9d5ad1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
surrogate-control: no-store
x-dns-prefetch-control: off
x-time-zone: Europe/Berlin
klarna-correlation-id: 655b8e78-04a8-42f0-8373-9baddcc5fd99
x-envoy-upstream-service-time: 7
cross-origin-resource-policy: same-origin
x-geo-longitude: 9.49100
content-length: 118
x-xss-protection: 0
x-request-id: 655b8e78-04a8-42f0-8373-9baddcc5fd99
pragma: no-cache
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
etag: W/"76-F3qjRWiXwWT1G3l43aCxA6Lphqw"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-latitude: 51.29930
x-country: DE
x-accuracy: 500
expires: 0

GET
H2

200

src=10742279;dc_pre=CP3A0f2Z-oUDFYpeHgIdYIcDOw;type=elf8j0;cat=glo_flap;ord=5314989395228;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CG...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=5314989395228;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0...
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CP3A0f2Z-oUDFYpeHgIdYIcDOw;type=elf8j0;cat=glo_flap;ord=5314989395228;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa...

42 B
118 B

69ms
69ms

Image
image/gif

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CP3A0f2Z-oUDFYpeHgIdYIcDOw;type=elf8j0;cat=glo_flap;ord=5314989395228;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app?

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CP3A0f2Z-oUDFYpeHgIdYIcDOw;type=elf8j0;cat=glo_flap;ord=5314989395228;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe4510v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1638306756445368 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 28ms
27ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1638306756445368?v=2.9.155&r=stable&domain=www.elfcosmetics.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b336f926203c1280abc248e9659a8bfc81f33e5827bd8e5a90bd43cbe9958ef4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 06 May 2024 23:42:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14133
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=63, mss=1326, tbw=63343, tp=-1, tpl=-1, uplat=4, ullat=-1
pragma: public
x-fb-debug: i6BIww2TR3qqq0N64k+2s1bbej0yrANtjN7Xld9FV+Eug54PzT2nuAbeGRxTwSB2cZsmTSsoxtRlP5qk83CfBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 local
www.paypal.com/credit-presentment/experiments/ Frame CA15 0
0 90ms
35ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.63.0&integrationType=SDK

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 83143
cache-control: s-maxage=86400, max-age=0
content-encoding: gzip
content-length: 1526
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 23:42:35 GMT
dc: ccg11-origin-www-1.paypal.com
edge-cache-tag: up-treatments-zoid
etag: W/"1479-K2mS5eassyfvXXLuuWOBasENhJU"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f420168b491d1
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f420168b491d1-b8807aedb3fdb98d-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f420168b491d1-15e2b49d736179c1-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 18205, 0
x-served-by: cache-fra-etou8220114-FRA, cache-fra-etou8220114-FRA
x-timer: S1715038955.407019,VS0,VE5
x-xss-protection: 1; mode=block

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 35ms
34ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.com&t=xo&v=5.0.434&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d861c8a4cfe621b058a9b27e29fa3031d048e5794c9ff25b435c7e3853070676

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-c25bRTH+ZakLStVMlAvrhVAQ4vhOLxAO2MydiBzIQ1iQccNi' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-c25bRTH+ZakLStVMlAvrhVAQ4vhOLxAO2MydiBzIQ1iQccNi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 May 2024 23:42:35 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 18125
x-cache: HIT, MISS
paypal-debug-id: f8101781736c0
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4796
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220047-FRA, cache-fra-etou8220047-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f8101781736c0-a4f1c4d7443e7972-01
x-timer: S1715038955.353753,VS0,VE5
etag: W/"3691-V5hnGrmzM82BE1o4PRCZpNVGvA8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

POST
H3 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 32 B
49 B 51ms
51ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 7586f9164e6bc95d916e3828d687c85f77cf253b34a5908fffa5f6f17dfd0d72

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 May 2024 23:42:34 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H2 200 widget.css
js.jebbit.com/companion/v1/ 15 KB
16 KB 28ms
28ms Stylesheet
text/css 2600:9000:2359:ee00:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.css
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:ee00:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 875ca118023e8741e684a320e73b7f9af4e8eba6c88f1f7e8457f7c0cdda6efb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 01:25:22 GMT
x-amz-version-id: 5TtP6A3FvksKClCFN7X6r1PsSCc1hWlP
via: 1.1 fe1df26b55e8c12763613686df86f7f2.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2024 15:04:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 80234
etag: "de1b72e797664b9b2c2139e5ccb24844"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 15521
x-amz-cf-id: t2mOUVjLosvCuIkuY3mG3Xrn-0BURKuJc_8FXP3FCK6jCX7V3VdoDw==

GET
H2 200 launcher_configs Show response
external-api.jebbit.com/moments/v2/ 2 B
448 B 135ms
34ms XHR
application/json 3.66.24.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZ3d3cuZWxmY29zbWV0aWNzLmNvbSUyRm1vYmlsZS1hcHA=&completedLightboxCampaigns=W10=&jebbitCookies=

Requested by

Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.24.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-24-191.eu-central-1.compute.amazonaws.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 2
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options: noopen
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 200 baskets Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 3 KB
2 KB 513ms
513ms XHR
application/json 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11187/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

d654c40ca30621e0bbfb8c15e02f6165845be380ce2c87bec74070d94a610fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjljNWQ5Zjc4LWU3MzQtNDQ5Zi04NWZjLTUyMzc3YzdjMzAzOCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTUwMzg5MjQsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibXVrWnhiSktsWEVSeHJBWGxhWVlsYkpLOjpjaGlkOiAiLCJleHAiOjE3MTUwNDA3NTQsImlhdCI6MTcxNTAzODk1NCwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzNjM2NjI4ODY5MzQ1MjEyMCJ9.jAhJTPPa--Vu1-dKsw8FIHLLM_gwgpe3bO2ZByiEZhU8CRTGWMb_KHfPezgeqnbrP3LYeBATUdRAI5Q-1Y1uxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json
c_x-pwa-request: true
Referer: https://www.elfcosmetics.com/mobile-app
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
sfdc_customization: HOOK
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 0
x-yottaa-optimizations: ob/1000 si/36D18cae0e61-1714713947-4734947387 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-encoding: gzip
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1104
pragma: no-cache
etag: cb14c99f8cd137e742433c4cedd091ea0895a62297d0539e286b967c85d7d581
allow: OPTIONS,POST
content-type: application/json;charset=UTF-8
x-dw-resource-state: cb14c99f8cd137e742433c4cedd091ea0895a62297d0539e286b967c85d7d581
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics: 36218cae0e37/[479,477,-] 36D18cae0e61/[-,480.184]
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets
accept-ranges: bytes
cf-ray: 87fcd3e00b0c3668-FRA
x-dw-request-base-id: HVrPAOtqOWYBAAB_
x-amz-cf-id: -Ln2HT_l0ktFFZuBwlwswYDbj808vUMBNWySJb1TcI2hB5S5vW2d0w==
x-yottaa-os: 200
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
BLOB 200
OK 7b55076b-ddbf-416a-89d6-1522ecedc272
https://www.elfcosmetics.com/ 7 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.elfcosmetics.com/7b55076b-ddbf-416a-89d6-1522ecedc272
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b6bc1aaf438e1b7ca4df626c3ccbba4d73ac05b8ad1a31bb2b556da0bfaa0a7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 7329
Content-Type: application/javascript

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 181ms
52ms Image
text/plain 54.229.140.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?ex=&dt=397&pvt=n&cvars=%7B%223%22%3A%5B%22Page%20Type%22%2C%22content%22%5D%7D&cvarp=%7B%223%22%3A%5B%22Page%20Type%22%2C%22content%22%5D%7D&la=de-DE&uc=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dr=&dw=1600&dh=3158&ww=1600&wh=1200&sw=1600&sh=1200&uu=80753432-e3b6-adea-c369-f07d1baef87e&sn=1&hd=1715038955&v=14.10.0&pid=1926&pn=1&r=649477
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.140.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-140-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:35 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 5013978.js Show response
bat.bing.com/p/action/ 0
118 B 54ms
54ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5013978.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 06 May 2024 23:42:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC0E5DAF9FCE4B4F95E55037331D7A67 Ref B: FRA31EDGE0116 Ref C: 2024-05-06T23:42:35Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 70ms
70ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5013978&tm=gtm002&Ver=2&mid=dc01f544-1b3c-46a7-bafe-a99f0b4c59f8&sid=50b23a700c0211ef82686b181c45da98&vid=50b282f00c0211ef92ca99da198b04ca&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&p=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&r=&lt=3049&evt=pageLoad&sv=1&rn=868130

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 May 2024 23:42:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F844A3F65DA6426FAA14FE797A5AD71D Ref B: FRA31EDGE0116 Ref C: 2024-05-06T23:42:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/ 5 KB
6 KB 41ms
41ms Image
image/png 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
x-amz-version-id: null
cf-cache-status: HIT
age: 16477
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
content-length: 5378
last-modified: Mon, 06 May 2024 19:07:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 87fcd3e1dec69f2e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 2 KB
1 KB 43ms
42ms Image
image/svg+xml 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
age: 59053
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 May 2024 07:18:22 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
cf-ray: 87fcd3e1dec99f2e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 icon-noun-hearts-257768v2
elfcosmetics.a.bigcontent.io/v1/static/ 2 KB
1 KB 41ms
41ms Image
image/svg+xml 2606:4700:4400::6812:2a49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-hearts-257768v2?%24Desktop%24=&fmt=auto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2a49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ddc89ba3c2a29bf8b6a376737d491efdb8f9bcebc7c635639cda62390f45a06

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
age: 59053
x-amz-server-side-encryption: AES256
x-amp-cf-worker: true
edge-control: max-age=86400
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 May 2024 07:18:22 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=1800
cf-ray: 87fcd3e1deca9f2e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 main.MTIyYzc3NzllMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 431 KB
114 KB 40ms
40ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 88cbe75
date: Mon, 06 May 2024 23:42:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202404190410171063088BF0F537F07050
x-tt-trace-id: 00-2404190410171063088BF0F537F07050-5B187F2D2476A35E-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0133c6515e39a28bfbb8a2fef887c57addd08b576e294b9f1e3a5d605b1e6c5cfeb1aa94ec5ea9da9a684ae77bf666d1dc5eb5b775e4dd7602da91b74e38afa3c77dcc14d0f5985d2f26822554f4b7a51c58489c12842dd13143801215eaf23b24
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 116330

GET
H2 200 main.MTIyYzc3NzllMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 411 KB
109 KB 115ms
115ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMA.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a54234f412b9bfdc07fcbd75a6e3e22c0f89f89f861ea0e6e6a96c7048834c41

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 88cbe7a
date: Mon, 06 May 2024 23:42:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202404190410131DE13772B3A34BA51D41
x-tt-trace-id: 00-2404190410131DE13772B3A34BA51D41-361376A672B4AA91-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010d4da767d33d6127fe5a3f4dc8da0bc9657e348c540b6ab46cb35036f060093e9678958830b398af9b89652e049a991ed6ccd2d288d61fec7b4ed0128da86f793fb6221c323f85424e74704c5b521620c8b9889676f8a2a32c9bfd691b279078
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=7
content-length: 111376

GET
H2 200 ts
t.paypal.com/ 42 B
512 B 251ms
170ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715038955820&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 06 May 2024 23:42:36 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 33872f8e21c8f
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220030-FRA
pragma: no-cache
correlation-id: 33872f8e21c8f
traceparent: 00-000000000000000000033872f8e21c8f-76249e37652a3ba6-01
x-timer: S1715038956.912111,VS0,VE144
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 May 2024 23:42:35 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
635 B 108ms
50ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1715038955822&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 9409845694962801
content-length: 186
pin-unauth: dWlkPVpUZzVNV1ppTURjdE1tSmlNUzAwTkRVM0xUZ3lPVGN0WkRSa1l6QTJNbUZsWkdJMg
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 02bdd89d7886a32d3368c4efdc0dc84793c801fa
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
334 B 108ms
51ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%2206894ca3-51a2-465b-8af2-4fd995b87d5b%22%7D&tid=2615235625530&cb=1715038955824&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:35 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1816132491793253
content-length: 186
pin-unauth: dWlkPVlXTmpNbVpsT0dFdE5qazFOQzAwTURjd0xXRmxaV1V0WXpJME5UWTJOakJoWkRrMA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: e7285c2861f8b0c4b3ba79e0e56541fa8492424c
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 76ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&rl=&if=false&ts=1715038955837&sw=1600&sh=1200&v=2.9.155&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1715038955832.1477889249&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1715038955257&coo=false&eid=1715039127506_17150395212965&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1326, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 06 May 2024 23:42:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 jsp Show response
ut.rd.linksynergy.com/ 148 B
414 B 112ms
40ms Script
text/plain 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

4f48519787e3988ac06ce734f1a52681a49fce1e3b69ef0d97c70e63b629fcb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/plain; charset=utf-8
date: Mon, 06 May 2024 23:42:35 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148
x-samesite: secure

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/11187/static/img/flag-icons/ 9 KB
1 KB 35ms
35ms Image
image/svg+xml 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/11187/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/mobile-app
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:36 GMT
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P7
age: 441402
x-yottaa-optimizations: ob/1101 si/36D18cae0e61-1714588091-3626047601 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 742629
alt-svc: h3=":443"; ma=86400
content-length: 676
x-amz-meta-bundle: 11187
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 36218cae0e48/[2,-,1714597548660] 36D18cae0e61/[hit]
x-amz-cf-id: WkqdCi2IFH9cDE6Kh-s-cs7YWNIgLHLXcEa2kikGm2PTahISVzVTVA==

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 54ms
53ms Fetch
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22124.0.6367.118%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1715038956050
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:36 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://www.elfcosmetics.com
pinterest-version: 02bdd89d7886a32d3368c4efdc0dc84793c801fa
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 6509703003354819
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 runtime_6459738026535cda4232dc813c61447d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 224ms
31ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 03:41:58 GMT
content-encoding: br
age: 936038
x-guploader-uploadid: ABPtcPpqtuMq8K2n3FMEj-dm4631wWBT6lEvuEz_spUwSQe8dWxB9rrqTd31aGXnjNSTubV3NBk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
last-modified: Tue, 23 Apr 2024 14:37:31 GMT
server: UploadServer
etag: "09512239cb2a22728ca9f8608dfc2181"
x-goog-generation: 1713883050962681
x-goog-hash: crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1316
accept-ranges: bytes
content-type: text/javascript

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 55ms
55ms Image
text/plain 54.229.140.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=14.10.0&pid=1926&pn=1&sn=1&uu=80753432-e3b6-adea-c369-f07d1baef87e&dv=H4sIAAAAAAAAA6tWcnSKd4mMd8%2FJT0rMUXDOzyspys9RCEktLlGyUnKpzEvMzUxWiMxMzUlRcK0oSC3KTM1LTi1W0oHqQ4gpGAI1hCUWZSaWZObnAXkwJT755QqeeSWpeSATA%2FILSnOAikoqlWoB8S1cunwAAAA%3D&ct=2&r=064319
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.140.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-140-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:36 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H3 200 /
ct.pinterest.com/v3/ 35 B
0 59ms
58ms Fetch
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%2206894ca3-51a2-465b-8af2-4fd995b87d5b%22%7D&tid=2615235625530&cb=1715038956202&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVpUZzVNV1ppTURjdE1tSmlNUzAwTkRVM0xUZ3lPVGN0WkRSa1l6QTJNbUZsWkdJMg%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22124.0.6367.118%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 23:42:36 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://www.elfcosmetics.com
pinterest-version: 02bdd89d7886a32d3368c4efdc0dc84793c801fa
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
content-length: 35
x-pinterest-rid: 4489049268862390
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_c26a2.js Show response
analytics.tiktok.com/i18n/pixel/static/ 139 KB
37 KB 40ms
40ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c26a2.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 88cc0d7
date: Mon, 06 May 2024 23:42:36 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240419041015F071F549CC8498B8BDAB
x-tt-trace-id: 00-240419041015F071F549CC8498B8BDAB-7D783FD218F7477A-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010d4da767d33d6127fe5a3f4dc8da0bc9657e348c540b6ab46cb35036f060093e63b672d9965f44c84d9e2c66656dca1233a09c5493eb8b41b2fbecdd3f436f27b21c10c11a177f5746507d0baa79a2f4df195d965b52538042677153cf4e4524
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 37225

POST
H2 200 performance_interaction
analytics.tiktok.com/api/v2/ 0
700 B 152ms
152ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/performance_interaction
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 88cc127
date: Mon, 06 May 2024 23:42:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2405062342361BF5E7A7E3F09C2CBB5F-4031B2D22419143B-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=4, origin; dur=102
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202405062342361BF5E7A7E3F09C2CBB5F
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 102,2.20.179.90
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca7949fadda2916b4f582241b818f798d8c480245723a8c7a102f598f7cb69cb5981f17f66b9f155ec20e45ce8f1e51694e86a5f80ba5fa8a6bcc48771abf68fd23cca57f593224abc4b0e5a64307e8944a8
access-control-allow-headers: Authorization,*
expires: Mon, 06 May 2024 23:42:36 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
698 B 167ms
167ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 88cc130
date: Mon, 06 May 2024 23:42:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2405062342368AEA9CE29BE23AB1A0E9-61AD588A48188ACC-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
server-timing: inner; dur=31, cdn-cache; desc=MISS, edge; dur=3, origin; dur=123
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202405062342368AEA9CE29BE23AB1A0E9
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 123,2.20.179.90
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca7949fadda2916b4f582241b818f798d8c468193a2de573adfcec51b0d49bd41080a04d109af37208f8625002c4edf5560783fde73c546a68c449e444e8091c2c149fff5f56569252ba9aa2dac097ec27ae
access-control-allow-headers: Authorization,*
expires: Mon, 06 May 2024 23:42:36 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
840 B 153ms
153ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2282063d.88cc132
date: Mon, 06 May 2024 23:42:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24050623423612B82E29C22CBDBFB406-46A9B7A61F57428C-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time: 103,2.20.179.90
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=21, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024050623423612B82E29C22CBDBFB406
x-cache-remote: TCP_MISS from a23-48-200-211.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,23.48.200.211
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca79771227f7ce3f585d83f1dca03f8c4a912bf2154958b310256e5306cea9576337c7dbc0d04d7161c232855b3694461eab85e0835aa1095a6e1e2144be13536d7460e2bf220cc1b253ca08c00e8628f06693002b6da5a2a5b155825c45c88ce915
access-control-allow-headers: Authorization,*
expires: Mon, 06 May 2024 23:42:36 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
698 B 174ms
174ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 88cc133
date: Mon, 06 May 2024 23:42:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2405062342361A5449F2B462D5AAA7B0-34DB360408E64289-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
server-timing: inner; dur=39, cdn-cache; desc=MISS, edge; dur=4, origin; dur=129
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202405062342361A5449F2B462D5AAA7B0
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 129,2.20.179.90
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca7949fadda2916b4f582241b818f798d8c4253c29dee1ddc0494be5ddf1bafaf219ea51450a101fd4c2bc726eae9b54fc64cd3572d95b698eedcae08025316a6dbc6743e1fae2d340f1a322fad7aa5b33c3
access-control-allow-headers: Authorization,*
expires: Mon, 06 May 2024 23:42:36 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 132ms
26ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e1c036932c164
dc: ccg11-origin-www-1.paypal.com
content-length: 16355
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-0000000000000000000e1c036932c164-c24978595d3967ae-01
etag: "64f25363-daa8+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 07 May 2024 00:42:36 GMT

GET
H2 200 PWA-UpdateSession Show response
www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/ 56 B
1 KB 801ms
800ms XHR
application/json 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6

Request headers

c_x-pwa-request: true
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/mobile-app
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:37 GMT
content-encoding: gzip
via: 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P7
age: 0
x-yottaa-optimizations: ob/1000 si/36D18cae0e61-1714713947-4734947389 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
pragma: no-cache
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
x-yottaa-metrics: 36218cae0e38/[769,767,-] 36D18cae0e61/[-,769.794]
cf-ray: 87fcd3e69923364d-FRA
x-dw-request-base-id: HVrkAOxqOWYBAAB_
x-amz-cf-id: -SfDaXkD8FQNdfZp9g2zH6BZJ0j-W-uUhLVeoOGhdBXorWofRRaP1w==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 main-v2_e15248ef4ac8cdb300e79b7fe94d0d13.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 492 KB
107 KB 46ms
45ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_e15248ef4ac8cdb300e79b7fe94d0d13.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f6c4e7da5c49a940732283b16c8fecf9c8998324d88b48a4af21153742886f56

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 20:34:58 GMT
content-encoding: br
age: 11258
x-guploader-uploadid: ABPtcPp-hyda0cnIBhtjFYKEpoxfr-dEur663EC74CJvq92xFMp53iKxphQyabGQw57Wi9Q33Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109333
last-modified: Mon, 06 May 2024 20:34:50 GMT
server: UploadServer
etag: "a57b42ddb5c086c7c89bd71824c3abda"
x-goog-generation: 1715027690787313
x-goog-hash: crc32c=IZ3tNg==, md5=pXtC3bXAhsfIm9cYJMOr2g==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 109333
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 cjs_min_3a843477d8e318f67237a66d0a58c542.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 49 KB
16 KB 36ms
35ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:31:31 GMT
content-encoding: gzip
age: 576665
x-guploader-uploadid: ABPtcPq1Nhgt92MdffOVecYRv3QqxOF2y5ouABmXBKcD-6gVSiFx62R5vJTKF63_ANiqLm2cHJRiCrZVFQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15748
last-modified: Mon, 22 Apr 2024 20:59:52 GMT
server: UploadServer
etag: "1eb885454ea6bef1c9747800702959de"
x-goog-generation: 1713819592631797
x-goog-hash: crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15748
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 29ms
29ms Script
application/javascript 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:36 GMT
x-cdn: fastly
age: 2779
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 339ms
135ms XHR
application/json 34.149.117.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.117.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.117.149.34.bc.googleusercontent.com
Software: /
Resource Hash: cd3034c76f5ffbb9045fc7f68d6b1ce2749e66417f17c7142e1f3c30e4d6f0ef

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 06 May 2024 23:42:36 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 341ms
136ms XHR
application/json 34.95.120.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.72 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.120.95.34.bc.googleusercontent.com
Software: /
Resource Hash: d0949842faf7022686cdc10f6b3249267c7efb20c8043f708a11b4b3779f712f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 06 May 2024 23:42:36 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 463ms
135ms XHR
application/json 34.149.239.87
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.239.87 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 87.239.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 5930c52386428cfc5a608b256ce54b1688495c985d54500dce5b7cc18af7d01c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 06 May 2024 23:42:36 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H2 200 ct.html
ct.pinterest.com/ Frame 676E 0
0 106ms
53ms Document
text/html 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 23:42:36 GMT
pinterest-version: 02bdd89d7886a32d3368c4efdc0dc84793c801fa
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 3740741992880339

GET
H3 200 inbox-v2_02aca5df0e176b8810a86da97ac05424.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 17 KB
5 KB 29ms
29ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_02aca5df0e176b8810a86da97ac05424.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 03dbf9dc05fa84370cbdfb363a10855e9fd035a833cd83b67e14cdb975882bed

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 16:07:19 GMT
content-encoding: br
age: 632117
x-guploader-uploadid: ABPtcPrqA9beEJUSPQ9h9K1vHYgQDpe0HcdJfBV_rRR720gzxLpXkcOeLjHDy9qTIcq1siWDTuw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5089
last-modified: Mon, 29 Apr 2024 16:07:09 GMT
server: UploadServer
etag: "2a4c802d3ec2dfc292cc9bb15ef5f45d"
x-goog-generation: 1714406829637644
x-goog-hash: crc32c=PRHjLA==, md5=KkyALT7C38KSzJuxXvX0XQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 5089
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 sms-v2_e39203556bab2366e56296ce42e974a7.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
1 KB 32ms
31ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_e39203556bab2366e56296ce42e974a7.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 03:42:51 GMT
content-encoding: br
age: 935985
x-guploader-uploadid: ABPtcPpSqEOQPphjzoWjWS_U-D3_BnMCSrySobH7MkEIdxHOniaCafHdHF-qJ_MnoWY0W4oUZ4E
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1303
last-modified: Tue, 23 Apr 2024 14:37:33 GMT
server: UploadServer
etag: "684b816ff7fa85526ab4b729fb5f0c91"
x-goog-generation: 1713883053015461
x-goog-hash: crc32c=ikqFlg==, md5=aEuBb/f6hVJqtLcp+18MkQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1303
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 28ms
27ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:26:56 GMT
content-encoding: br
age: 576940
x-guploader-uploadid: ABPtcPrdBlcP_9OmgJyNteETY_rAwO3M4GOu-yunTy9ZcN-WQSbejJeG66uW57E_FtJv2rM-GQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5003
last-modified: Mon, 29 Apr 2024 16:07:17 GMT
server: UploadServer
etag: "7ff99b6f1cea743cef749de91009e764"
x-goog-generation: 1714406837056150
x-goog-hash: crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 5003
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 index.html
www.paypalobjects.com/muse/analytics/ Frame A892 0
0 107ms
27ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16754
content-type: text/html
date: Mon, 06 May 2024 23:42:36 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc+gzip"
expires: Tue, 07 May 2024 00:42:36 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: 993dc950f6c83
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000993dc950f6c83-92bfe9044c0d5723-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H3 200 jquery-3.7.1.min.js Show response
assets.bounceexchange.com/assets/bounce/ 85 KB
30 KB 28ms
28ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 20:34:59 GMT
content-encoding: br
age: 11257
x-guploader-uploadid: ABPtcPpi6NtZ6rzm-K7G_cKESMwcIy5MrByFqT2C4V2DNcz7PVOtGG7wh2H2NsuSQcoS7E5p08F1NkrHlw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31011
last-modified: Mon, 06 May 2024 20:34:30 GMT
server: UploadServer
etag: W/"2c872dbe60f4ba70fb85356113d8b35e"
vary: Accept-Encoding
x-goog-generation: 1715027670000061
x-goog-hash: crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 87533
accept-ranges: none
content-type: text/javascript; charset=UTF-8

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
839 B 240ms
239ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: ccd9bf0.88cc2aa
date: Mon, 06 May 2024 23:42:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2405062342368D4E60FA201D6EAFB336-69E13B38231D08BB-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time: 198,2.20.179.90
server-timing: cdn-cache; desc=MISS, edge; dur=113, origin; dur=90, inner; dur=86
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202405062342368D4E60FA201D6EAFB336
x-cache-remote: TCP_MISS from a23-222-0-202.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 90,23.222.0.202
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca79efa7db1c1963138724069c42ff4c171397845dfe36c7b8a3d58c291e876875f11942f398b3c91863ccfab09867089ac38726ceb74cf2a44f85aacd8286ce4f812459f9288e7a548e71d52a01d0c7da2a03a642111459a6974e879465a6de9549
access-control-allow-headers: Authorization,*
expires: Mon, 06 May 2024 23:42:36 GMT

GET
H2 200 local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 38DC 0
0 74ms
25ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 936039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 938
content-type: text/html; charset=UTF-8
date: Fri, 26 Apr 2024 03:41:57 GMT
etag: W/"fc893948c3efc689b5b19d8a77958e23"
last-modified: Tue, 23 Apr 2024 14:37:03 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1713883023838131
x-goog-hash: crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2408
x-guploader-uploadid: ABPtcPoKJrg0QhQay5iykZuBo_z5Dp5Bf-J607gd8va_ed6xpEqLjDGMNYh8SU3f_QvY0XR83RsDjXS7Ng

POST
H2 200 exist Show response
srm.ba.contentsquare.net/ 2 B
94 B 172ms
53ms Fetch
application/json 34.246.105.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srm.ba.contentsquare.net/exist?v=14.10.0&pid=1926&pn=1&sn=1&uu=80753432-e3b6-adea-c369-f07d1baef87e
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.105.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-105-29.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 May 2024 23:42:36 GMT
content-length: 2
content-type: application/json

GET
H2 200 ts
t.paypal.com/ 42 B
211 B 184ms
183ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715038956932&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 06 May 2024 23:42:37 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 055a01eee0cb6
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220030-FRA
pragma: no-cache
correlation-id: 055a01eee0cb6
traceparent: 00-0000000000000000000055a01eee0cb6-6dee4095c65e6534-01
x-timer: S1715038957.944437,VS0,VE158
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 May 2024 23:42:37 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/11187/static/img/flag-icons/ 9 KB
0 0ms
0ms Image
image/svg+xml 140.174.14.97
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/11187/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.97 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/mobile-app
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:36 GMT
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P7
age: 441402
x-yottaa-optimizations: ob/1101 si/36D18cae0e61-1714588091-3626047601 tts/1710864117856 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 742629
alt-svc: h3=":443"; ma=86400
content-length: 676
x-amz-meta-bundle: 11187
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 36218cae0e48/[2,-,1714597548660] 36D18cae0e61/[hit]
x-amz-cf-id: WkqdCi2IFH9cDE6Kh-s-cs7YWNIgLHLXcEa2kikGm2PTahISVzVTVA==

GET
H2 200 c Show response
ids.cdnwidget.com/ 61 B
235 B 200ms
137ms XHR
application/json 2600:1901:0:56e0::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=057211186&GCS2=MTcyLjE3LjAuNiwxMC4xMjguMC4xNjMsMjAwMToxYjYwOjEwMTA6MjoxMDExOmRiMTQ6YzYyNjo4OGNl&pe=false&wsid=4142&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A4142%2C%22loadID%22%3A%22PgI19CI3vWI1XbA%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A3%2C%22IDStageStart%22%3A3%2C%22netComplete%22%3A158%2C%22obsReqdata%22%3A351%2C%22obsReqpage%22%3A352%2C%22obsReqview%22%3A469%2C%22IDStagePrefire%22%3A469%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A2%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%22304478852365761809%22%2C%22visitid%22%3A%221715038956943709%22%7D
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:56e0:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:37 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61

GET
H2 451 458359.gif
idsync.rlcdn.com/ 0
98 B 110ms
33ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458359.gif?partner_uid=bfc69d4a-973d-4f0e-b5ae-7597f0196dde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
341 B 151ms
46ms Script
text/html 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=923&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHZ8BWABgGYAOAThMMKv02AC8QoBafAJjMwDuAUwBGOVMCEB9VABMoAFnwKemAE5CcIADZw0GAgDYyZAB68T6oTCFqNaqNgCG27agQBzKXDXaoAC2BgAAccAFIKAEEwngAxGNiBJIA6IW0YJBAcAFshNCQcZMzshOyQEVRtIU4nYODMADdUcWApTJAAa1QhKDDCACEYnm1goYjonh5AkPCeEiiYkjjFuKSBVPTMnLzUAqKQErm4soqqmrqxngBhIbUxhcnLm8mhU3vIolIyBTJCEkNiAo+gARbAgTrdXoDIayOTvIYUb4KRhUJYUQz0Qz4KhkGhPIZNWTvT7kah0Qw0BQUQi4mLPHgNeHQybaEAeDxCWQyBDvGAuHBCOlDIQNWxSVnsznc3n8wXXIZIJxqVoAR2AAE93mQhZNFcqpA0XHA5Txxtr5ZMcHARNkJJIuRgWibxnztAKdcM2Ryue4ZLIhAg0DBukTHlFXe6LTw9a0BcAZW65fSYwn3YRgR7ZB5Yqg1DhgAAZEBOUOmqLANTGkGNJU4ADaEu93IAurBZTW83WRWLG1L3K2I0IO-WY1I1erW-xDZ3R4bdEJJ8O68E1CAuSvdgu24mlyu11IEE5cgP29P6778yAkB0Tzuz3WrTa7VLHRIt4Ol+0utIyrIXFIV00ANgFvAUl17H0ED9YDUGDTlQKHe9RzjBDd1kYIpBwDo4FQpClRA7cwPvQCGkw7DcP9GA61nI0tynSiGy9PsoLkGC4NkCjrGo-DMLyVCv26KRQBAcUlQ5QihxEYIoH4PJpLrAAiGMFIAGiUpxJA8EA1HVVSlP8IRrxAPQ9P8A4hD0vdZDgFA9IFJUkH8BTm0wYJgDwMFsmCNwnGQaQYG0JwPEcBp-CcKAgA
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date: Mon, 06 May 2024 23:42:37 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 8
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 205ms
139ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520DE&cookieID=&deviceID=&BXWID=4142&warpspeed=2%5EHIykD&loadID=PgI19CI3vWI1XbA&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:42:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 10 KB
4 KB 107ms
23ms Script
application/javascript 108.138.26.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:21:43 GMT
content-encoding: gzip
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
last-modified: Tue, 23 Apr 2024 14:51:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1255
x-amz-server-side-encryption: AES256
etag: W/"73ca6f23f3e08738233832c7a7a0c30c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: hawDfa2f_q1jaJ8VmR7qfiE57RQUtAzwTgRw1jfkMRBkRQLDqLS9Xw==

GET
H2 200 company_toolkit.js Show response
cdn-scripts.signifyd.com/api/ 4 KB
2 KB 22ms
22ms Script
application/javascript 108.138.26.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 23:29:05 GMT
content-encoding: gzip
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
last-modified: Tue, 30 May 2023 10:18:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 813
x-amz-server-side-encryption: AES256
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: m7f-dXQDLxiPcpBHsTF2S18HXpkmT_v0hq8CokmwQHOyDvlNj7yLCQ==

GET
H/1.1 200
OK namobxw7aw9jax7r.js Show response
imgs.signifyd.com/ 96 KB
14 KB 148ms
47ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/namobxw7aw9jax7r.js?m6wwtr7q9p260x4d=w2txo5aa&5fpo2mvg3pu33a8c=LzExYTdhZTMzNTkzYTdiMzkxYzViNzk1MDM3

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobile-app

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

38f72d493436f19a68b66f8243f4626face699088f1d6df562ec77e89aab0e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 23:42:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 0ZdSesE75aiQrGBs Show response
imgs.signifyd.com/ Frame A42C 278 KB
47 KB 53ms
53ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/0ZdSesE75aiQrGBs?42a7ac11c6790e1d=6IxDxeZ-yzqxdsmdyFhX5J8UkhVoMAXezIadoTTvGpZR1HF9fSOYKkIASFu2E_8hmbzyWE3KGlsBc4Mzcutc-9aJIXt7zNiEZ9IXA3Sti3TySopDX_GUG3N1efItpBpJH_hGYtxBlKb_hOF1PuED6NwVs8VemdNRCGu25-x2c-7TrDLry2kYTE5ldPv7RJIGoFUZt2NHbGA6JGnp&jb=3d33262e62736f7d375761646e6f7d792e6a7367355d63666c65757b2f383a31392662716a7f3d4b60726f656f266279683d49627a6f6d6d2d383a393a3e

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/namobxw7aw9jax7r.js?m6wwtr7q9p260x4d=w2txo5aa&5fpo2mvg3pu33a8c=LzExYTdhZTMzNTkzYTdiMzkxYzViNzk1MDM3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

3e4e8da745390c20ff50b50d449bd382b82bad269bb595e27f07316e22c41265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 23:42:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 8dddfb109aab1974
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK UH7JB6N-Bj7waKdO
imgs.signifyd.com/ Frame A42C 81 B
475 B 109ms
35ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/UH7JB6N-Bj7waKdO?695103664cd0634a=N6MDbp3mFCk7oEuEde_OJ2Hv8djpqhK0q3P7kuO42KF-wW6QrT9vSNZ16xcuJ46adFHUM_QWElD5WmgT2IpJayduO4GCCsUTtA-dFFUirvMNoNB4LOdGtPJnbA2ld_b3EQjkdxNYsyLn8ffWXZ1Li-bwGhAOmJnWgk0SR7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 06 May 2024 23:42:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK GPrxvpKf0pl2QROl
imgs.signifyd.com/ Frame A42C 81 B
475 B 112ms
36ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/GPrxvpKf0pl2QROl?b46648b60a82f50b=CzvXtMVQX6dIkVBrbvX-xzke0_U9n9cMbSvkkwlnCLc44XL0Qhxhaj06IMlo26irGuuebvkccSlsMubRlQ3lV9gIO-w87sr99AX4I4ocV57w-IpA-bbjZri9lAR97xEwNkQOTvJAvpIvpIAk2Iwcy4kdXesbRvV-G_CriZE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 06 May 2024 23:42:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
imgs.signifyd.com/fp/ Frame A42C 81 B
536 B 128ms
42ms XHR
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/0ZdSesE75aiQrGBs?42a7ac11c6790e1d=6IxDxeZ-yzqxdsmdyFhX5J8UkhVoMAXezIadoTTvGpZR1HF9fSOYKkIASFu2E_8hmbzyWE3KGlsBc4Mzcutc-9aJIXt7zNiEZ9IXA3Sti3TySopDX_GUG3N1efItpBpJH_hGYtxBlKb_hOF1PuED6NwVs8VemdNRCGu25-x2c-7TrDLry2kYTE5ldPv7RJIGoFUZt2NHbGA6JGnp&jb=3d33262e62736f7d375761646e6f7d792e6a7367355d63666c65757b2f383a31392662716a7f3d4b60726f656f266279683d49627a6f6d6d2d383a393a3e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: */*, w2txo5aa/8dddfb109aab1974lzexytdhztmzntkzytdimzkxyzvinzk1mdm3
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 23:42:38 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 May 2024 23:42:38 GMT
Server: Apache
Etag: f50037af68404e8b8cef2c7cd42c1137
Content-Type: image/png
Access-Control-Allow-Origin: https://www.elfcosmetics.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 05 May 2029 23:42:38 GMT

GET
H/1.1 200
OK lZisQjjHN0E8rIiw
imgs.signifyd.com/ Frame 62D4 0
0 110ms
39ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/lZisQjjHN0E8rIiw?1165311f24d4f626=LpAxzbSh78jLKNdNZWu7KkllNVALwPogiZdGPL0oV0kZMalIdn8bT7HKPWmfbcmZkEPDAMGW5hcW_WERA9prh4WBLBmYJtZk8SkUwJqTTyZ5vDrAecXSs6FyeBZoNEpbcYQQLOIJsITSeevNYsG9eqq98Fga3ZcxbaszyzvaRtydmjp9pjvhdYYx3h3SfZAzjbdfpzvv4iIeTaIeCt4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 06 May 2024 23:42:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content sGyTmRELr6uhICUq Show response
imgs.signifyd.com/ Frame A42C 0
387 B 36ms
35ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 06 May 2024 23:42:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK yzV1s7t4b-7ynsKc
h.online-metrix.net/ Frame 69EB 0
0 122ms
39ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/yzV1s7t4b-7ynsKc?d738cb355a824ea0=Mw7WFTctvxn1Ff4v_P1G9KxFZfNUZiO-fSv5fxznGK5cDL5IV6xkFblpyhivu2VGUdauRhP7rRnVXtJ2NMgiOfsHYRoQdg7qZxsLz7Mnrij8b-hEfC-6XS9UudOfdRhIj1cgBb44OHYATQoQd6xFKBv1HYiHtwnDeTUNVbCaokGQt2yDoVwaK7EqCRAwJxr4jH2usJCFQdIOmpl_RyWH

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 06 May 2024 23:42:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK pPJ-AxVzj_DKRPmH
imgs.signifyd.com/ Frame 6885 0
0 108ms
37ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/pPJ-AxVzj_DKRPmH?65225978803bbc92=PaNQn1chDaa0BHG5MAzNhdaCug-yVkNETxFTuIQnjhIze2jNqr0VcPx36K1rkEUjj9U2heh-5r7vFiiD3C6K44VhxtqUz5hCk6LyP8qs4IJvS3rxNw3xLRbo_MpeNZxDd9_g88ef-oPUJeyb-g94HsoUtDYIhyvRmzpdGnzq-rsHL7vlAlk91JTNCHTmOh3vbr8OBKgJL6L9JB-I0yD_

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 06 May 2024 23:42:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 sGyTmRELr6uhICUq Show response
imgs.signifyd.com/ Frame A42C 0
218 B 37ms
35ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/sGyTmRELr6uhICUq?909ffbb1aa8d62d7=CdSKec7eoXhGTLCFfMibTln40Wcs93e-RlJ-IgFpfo3_NdMzTeNUnGSL3mBzkYEe6YE57l0FH84ortTWJINHbBqMw_RbJ8amp7-NMNjwFn9Pgt9OihQOjAuNCJm2xQyDuDt6Sb0C7z1LHPCRIsghwnZeAAk&ja=3933393f2e2663353c302e7037363a2c6e3d313e383a72393a3a322e6b6c37313e30387a393830382e7378713735393a72353b3a2e64707a353b26393e3a32243b383a3024313e323826313a38302c393c3038263b323a3a2431363838263b3a383a2e3d3b3a263539302e6f7c37323f6e35316c39313c336f36686c3a30396a3e3c686c3b32356a3a6b6c336b342e6f6637322e7b63643538342e66623d627e7c70732d3b4b2f3a4e2f304e7d7d7d2e6d6c6e6167796d6d7c69637b246367672f324c67676269646d276b78782c7264373f2c70603d6d3a3838646e6935353d3b393b6c3e65686f3039393b6d683e69313330313a6e2c68603d6e313b39346b6c36363c686439396c353c3d38303538383e383c3d68633b3b382c6a7b6f3555616464677f73253a3a31392c607368374b687267656f2f3a383b303c2c60796f7d3d5f6b666e6f7f7b266a7b68753549627265676d266e606b373b3a2e64666537322c6e6574783f382c74726c3d457d786f786f2f324c486d726c61662c67697c6270353e3a3a336c316b306a6f63383a65366b69353e3a3a38386b6c31353d3c3a3b6e6c3e3730323b3e316c366d636938346c6b3934696c626c3d38333b39393936692e6e7835607e7678792f39412d324e273a4c777f7f2e65646c63677967657e636b732e6b67672f3a4e676d6a63666f2d69707824783770647d6769665566646b79682f3f4d6661647b6f2b78647f656164557d69666467757b556d6d6c6961577a6c69736f722f3f4d6661647b6f2b78647f656164556b6467626d5d696972676a61742d3f456e6b66736f2b786c756f616455797d6361637e6367652d354d646966736d29706c7d6d696655796865696377617e6d2f3f4d6e6b6e7b6f2b7a6c7d67616c5778656964706c6973657a2f3f456c6b6473652978667f6f61645d7e66695570646171677a2f354d6e616c7b6f2178667f6763645764657e69667c7a2d3f476e6b667965297064776f636e577b7667577c696d7d6f722f3f4d6661647b6f2b78647f6561645560617e612d374d6c61647b65266f665f6b377d65686d6457656a4f462f3a383b2c382f383a2847706d6c4f46253a3845532d38303a243a25383a4b68726765637f65215d676a4d462f3238474451442f32384d53253a3a31263a2f323a22477065664f462f3a384f512d383a4d4c5b4c2d30384f532d3a3031263a253a3a4968786565697565215d6f6a4363765f6f6841697c253a325f6f624f44414e4f4645576364737e6b6663656c576b787a6973712d39482f323845505657686c6d66645f65636e656b722539482d32304d505e556b64637257696564747a6f64273b48253a3845585c55636766657255687d66666d7a556269646c5d6e66656b742d334a273a3a45505c5f646d7a746055696c6b677825334a2d383a4d505e5d6e66656b7457626467666e253b4a2532384f585c556c726b6d576465787c622f3b4a2f30384f525e5f786f647b6f656e576766667b6f7457696661677a2d33422d3a3a4f505c5571606b6e6f7257746d7a7c7f726d576c6f6c2f334a2f38304f525c5f746d707e7f7a6d556167677a78657b73616d665562787c63253b48253a3a4f585e557c65787c7d786f576b656f78786f7973616f665d7a6d746b2d33422d38304d525e5f7e6f7074757a6d556c61647e677a556b64697b6f7c70677a696b2d33422d38304d525e5f7e6f7074757a6d5567617a786d7a55696661657057766755656c6f65253b48253a3a4f585e557b52474a2d39482d3a3a4d4d59556f6c6d6d6d6c7c5569666c6578577f69667e2f33482f3a304f4d5b556c6a6755706d646e6f72576d6172656b702d3b42253a3a4f4d5955737e6b6664617a6c556e6d7a6374697e637c657b253b402d3830474d535f7c6f787c7f7865556c646f617c2d39482d3a3a4d4d59557e6570747d706d556664676174576669666f6b722f394a253238474f59577c6f7a7c7f786f5f60616464576c6c676974253b48253a3a454559557c65787c7d786f57606b6e6e556c666f6974576e616465697a25334a2f3238454f53557c6d72746d70556b7a7a6b7b57656860656b742d314a2f32385f45424f465f6b65666f78556a75666e6d78556e6465637c2f3948253a305f474a4d4c576b6f6d7878657b796f64557e6d78747d7a6f55697b7e612d39482f3238574d404f465f6b676d707a6f737b6f6e5f7e6f7074757a6d556f7c6b2f314a2f383a574d424f4e57696f657872657b79656c557e65727e7d7265576d7e69392d39402d383a5d454a47445d6b656d787a65737b6f64577e6f787e7f7a655f7b3b7e692d3b48273a3a5d4f424f4c57616767707a6d73736d6e5f7c6f72747f786d5f733b7c69557b7a6d602d39482f3238574d404f465f6c6d62756f55726d646e65786f7a5f69666e652f3b4a2f30385d4f4847445f6c676a7f67577b68616c6f727b2f39422f383857454a4f46556c6d7a7660557e6f787c757a672d39422d3a30574d484744556e726b7d5762756e6e6f787b2d39402d383a5d454a47445d6465736d57636f667e65707e2f33482f3a30574d4a4d4657657f6e7c63556e7269772d314a2f32385f45424f465f786566796d65665f6d676c6f3b3e2e6d6e57623732366e336b3a3c6b383f396234306f616c323e36336b6c34613f6a3f693e383260306b6e3f3539362e756f667635416e746d66253a3a436e69242e7767647a3743667c6f6e2d383a437261732d303845706d66474c2d38304d646d69646f2e63636c3538&jb=393f302e64713d45657a616666612f384e352e382d383a205f636c6c657d79253a3046562d383039382e302d39422d383a5763643e34253b4a2f3838703c36212f383a41787064675f6f62436174253a4c353b3d24333c2f3a302843405e47442d38412d383a666963652d30384d656b636f292d38304b62786f676f2d3246393a3e2438263a2c382f383a5369666970612f324e3d3337263936

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 23:42:38 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK Q-LWBNWV-4OnpYjH
w2txo5aacuw7nl6ak3qbkgkyq7u2af7h22mkgjtc8dddfb109aab1974am1.e.aa.online-metrix.net/ Frame A42C 81 B
438 B 338ms
35ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w2txo5aacuw7nl6ak3qbkgkyq7u2af7h22mkgjtc8dddfb109aab1974am1.e.aa.online-metrix.net/Q-LWBNWV-4OnpYjH?7def8358ee5109bd=BTe7F0eM6m1XNiuK0sNZBt_MzYerQirozLTEBP7EWrOL5lL1W5Oo8ITvxCSw06ApCNlX7AmUYEx_M-bYBG1NEpmYwAIKOq9shghpgpl6j2jKxKq73Sv_AS_oBRrcbVBTzDehDlFsLgPm1aK6jaTCz0vHIsVkGpFAf--1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 06 May 2024 23:42:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 FOrZfpPV5dorO0Pl Show response
imgs.signifyd.com/ Frame A42C 0
218 B 36ms
35ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/FOrZfpPV5dorO0Pl?9c7357e89e9a0c63=R9tGrceUnWaj2TzwzWhOdNwj7Ihuu1DuKh8KpxO7uSCd3_oBraWBtIzo6LsDmi19oOXeIPMpZdhnIElrkeHnslyJ51nBGyu0vCWi_upnHFsI6znqi973DaLqHIiBdIh_ogb5GSaUqt_gIfJYEXAfX7FLCycPvdvZzI6eOD81TnkTfr1i6pb9vv08bdKHF0bmBR8IZeeuhZ3_pZbNiD8&jac=1&je=303e262e6565646037283b2f38433b2f3a43332d3a493d6c3839603068686e326c383b336c39656b6c3335303861316c3c323f6e3c33373c3d6b6e6e3f39306a6e6e3a346c626b636c6c386e3a6262303331383b6c3423

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 23:42:38 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 BdelcqxIUf5LNTf7
imgs.signifyd.com/ Frame A42C 0
400 B 38ms
38ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/BdelcqxIUf5LNTf7?bc24766697cf484b=bccRMeSA-73WWveT90x-qRYwSudBnWv5G0mxVQbHRXkgPo9tY3dSxZRBgDUJlDPvtxEEA9VRWYmgaWKScupnDS_4wWmCggt-TTWAh0Lea1PUjBfAb-wlmGSRpNaekk-E6IHhWMJnfnq5sTsrmEqvchyaf2h0rl7CjYtCBAf3uX1f_PS7Y-67HJAF93sk9VVG0qI05IZVBMPgo_qiaT8&jf=3c3b342e7b696457786e6c377e64785547484769637c3e435c733230726062492e736166576e617c6d3d313f3b35383932393f322e73696c577e73786d37756d68306f636c7369247b6364576365793539303d3339303b393836303f3a6b323e3c32616d396e3a3238313834383232693036343069653b6e3a333a3b3837303b3c383a38383e666c3e683a653a666c643e3c326c6e33353b33626b3839626c693c38316c38393e30313a303f383a6f623d343f33383a626e3e63643a38623b3269323a6f6c61336d3a333e3c3839336c3f6e3a316c623e63313964693f37626b38353e6f32653b6f3836316c3a6b3d3e303a66393b323b386c616e613c6c32393c39303f68362e796364557961673d3b383e3e383a38323b3a6e3d3731323c606d3339306b34396b38313b6f68653c693a37373c393b3e30303d3638323c6e3939343c303e3c333a3837306d68393f3f6f66326e316635383a383a3f3939646c3f3b6c383c66303a3833366c3161663039643e696f356b6e3e663330306933306b68313e6f3c3a3269636c633b3c663d3f32383c38386b386e646c2c7b69667a353a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 06 May 2024 23:42:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sGyTmRELr6uhICUq Show response
imgs.signifyd.com/ Frame A42C 0
387 B 35ms
35ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 06 May 2024 23:42:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 65 B
204 B 292ms
291ms XHR
text/plain 34.49.124.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4510v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=1661713206.1715038955&ecid=181697344&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&sst.rnd=153471037.1715038954&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&sid=1715038955&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&dt=Discover%20and%20Shop%20e.l.f%20Cosmetics%20Mobile%20App%20%7C%20e.l.f.%20Cosmetics&_s=4&tfd=8888&richsstsse

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 May 2024 23:42:40 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/

Domain: pixel.pointmediatracker.com
URL: https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=b4cee998-f868-4b23-adda-21fb78fe7c40&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=289542515

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elfcosmetics.com/	1969-12-31 23:59:59	Name: pxcts Value: 4ea5cf74-0c02-11ef-9d50-ffcf99267794
.elfcosmetics.com/	1970-01-21 05:09:34	Name: _pxvid Value: 4ea5bba4-0c02-11ef-9d50-9ca69ea027c4
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: initAuthComplete Value: true
.elfcosmetics.com/	1970-01-21 05:59:58	Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Value: %7B%22g%22%3A%222a5e4fdd-e178-404a-c1b0-ea156940c293%22%2C%22e%22%3A1715040753175%2C%22c%22%3A1715038953175%2C%22l%22%3A1715038953175%7D
.elfcosmetics.com/	1970-01-21 05:59:58	Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Value: %7B%22g%22%3A%222141e513-7e87-3c6d-87bb-d7b012856bd7%22%2C%22c%22%3A1715038953177%2C%22l%22%3A1715038953177%7D
.elfcosmetics.com/	1970-01-20 20:23:59	Name: _px3 Value: cdbe38f0643b31e4b07155b5cb76e7fd22538c9b0d9722e0f9fac105362e5e29:K7F7Uzh7kE4G521JfHzSdUqCTzRCXOkVg2se8dRi+oMEq35UdWR1gf2fXb+8Vbwp8+DRA5FIW8JDj4PhXFFxng==:1000:AiLmAnBnu3Pa6olprBf3DKN6IXd5QhegmOo51PB9CnQbUMTM8gAttlOYtAiO0mks1629L9p2umMrc/T1Ed42fmnsBz2aLkhKNBVUC5RFW93x85gd74deRtiG0YnSUvSdGAfgOGiDJCl2yCbBdfXo2x1bmWH1j7HIiGZzhyRzOJNFIcllhXDDTyeB4G4evD84Eb+SpMW16KVDJ+ZmGHH/XBGsGGzC+RBhXEZEAxJVMDQ=
.elfcosmetics.com/	1970-01-20 21:07:10	Name: _dyjsession Value: l2ret03h1nabzuyhz13nujfldnlhs8yq
.elfcosmetics.com/	1969-12-31 23:59:59	Name: dy_fs_page Value: www.elfcosmetics.com%2Fmobile-app
.elfcosmetics.com/	1970-01-20 21:07:10	Name: _dy_csc_ses Value: l2ret03h1nabzuyhz13nujfldnlhs8yq
.elfcosmetics.com/	1970-01-20 21:07:10	Name: _dy_c_exps Value:
.elfcosmetics.com/	1970-01-20 22:33:34	Name: _gcl_au Value: 1.1.533735745.1715038954
.dynamicyield.com/	1970-01-21 05:09:34	Name: DYID Value: -3625397444915139863
.elfcosmetics.com/	1970-01-20 21:07:10	Name: _dycnst Value: dg
.elfcosmetics.com/	1970-01-20 21:07:10	Name: _dyid Value: -3625397444915139863
.elfcosmetics.com/	1970-01-20 21:07:10	Name: _dycst Value: dk.w.c.ws.fst.
.elfcosmetics.com/	1970-01-20 21:07:10	Name: _dy_geo Value: DE.EU.DE_.DE__
.elfcosmetics.com/	1970-01-20 21:07:10	Name: _dy_df_geo Value: Germany..
.elfcosmetics.com/	1970-01-20 21:07:10	Name: _dy_toffset Value: -1
.elfcosmetics.com/	1970-01-21 05:09:34	Name: _dy_soct Value: 647796.1248068.1715038954.l2ret03h1nabzuyhz13nujfldnlhs8yq836603.1652212.1715038954837245.1654610.1715038954*861617.1750272.1715038954
.elfcosmetics.com/	1970-01-21 05:59:58	Name: _ga Value: GA1.2.1191126275.1715038954
.elfcosmetics.com/	1970-01-20 20:25:25	Name: _gid Value: GA1.2.451730125.1715038954
.elfcosmetics.com/	1970-01-20 20:23:59	Name: _gat_UA-432816-1 Value: 1
.doubleclick.net/	1970-01-20 20:23:59	Name: test_cookie Value: CheckForPermission
www.elfcosmetics.com/	1970-01-20 20:34:03	Name: FPC Value: b4cee998-f868-4b23-adda-21fb78fe7c40
.adnxs.com/	1970-01-20 22:33:34	Name: XANDR_PANID Value: OnRuAe54LD5zlGs4r1Vu5KDqguY13JGlxF3xiu6CoO-Ft__szHDO7KNYpwx3d46sMAOh7O3TmgLjeskcGIeFicBR-VI5KGJbdXA7J9aqlqo.
.adnxs.com/	1970-01-21 05:59:58	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 22:33:34	Name: uuid2 Value: 5589730499228174337
.adnxs.com/	1970-01-20 22:33:34	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E>5u%)P_!]tbP6j2F-XstGt!@Dp/$uOCP
.elfcosmetics.com/	1970-01-21 05:09:34	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+May+07+2024+01%3A42%3A34+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202306.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c21c55f1-523f-4a56-97e3-9778ead578bc&interactionCount=0&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2Fmobile-app&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: scapi Value: prd:9c5d9f78-e734-449f-85fc-52377c7c3038:eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjljNWQ5Zjc4LWU3MzQtNDQ5Zi04NWZjLTUyMzc3YzdjMzAzOCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTUwMzg5MjQsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibXVrWnhiSktsWEVSeHJBWGxhWVlsYkpLOjpjaGlkOiAiLCJleHAiOjE3MTUwNDA3NTQsImlhdCI6MTcxNTAzODk1NCwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzNjM2NjI4ODY5MzQ1MjEyMCJ9.jAhJTPPa--Vu1-dKsw8FIHLLM_gwgpe3bO2ZByiEZhU8CRTGWMb_KHfPezgeqnbrP3LYeBATUdRAI5Q-1Y1uxg
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: 6jFnQrUFnb5ReciwN0Y1A5YfrzQ194gCMCqjn6GDTQ__cX9xkXGe4zcZgGnAmYJpL-3h6TWeznGA-4Q88CbF3g==
www.elfcosmetics.com/	1970-01-21 00:43:10	Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92 Value: abmukZxbJKlXERxrAXlaYYlbJK
.elfcosmetics.com/	1970-01-20 22:33:34	Name: _rdt_uuid Value: 1715038955097.95ec1378-8432-4c48-935b-d0955c4b5693
.tiktok.com/	1970-01-21 05:45:34	Name: _ttp Value: 2g7Bu9RRrfc5tUuRLzmLosbxbON
.elfcosmetics.com/	1970-01-20 21:07:10	Name: rmStore Value: dmid:9097
.elfcosmetics.com/	1970-01-21 05:53:22	Name: _cs_c Value: 0
.elfcosmetics.com/	1970-01-21 05:53:22	Name: _cs_id Value: 80753432-e3b6-adea-c369-f07d1baef87e.1715038955.1.1715038955.1715038955.1558384338.1749202955495.1
.elfcosmetics.com/	1970-01-20 20:25:25	Name: _uetsid Value: 50b23a700c0211ef82686b181c45da98
.elfcosmetics.com/	1970-01-21 05:45:34	Name: _uetvid Value: 50b282f00c0211ef92ca99da198b04ca
.bing.com/	1970-01-21 05:45:34	Name: MUID Value: 15722D9E76B66A5B12E739E9771A6B43
.elfcosmetics.com/	1970-01-21 05:09:34	Name: hero-session-efcf9631-4c6b-4874-9f76-51f71464249a Value: author=client&expires=1746574955815&visitor=a35316db-878e-49ed-8d0f-c772018f719c
.elfcosmetics.com/	1970-01-20 22:33:34	Name: _fbp Value: fb.1.1715038955832.1477889249
.linksynergy.com/	1970-01-21 05:09:34	Name: rmuid Value: bfc69d4a-973d-4f0e-b5ae-7597f0196dde
.pinterest.com/	1970-01-21 05:09:34	Name: ar_debug Value: 1
.elfcosmetics.com/	1970-01-21 05:09:34	Name: _pin_unauth Value: dWlkPVpUZzVNV1ppTURjdE1tSmlNUzAwTkRVM0xUZ3lPVGN0WkRSa1l6QTJNbUZsWkdJMg
.ct.pinterest.com/	1970-01-21 05:09:34	Name: _pinterest_ct_ua Value: "TWc9PSZMR0E0RmpQWnBzQS9qZVNZMG1YS25pbi9vT2NQeGFPV3hSNHZOUjlpNEpad1UrYXpvVFBwajN4ajJnWW1qdGhlYnI1WGpVcjEveDhqT3BmcEYzNXdZakZZSW91N2JsUWlRMHJFWkRXd2ZiMD0mL2dtRFZMVjNMdGNNbU4wTnpNTkprdS94YzlvPQ=="
.elfcosmetics.com/	1970-01-21 05:45:34	Name: _tt_enable_cookie Value: 1
.elfcosmetics.com/	1970-01-21 05:45:34	Name: _ttp Value: qaWCYmKeCe5or_vfwlxpZ96E_7L
.elfcosmetics.com/	1970-01-20 20:24:00	Name: _cs_s Value: 1.5.0.1715040756722
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.currency Value: USD
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: 5K5HSKV1N2u84wYvoD_XJ5iAjz4lhyLX3bA
www.elfcosmetics.com/	1970-01-21 05:09:55	Name: _dyid_server Value: -3625397444915139863
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.InternationalUser Value: ""
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.location Value: US
www.elfcosmetics.com/	1970-01-20 20:25:25	Name: currentLocale Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.sessionid Value: abmukZxbJKlXERxrAXlaYYlbJK
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.LanguageIsoCode Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
imgs.signifyd.com/	1970-01-21 05:59:58	Name: thx_guid Value: d67cf8385b788fef8e6d7ab35e65443b
.elfcosmetics.com/	1970-01-21 05:59:58	Name: _scid Value: 822330d6-0040-484f-3bd6-5d615fcaea30

48 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.elfcosmetics.com/mobile-app Message: Access to image at 'https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_' from origin 'https://www.elfcosmetics.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_ Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=b4cee998-f868-4b23-adda-21fb78fe7c40&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=289542515 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1638306756445368?v=2.9.155&r=stable&domain=www.elfcosmetics.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 111) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://idsync.rlcdn.com/458359.gif?partner_uid=bfc69d4a-973d-4f0e-b5ae-7597f0196dde Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/mobile-app Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
alb.reddit.com
analytics.tiktok.com
api.bounceexchange.com
api.cquotient.com
api.ipify.org
api.usehero.com
assets.bounceexchange.com
async-px.dynamicyield.com
bat.bing.com
c.contentsquare.net
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
cdn.usehero.com
collector-pxxt4gy2ig.px-cloud.net
connect.facebook.net
ct.pinterest.com
data.cdnbasket.net
e.cdnwidget.com
elfcosmetics.a.bigcontent.io
external-api.jebbit.com
geolocation.onetrust.com
googleads.g.doubleclick.net
h.online-metrix.net
ids.cdnwidget.com
idsync.rlcdn.com
imgs.signifyd.com
insight.adsrvr.org
js.cnnx.link
js.jebbit.com
page.cdnbasket.net
pixel.pointmediatracker.com
qoe-1.yottaa.net
region1.google-analytics.com
s.pinimg.com
sdk.iad-05.braze.com
secure.adnxs.com
sgtm.elfcosmetics.com
srm.ba.contentsquare.net
st.dynamicyield.com
static.ordergroove.com
t.contentsquare.net
t.paypal.com
tag.rmp.rakuten.com
tag.wknd.ai
ut.rd.linksynergy.com
view.cdnbasket.net
w2txo5aacuw7nl6ak3qbkgkyq7u2af7h22mkgjtc8dddfb109aab1974am1.e.aa.online-metrix.net
websdk.appsflyer.com
www.elfcosmetics.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
www.redditstatic.com
cdn-fsly.yottaa.net
pixel.pointmediatracker.com
104.26.12.205
108.138.26.13
140.174.14.97
142.250.185.98
151.101.0.84
151.101.129.21
151.101.193.35
151.101.2.133
151.101.64.84
18.172.112.91
18.244.18.115
192.229.221.25
2.18.64.26
2001:4860:4802:32::36
204.2.49.55
23.42.12.106
2600:1901:0:56e0::
2600:9000:21f3:1400:11:85b0:d600:93a1
2600:9000:2250:b200:15:ad21:c740:93a1
2600:9000:2359:ee00:a:7914:b00:93a1
2600:9000:275d:1800:a:b89d:a6c0:93a1
2600:9000:2761:e00:13:d6f4:3240:93a1
2606:4700:4400::6812:25a1
2606:4700:4400::6812:2a49
2606:4700:4400::ac40:9b77
2606:4700:4400::ac40:9ba6
2606:4700::6813:b234
2620:1ec:c11::237
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2008
2a02:26f0:1700:79b::1931
2a02:26f0:480:33::212:40ca
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::396
2a04:4e42:600::396
3.66.24.191
34.102.147.248
34.102.193.48
34.111.8.32
34.120.253.250
34.149.117.55
34.149.239.87
34.246.105.29
34.49.124.132
34.95.120.72
34.98.67.3
34.98.72.95
35.190.10.96
35.244.174.68
37.252.172.123
52.223.40.198
54.170.22.54
54.220.205.15
54.229.140.92
91.235.132.130
91.235.133.113
91.235.134.131
03dbf9dc05fa84370cbdfb363a10855e9fd035a833cd83b67e14cdb975882bed
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8
0e808f51f2e171f19b5d0eb70e6482b93ea96723accfc77f2cd4c8cdefa618f1
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
18280f9cb145047846d89977448ecfa5a2e1a4a4d168739fb9429da03fce9fbe
19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d
19cc36fffa37aa68e3eeb82532cb58611a1e1191cad33bf5edf5265f5930ff28
1b6bc1aaf438e1b7ca4df626c3ccbba4d73ac05b8ad1a31bb2b556da0bfaa0a7
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ddc89ba3c2a29bf8b6a376737d491efdb8f9bcebc7c635639cda62390f45a06
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2e8fd8d487b4259dbdc6c529f742806377fae205c8dc7d0f35ac8797bafe5b3b
2f94a92ee5b944dee469a9c3170546ea7d95ebee37bea2daee2b84caa9d5ad1f
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565
38f72d493436f19a68b66f8243f4626face699088f1d6df562ec77e89aab0e50
3e4e8da745390c20ff50b50d449bd382b82bad269bb595e27f07316e22c41265
401fe26ee4e68286a3fb5befc287cf0acfc6a46aa8a83832da5b6386321d0aee
42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58
48dd2343ac3ef3252a4ad22a98c496fc9f700e0b9c473de1e1e54e12a5518771
498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4daa11163425a93a6704abc335ed09b2f3065bd9511130607d8e2aaffe3e8cff
4f48519787e3988ac06ce734f1a52681a49fce1e3b69ef0d97c70e63b629fcb6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
52a8af96bebfcacaa9674701adb036ea76fa494519babfd911548c03865c5fea
55baa715ccc8c2512bceb1c949c1d0927944ca327e7edd2d5fc312d2a41986e4
57bd3463acfad02c222f7beac208f69df5507f7de42fa38b18a1e1e48df2a44a
58386815f4fcac72aeb4d07d1baa1688fee4039b95108baf13cfd2d427f5146c
5930c52386428cfc5a608b256ce54b1688495c985d54500dce5b7cc18af7d01c
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
615b75eddd683d2f18d95bda10b7e11d753c8b4bd95c8c14ae962ac96b867176
679e27a0c158ab0c2f595544d2852b2e1f1613fa1a065a2440b4bb7af23dc550
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a196ba4f272586219eaa10072e7bf873ea5b92eb6ffa97bd5606e5fedc2efcd
6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
6f693b12a2e04ec57e72559407892e9b8b97c5c1cea493f1ba2de148e876295c
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
7586f9164e6bc95d916e3828d687c85f77cf253b34a5908fffa5f6f17dfd0d72
7b56d2710f8114b062edd4b006df9739f523f14679b9fc7573259ed51d37ab45
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82ab2a63548a69b69bf74bd3e6f0610d7d2e98d45f3af66a01dad8ce1c6fcef2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
875ca118023e8741e684a320e73b7f9af4e8eba6c88f1f7e8457f7c0cdda6efb
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8a90f3b36f2455fc6c76f9ad777671954126bdc45618423a01cfcf0cbfa49f21
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5911127b4fdaba331a6d2137a6e954d7fcf4819f83693ec847d1ff9a47f389
8f86dbd47b7ff697f2b12968f6078e3634d24e1dbaa9f00ef562d278ad3cecd9
8fd5e6962bde33408bdd66280bbd176a5dac01576e07ab1c1bad79ec4848e5ae
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
92e00349ed94a2184d48889d637ad456366dbec2cbe67ffc211c8c21362cb46c
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
948aeac9a8dbb591f76f1a03375169f95be2295930f2af45af19b533f5255831
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9b5a1f6ccd36751cf508090175a38cb8b6ddde3ed2ed3d461e8476b409eea787
9f2461f7629a9751a8ce13d4fa6465bd4dade527356dedaa1e07be6712694ec4
9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4
a091b4d1d344b10a0a0810695caeef3db3cacd6fe251654316822f93b71e4ddf
a10c17d161ecec1d83304e8b6541dd9acaf374c7fb2c99f75262d4f5b84fe25d
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a3de1eef9be67750488b4d782a13d93fe3a13beb5bac1cc4093695ad52b8b337
a4dab5d175f3cb60c99135465ec8b7df1c4b26c38a2d9b51d0d5d90490e582e4
a54234f412b9bfdc07fcbd75a6e3e22c0f89f89f861ea0e6e6a96c7048834c41
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c
b0cd5d876887ae66f85a55a554d689ac330a2216586eaaf7a06dc766c08ea1e4
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22
b2e0bde8a120edcd0e126c139ff4c62dc420e43a86bb9e22c92044fdda3fc3ef
b336f926203c1280abc248e9659a8bfc81f33e5827bd8e5a90bd43cbe9958ef4
b5a9baac0b53c708a5279b1ddfe54ec7f0a40699210e0caf05419d0aa1b330d9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c9d4a41d3dcdef29d6b3888d8d5b9ab3fbcc673d4a120f0957221ebda7a40d3e
c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc9709489aeba0f23cc18fd3d1ff6f2087e1381ba6dbe92e98738228d520fd54
cc9ea760e99c7aeb29b3da195ff38ecb90d6699e6e437ba9fb6ba5c8a2912b01
cd3034c76f5ffbb9045fc7f68d6b1ce2749e66417f17c7142e1f3c30e4d6f0ef
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
d0949842faf7022686cdc10f6b3249267c7efb20c8043f708a11b4b3779f712f
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d654c40ca30621e0bbfb8c15e02f6165845be380ce2c87bec74070d94a610fbd
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
d861c8a4cfe621b058a9b27e29fa3031d048e5794c9ff25b435c7e3853070676
dbfcd656d653b9d36320f2f06251515b759ff14ed4dd63c90bc583e54ba70c64
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54a8aca75cb5e527ffd22195b818f3ff4e7239a6dd8425f979e3180419abee5
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ec3c6c170fd98bf2b831fc0cafc7f4232d92d1a84a16ff0c923a9e6a9d746246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6
f6c4e7da5c49a940732283b16c8fecf9c8998324d88b48a4af21153742886f56
f85d2907085ad171fdb6d83384cf325aefed448be3dff94ab33f672459ffbfd0
f9261c8148010a9582d8588220092d7759a8df8a77ccac58da63e9738486e8e7
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616

www.elfcosmetics.com Open in urlscan Pro 140.174.14.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

168 Requests

95 %HTTPS

38 %IPv6

44 Domains

60 Subdomains

60 IPs

5 Countries

4085 kBTransfer

13265 kBSize

61 Cookies

19 Outgoing links

Page URL History

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.elfcosmetics.com Open in urlscan Pro
140.174.14.97 Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

95 %
HTTPS

38 %
IPv6

44
Domains

60
Subdomains

60
IPs

5
Countries

4085 kB
Transfer

13265 kB
Size

61
Cookies

168 HTTP transactions
3 data transactions