urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmetics.com Open in urlscan Pro
165.254.56.76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Effective URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Submission: On August 22 via api from SA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 4 countries across 40 domains to perform 175 HTTP transactions. The main IP is 165.254.56.76, located in Hutto, United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 72929.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 8th 2022. Valid for: a year.
This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 165.254.56.77 393259 (YOTTAA-AS-1)
1 17 165.254.56.76 393259 (YOTTAA-AS-1)
12 151.101.130.133 54113 (FASTLY)
4 35.190.10.96 15169 (GOOGLE)
13 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:225... 16509 (AMAZON-02)
2 64.185.227.156 18450 (WEBNX)
4 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 151.101.2.133 54113 (FASTLY)
1 2600:9000:225... ()
1 2606:4700:440... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
3 6 142.250.181.230 15169 (GOOGLE)
1 2600:9000:25e... 16509 (AMAZON-02)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 4 37.252.171.52 29990 (ASN-APPNEX)
2 35.71.131.137 16509 (AMAZON-02)
4 18.66.112.128 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 18.66.97.105 16509 (AMAZON-02)
1 18.66.97.47 16509 (AMAZON-02)
1 140.174.14.146 393259 (YOTTAA-AS-1)
1 104.86.37.229 16625 (AKAMAI-AS)
1 34.102.147.248 396982 (GOOGLE-CL...)
9 151.101.1.21 54113 (FASTLY)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2600:9000:236... 16509 (AMAZON-02)
1 142.250.186.66 15169 (GOOGLE)
1 3.162.38.245 ()
2 2a04:4e42:8e::84 54113 (FASTLY)
1 2a04:4e42:400... 54113 (FASTLY)
5 184.86.103.207 20940 (AKAMAI-ASN1)
1 2600:9000:218... 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 143.204.231.119 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.129.140 54113 (FASTLY)
12 52.49.98.241 16509 (AMAZON-02)
5 151.101.128.84 54113 (FASTLY)
2 2001:4860:480... 15169 (GOOGLE)
1 3.127.128.19 16509 (AMAZON-02)
2 52.48.254.249 16509 (AMAZON-02)
1 34.98.67.3 396982 (GOOGLE-CL...)
2 151.101.1.35 54113 (FASTLY)
2 2a03:2880:f17... 32934 (FACEBOOK)
5 35.190.43.134 15169 (GOOGLE)
3 192.229.221.25 15133 (EDGECAST)
9 99.86.91.117 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
175 52
1    165.254.56.77 (Hutto, United States)

ASN393259 (YOTTAA-AS-1, US)
www.elfcosmetics.com
17    165.254.56.76 (Hutto, United States)

ASN393259 (YOTTAA-AS-1, US)
www.elfcosmetics.com
12    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
cdn-fsly.yottaa.net
4    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxxt4gy2ig.px-cloud.net
13    2606:4700::6812:bbda (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:9000:2251:e600:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.dynamicyield.com
2    64.185.227.156 (Los Angeles, United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-156.static.webnx.com
api.ipify.org
4    2a02:26f0:7100::5f64:87e9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.media.amplience.net
2    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
sdk.iad-05.braze.com
1    2600:9000:2250:9200:15:ad21:c740:93a1 (United States)

ASN- ()
st.dynamicyield.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
5    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    142.250.181.230 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
9231397.fls.doubleclick.net
10742279.fls.doubleclick.net
1    2600:9000:25e9:be00:11:85b0:d600:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.cnnx.link
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
4    18.66.112.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-128.fra56.r.cloudfront.net
async-px.dynamicyield.com
2    2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    18.66.97.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-105.fra56.r.cloudfront.net
ads.undertone.com
1    18.66.97.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-47.fra56.r.cloudfront.net
evt.undertone.com
1    140.174.14.146 (Frankfurt am Main, Germany)

ASN393259 (YOTTAA-AS-1, US)
qoe-1.yottaa.net
1    104.86.37.229 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-86-37-229.deploy.static.akamaitechnologies.com
static.ordergroove.com
1    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
tag.rmp.rakuten.com
9    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
websdk.appsflyer.com
3    2600:9000:236e:1000:13:d6f4:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.usehero.com
1    142.250.186.66 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
1    3.162.38.245 (United States)

ASN- ()
PTR: server-3-162-38-245.cdg52.r.cloudfront.net
sc-static.net
2    2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
1    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
5    184.86.103.207 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-207.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2600:9000:218e:7800:a:7914:b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.jebbit.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    143.204.231.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-231-119.cdg3.r.cloudfront.net
t.contentsquare.net
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
12    52.49.98.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
api.usehero.com
5    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    3.127.128.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-128-19.eu-central-1.compute.amazonaws.com
external-api.jebbit.com
2    52.48.254.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-254-249.eu-west-1.compute.amazonaws.com
c.contentsquare.net
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
ut.rd.linksynergy.com
2    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
9    99.86.91.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-117.cdg50.r.cloudfront.net
upload.usehero.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
Apex Domain
Subdomains		 Transfer
24 usehero.com
cdn.usehero.com — Cisco Umbrella Rank: 50896
api.usehero.com — Cisco Umbrella Rank: 47578
upload.usehero.com — Cisco Umbrella Rank: 72618
347 KB
18 elfcosmetics.com
www.elfcosmetics.com — Cisco Umbrella Rank: 72929
366 KB
13 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 406
167 KB
13 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 22298
qoe-1.yottaa.net — Cisco Umbrella Rank: 9289
1010 KB
12 doubleclick.net
9231397.fls.doubleclick.net — Cisco Umbrella Rank: 749026
10742279.fls.doubleclick.net — Cisco Umbrella Rank: 718531
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 122
8 KB
11 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2799
t.paypal.com — Cisco Umbrella Rank: 3559
232 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 126
region1.analytics.google.com — Cisco Umbrella Rank: 2706
2 KB
8 dynamicyield.com
cdn.dynamicyield.com — Cisco Umbrella Rank: 8834
st.dynamicyield.com — Cisco Umbrella Rank: 8575
async-px.dynamicyield.com — Cisco Umbrella Rank: 8532
193 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 5345
905 B
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 1060
1 KB
5 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 986
2 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 882
131 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 62
22 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 542
3 KB
4 amplience.net
cdn.media.amplience.net — Cisco Umbrella Rank: 14574
575 KB
4 px-cloud.net
collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 653235
1 KB
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2541
33 KB
3 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3769
c.contentsquare.net — Cisco Umbrella Rank: 4093
63 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
216 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
137 KB
2 jebbit.com
js.jebbit.com — Cisco Umbrella Rank: 46276
external-api.jebbit.com — Cisco Umbrella Rank: 49861
96 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1031
20 KB
2 undertone.com
ads.undertone.com — Cisco Umbrella Rank: 7268
evt.undertone.com — Cisco Umbrella Rank: 6737
1 KB
2 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 749
521 B
2 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 4269
455 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2820
442 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
202 KB
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 462
98 B
1 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 8089
399 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1702
637 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277
40 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1500
8 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1193
16 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 157
2 KB
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 7276
12 KB
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 7756
15 KB
1 ordergroove.com
static.ordergroove.com — Cisco Umbrella Rank: 27178
43 KB
1 cnnx.link
js.cnnx.link — Cisco Umbrella Rank: 9353
1 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 785
304 B
0 pointmediatracker.com Failed
pixel.pointmediatracker.com Failed
175 40
Domain Requested by
18 www.elfcosmetics.com 2 redirects www.elfcosmetics.com
cdn-fsly.yottaa.net
13 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
www.elfcosmetics.com
12 api.usehero.com cdn.usehero.com
12 cdn-fsly.yottaa.net www.elfcosmetics.com
9 upload.usehero.com cdn.usehero.com
9 www.paypal.com www.elfcosmetics.com
www.paypal.com
www.paypalobjects.com
6 www.google.de www.elfcosmetics.com
5 tr.snapchat.com www.elfcosmetics.com
sc-static.net
5 ct.pinterest.com s.pinimg.com
www.elfcosmetics.com
5 analytics.tiktok.com www.elfcosmetics.com
analytics.tiktok.com
5 www.google.com 2 redirects www.elfcosmetics.com
5 www.google-analytics.com www.elfcosmetics.com
www.google-analytics.com
4 async-px.dynamicyield.com cdn.dynamicyield.com
4 secure.adnxs.com 2 redirects www.elfcosmetics.com
4 googleads.g.doubleclick.net 2 redirects www.elfcosmetics.com
4 9231397.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 cdn.media.amplience.net www.elfcosmetics.com
4 collector-pxxt4gy2ig.px-cloud.net www.elfcosmetics.com
3 www.paypalobjects.com www.elfcosmetics.com
www.paypalobjects.com
3 cdn.usehero.com www.elfcosmetics.com
cdn.usehero.com
3 adservice.google.com 10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
3 cdn.dynamicyield.com www.elfcosmetics.com
2 www.facebook.com
2 t.paypal.com
2 c.contentsquare.net
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net www.elfcosmetics.com
2 s.pinimg.com www.elfcosmetics.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 insight.adsrvr.org www.elfcosmetics.com
2 10742279.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 sdk.iad-05.braze.com cdn-fsly.yottaa.net
2 api.ipify.org cdn-fsly.yottaa.net
2 www.googletagmanager.com www.elfcosmetics.com
1 idsync.rlcdn.com
1 ut.rd.linksynergy.com www.elfcosmetics.com
1 external-api.jebbit.com js.jebbit.com
1 alb.reddit.com
1 cdnjs.cloudflare.com www.elfcosmetics.com
1 t.contentsquare.net www.elfcosmetics.com
1 js.jebbit.com www.elfcosmetics.com
1 www.redditstatic.com www.elfcosmetics.com
1 sc-static.net www.elfcosmetics.com
1 www.googleadservices.com www.elfcosmetics.com
1 websdk.appsflyer.com www.elfcosmetics.com
1 tag.rmp.rakuten.com www.elfcosmetics.com
1 static.ordergroove.com www.elfcosmetics.com
1 qoe-1.yottaa.net www.elfcosmetics.com
1 evt.undertone.com 9231397.fls.doubleclick.net
1 ads.undertone.com 1 redirects
1 js.cnnx.link www.googletagmanager.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 st.dynamicyield.com www.elfcosmetics.com
0 pixel.pointmediatracker.com Failed www.elfcosmetics.com
175 54
Subject Issuer Validity Valid
*.elfcosmetics.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-10-22		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2022-09-08 -
2023-10-10		 a year crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-15 -
2024-09-13		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-10-17		 8 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-14		 a year crt.sh
*.iad-05.braze.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-07-27 -
2024-08-27		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
js.cnnx.link
Amazon RSA 2048 M02		 2023-07-11 -
2024-08-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.ordergroove.com
Go Daddy Secure Certificate Authority - G2		 2023-08-04 -
2024-08-17		 a year crt.sh
tag.rmp.rakuten.com
GTS CA 1D4		 2023-08-05 -
2023-11-03		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-21 -
2024-08-20		 a year crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-27 -
2024-07-27		 a year crt.sh
*.usehero.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-10-26		 8 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sc-static.net
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-12 -
2023-10-08		 6 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.jebbit.com
Amazon RSA 2048 M01		 2023-05-24 -
2024-06-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-01 -
2023-08-30		 3 months crt.sh
t.contentsquare.net
Amazon RSA 2048 M01		 2023-02-21 -
2023-11-11		 9 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2023-10-15		 6 months crt.sh
api.usehero.com
Amazon RSA 2048 M02		 2023-02-05 -
2024-03-05		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
dep.ba.contentsquare.net
Amazon RSA 2048 M01		 2023-03-20 -
2024-04-17		 a year crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA		 2023-02-13 -
2024-02-13		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh

This page contains 11 frames:

Primary Page: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Frame ID: E7884F23BCB531C5694A84949268175F
Requests: 136 HTTP requests in this frame

Frame: https://9231397.fls.doubleclick.net/activityi;dc_pre=CPiKw6D38IADFU1XDQod_P0LNA;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=69042085.1692730163;u6=%2Fen_SA%2Fskin-care;u10=undefined;u12=undefined;u8=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
Frame ID: F490691F0A7EEDFCF68D096A73B9E884
Requests: 3 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;dc_pre=CPCuwqD38IADFYGGnwodMv4BhA;src=10742279;type=elf8j0;cat=glo_flap;ord=4308095302702;auiddc=69042085.1692730163;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
Frame ID: 35733D4657A5262C4CC0818317598A1D
Requests: 2 HTTP requests in this frame

Frame: https://9231397.fls.doubleclick.net/activityi;dc_pre=CJeMw6D38IADFUWanwod4S0Ngg;src=9231397;type=retarget;cat=skinc0;ord=6444987518103;auiddc=69042085.1692730163;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
Frame ID: 366B68A546662968C889DA2A436998CC
Requests: 2 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1TQVImdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
Frame ID: C731628E355BC94415B998F0737C630A
Requests: 4 HTTP requests in this frame

Frame: https://cdn.usehero.com/plugin.5.45.0.js
Frame ID: 0815496C65DEF7776CF19FAFA49784C5
Requests: 12 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=cf5e0266-dda4-4b31-9f43-d56e7564cc6f&u_sclid=f351357f-ca52-47cd-8e03-b7ab271641b4
Frame ID: F3E7FF21FE9EB9FDAC6642D297ACBED9
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 26A991407AA4C6A35DA894FB98B1A6E4
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 2537A2E1CB8F5CE845C1DB24D2DE1946
Requests: 3 HTTP requests in this frame

Frame: https://upload.usehero.com/avatars/lqRiQXDD6L-uKFjelXCdNsJJUB86TAX--56x56.jpg
Frame ID: E05E34CC4602172D766457E8A8A8BB35
Requests: 3 HTTP requests in this frame

Frame: https://upload.usehero.com/avatars/lqRiQXDD6L-uKFjelXCdNsJJUB86TAX--56x56.jpg
Frame ID: A8134216C6905EB4478FC420904B6A47
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Skin Care Products | e.l.f. SKINBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4 HTTP 301
    https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /demandware\.static/
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 10%
Detected patterns
  • basket.*\.js

Page Statistics

175
Requests

94 %
HTTPS

42 %
IPv6

40
Domains

54
Subdomains

52
IPs

4
Countries

3767 kB
Transfer

12171 kB
Size

72
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4 HTTP 301
    https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=_1A9QyLDo87Zd661W9oQC4mWMz4U5qjJgPBVC6svxXI HTTP 303
  • https://www.elfcosmetics.com/callback?usid=a5a89623-9549-47ae-be63-22363e292718&code=X2u7TZY2V372f_0UwR1zSSvR28cEN3mMpCCX4FRj5Z4
Request Chain 37
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=69042085.1692730163;u6=%2Fen_SA%2Fskin-care;u10=undefined;u12=undefined;u8=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4 HTTP 302
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CPiKw6D38IADFU1XDQod_P0LNA;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=69042085.1692730163;u6=%2Fen_SA%2Fskin-care;u10=undefined;u12=undefined;u8=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
Request Chain 38
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=4308095302702;auiddc=69042085.1692730163;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4 HTTP 302
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CPCuwqD38IADFYGGnwodMv4BhA;src=10742279;type=elf8j0;cat=glo_flap;ord=4308095302702;auiddc=69042085.1692730163;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
Request Chain 40
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=skinc0;ord=6444987518103;auiddc=69042085.1692730163;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4 HTTP 302
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CJeMw6D38IADFUWanwod4S0Ngg;src=9231397;type=retarget;cat=skinc0;ord=6444987518103;auiddc=69042085.1692730163;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
Request Chain 41
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1692730162526&cv=11&fst=1692730162526&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&hn=www.googleadservices.com&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&auid=69042085.1692730163&uamb=0&uaw=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D HTTP 302
  • https://www.google.com/pagead/1p-user-list/698270988/?random=1692730162526&cv=11&fst=1692727200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&is_vtc=1&random=2401870843 HTTP 302
  • https://www.google.de/pagead/1p-user-list/698270988/?random=1692730162526&cv=11&fst=1692727200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&is_vtc=1&random=2401870843&ipr=y
Request Chain 42
  • https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
Request Chain 44
  • https://secure.adnxs.com/px?id=1608910%20&seg=6104893&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608910%2520%26seg%3D6104893%26t%3D2
Request Chain 68
  • https://ads.undertone.com/t?trackerid=7729&cb=984929313 HTTP 307
  • https://evt.undertone.com/t?trackerid=7729&cb=984929313
Request Chain 102
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1839865300&cv=11&fst=1692730162514&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&value=0&auid=69042085.1692730163&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=NAPlZNLWHruK7_UPjc6vyAk&sscte=1&crd=CKG4sQI&eitems=ChEI8LmRpwYQpPfcoYy4uLygARIdAPUT8aNdTRN7gfK2VzcX0-LF-tHHjK8fudIPE0k&pscrd=EkxDaEVJOExtUnB3WVFydGJ3X2JtNzZZWEhBUklrQU9JbnlGVzAzd2ZSVXVoanB5UUtCT293bndpU2R1eHJmcElaZWdtT0xKUmZ0dUNjGldDaEVJOExtUnB3WVE2Zk9Ga3YyaDRkRFVBUklzQU1WU0drdTc1NkZKTTU5eklXOG1uMUttMDN4Smk3TTdleWhsMU14WkU4QkFsdmcwdWJuM1dPcHhYeVEiEwjSwJ-h9_CAAxU7xbsIHQ3nC5k HTTP 302
  • https://www.google.com/pagead/1p-conversion/698270988/?random=1839865300&cv=11&fst=1692730162514&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&value=0&auid=69042085.1692730163&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=EkxDaEVJOExtUnB3WVFydGJ3X2JtNzZZWEhBUklrQU9JbnlGVzAzd2ZSVXVoanB5UUtCT293bndpU2R1eHJmcElaZWdtT0xKUmZ0dUNjGldDaEVJOExtUnB3WVE2Zk9Ga3YyaDRkRFVBUklzQU1WU0drdTc1NkZKTTU5eklXOG1uMUttMDN4Smk3TTdleWhsMU14WkU4QkFsdmcwdWJuM1dPcHhYeVEiEwjSwJ-h9_CAAxU7xbsIHQ3nC5k&is_vtc=1&ocp_id=NAPlZNLWHruK7_UPjc6vyAk&cid=CAQSKQBpAlJWpZjFJ4VMdbxP6jCofKbUX9UNXFsnxHrSF1TQidagA7UXFCdV&eitems=ChEI8LmRpwYQpPfcoYy4uLygARIdAPUT8aMd-_TNTnhw-tPx-5fcDkm5Fvvn5zPGr2Q&random=684552448 HTTP 302
  • https://www.google.de/pagead/1p-conversion/698270988/?random=1839865300&cv=11&fst=1692730162514&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&value=0&auid=69042085.1692730163&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=EkxDaEVJOExtUnB3WVFydGJ3X2JtNzZZWEhBUklrQU9JbnlGVzAzd2ZSVXVoanB5UUtCT293bndpU2R1eHJmcElaZWdtT0xKUmZ0dUNjGldDaEVJOExtUnB3WVE2Zk9Ga3YyaDRkRFVBUklzQU1WU0drdTc1NkZKTTU5eklXOG1uMUttMDN4Smk3TTdleWhsMU14WkU4QkFsdmcwdWJuM1dPcHhYeVEiEwjSwJ-h9_CAAxU7xbsIHQ3nC5k&is_vtc=1&ocp_id=NAPlZNLWHruK7_UPjc6vyAk&cid=CAQSKQBpAlJWpZjFJ4VMdbxP6jCofKbUX9UNXFsnxHrSF1TQidagA7UXFCdV&eitems=ChEI8LmRpwYQpPfcoYy4uLygARIdAPUT8aMd-_TNTnhw-tPx-5fcDkm5Fvvn5zPGr2Q&random=684552448&ipr=y

175 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request skin-care
www.elfcosmetics.com/en_SA/
Redirect Chain
  • http://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
  • https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
1 MB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
2cd96023d11a8e1dbe53a7acd11ae987cd7a0d7769f5b00d6ff136594d55802b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
public, must-revalidate, s-maxage=900
content-encoding
gzip
content-length
235351
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 18:49:18 GMT
etag
W/"f5748-4xWvWpPdd5+qeXm1BP7VzW3ybYI"
vary
Accept-Encoding
via
1.1 1f26f4fcc7c0b4ff4d686295192ee71a.cloudfront.net (CloudFront)
x-amz-apigw-id
KE1utF-KiYcFdUg=
x-amz-cf-id
5qF0PX4PSmZ775Jqs9q1RDjZjSU7r2ewSggic0YQ0iG-30kmTiRHAg==
x-amz-cf-pop
LHR50-P6
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
1005384
x-amzn-remapped-date
Tue, 22 Aug 2023 18:49:18 GMT
x-amzn-requestid
15ee521a-1261-4fd1-be02-cd107e3a282c
x-amzn-trace-id
Root=1-64e5032a-60051b2c37be468363c40896;Sampled=0;lineage=2b75b0e9:0
x-cache
Miss from cloudfront
x-yottaa-metrics
3421a5fe3835/[4139,3860,-] 34D1a5fe384c/[-,4288.817]
x-yottaa-optimizations
ob/1000000100001000 si/34D1a5fe384c-1692638905-9989172470 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-yottaa-os
200

Redirect headers

Age
0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
125
Content-Type
text/html
Date
Tue, 22 Aug 2023 18:49:14 GMT
Location
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Via
1.1 941eeb52a9594aec5cf3464efa0a3b66.cloudfront.net (CloudFront)
X-Amz-Cf-Id
KgneEmJfeV4U_uBfk4E2WNEP15ABZPAPRObJtcYZfrJFot_lVmmPFw==
X-Amz-Cf-Pop
LHR50-P6
X-Cache
Redirect from cloudfront
X-Yottaa-Metrics
3421a5fe38a0/[22,3,-] 34D1a5fe384d/[-,24.683]
X-Yottaa-OS
301
X-Yottaa-Optimizations
ob/1000 si/34D1a5fe384d-1692638905-3437721572 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
init.js
www.elfcosmetics.com/XT4Gy2ig/ 		165 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/XT4Gy2ig/init.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
45c5d7720e485bf4a3fd489f4b4d325c053e9edbe6c3672334a80e6ad607e8bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:19 GMT
content-encoding
gzip
etag
"2925f-zqGVrAtBly+rn73jIN0ZOicbJ2U"
active-cdn
Akamai
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
x-yottaa-metrics
34D1a5fe384c/[-,6.170]
x-px-hash
Yzc5ODdlMjI4YWEwYWYzMjhkMjE5OWQ4MmUxMzVhYWMyNzA5NzcwOTdmN2U1YzM0ZGRhM2Y2MzMyMDdlMmQ3MQ==
x-yottaa-optimizations
ob/0 si/34D1a5fe384c-1692638905-9989172627 tts/1692730159273 ti/0 ai/5a0c9b7632f01c35d42101b2
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a2b3b5ecaa7d5c67e5e28f9712ebcf28a592c7191e24bcde25cc5bb374cbf7b

Request headers

Referer
Origin
https://www.elfcosmetics.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a33177a1b1a44698bc85bc710dfd4a6aba8bbe329db64dbb0622c894a1c05cbd

Request headers

Referer
Origin
https://www.elfcosmetics.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
vendor.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/ 		2 MB
607 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5e3349bfcd6a733ddb88abfe5deceec5fe31d74089b4bd0d9f840f31dfb812b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
mxH9bfNgmLNgwFt4R8_AM0tkLxHlmT1I
via
1.1 23546b21bebd898e1f4c79789ae527ca.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
date
Tue, 22 Aug 2023 18:49:19 GMT
x-amz-cf-pop
IAD79-C3
age
607732
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1100 si/23114047a17c-1689712060-1986329093 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Miss from cloudfront, HIT
x-amz-meta-deploy
531955
content-length
621115
x-amz-meta-bundle
9604
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1692730160.733984,VS0,VE2
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
2321cc8d59da/[36,-,1692122426824] 23114047a17c/[-,354.652]
accept-ranges
bytes
x-amz-cf-id
DZm6GNysI0C6zg09ILpp5H8p-BNm7yMH_9GCV1jzhaMhNFNb0ygOQA==
x-cache-hits
1
main.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/ 		1 MB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/main.js?yocs=F_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60be311ffc1cd99e198e9cf6207157ac446b34328dc89788d440d85f45639359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
hgAh54sOYbgq4oeBM4Nv9wBgY7JbdI.O
via
1.1 72b77c557ac4c265c32d99bdef4e9d6a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
date
Tue, 22 Aug 2023 18:49:19 GMT
x-amz-cf-pop
IAD79-C3
age
607734
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/2311cc8d59cf-1689712053-556036919 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Miss from cloudfront, HIT
x-amz-meta-deploy
531955
content-length
341304
x-amz-meta-bundle
9604
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1692730160.734537,VS0,VE2
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
23214047a163/[178,134,-] 2311cc8d59cf/[hit]
accept-ranges
bytes
x-amz-cf-id
Y0gqniSLlVhwYtzpl5JOzkO8-7W3Iaew-TGAxqBPt0Nys6TQ_-4VoQ==
x-cache-hits
1
pages-product-list-product-list-page.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/pages-product-list-product-list-page.js?yocs=F_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d845fb59750926ccc34a70811d22248a38218c12ae176af2a71e918740243c45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
UfVEa6t6wkG4dXjnZhFbgCeFlm1_gx1.
via
1.1 ddfa4f13994dc4f9f7e2278881357a0a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
date
Tue, 22 Aug 2023 18:49:19 GMT
x-amz-cf-pop
ATL56-C4
age
502250
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1000 si/33118cae0c64-1689773352-586541010 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
531955
content-length
9935
x-amz-meta-bundle
9604
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1692730160.734354,VS0,VE1
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
33218cae0c78/[23,21,-] 33118cae0c64/[-,25.822]
accept-ranges
bytes
x-amz-cf-id
p1ia7vLRAnNzNrxVReIsNxl9YrnWKSJrihijzJ3Y0codEtlToOqm1w==
x-cache-hits
1
partials-sort-filter-toolbar-component.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/ 		1013 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/partials-sort-filter-toolbar-component.js?yocs=F_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d0e06cbfcfdbeff57e2956000b1b5c0cc64f2c24693c54a23fdd1ffb73f852b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
f.xzNseapbO0RVbMX9HC9T7fQk0IFsah
via
1.1 bd3e3884ce6fe1fd36336541cce9ec7e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
date
Tue, 22 Aug 2023 18:49:19 GMT
x-amz-cf-pop
JFK50-P2
age
580949
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1000 si/3811cc023141-1691164902-829335633 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
531955
content-length
659
x-amz-meta-bundle
9604
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1692730160.734343,VS0,VE5
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
3821cc023162/[9,6,-] 3811cc023141/[-,11.920]
accept-ranges
bytes
x-amz-cf-id
i7Hes8e1C_OeYUQ7ZnEIrDZKMgUWwc3LYtSPigTpB_VxorFRsq0WpA==
x-cache-hits
1
57548__Closed_0655_V3_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw9e2f6cfd/2023/HHelfOffMakeupRemover/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw9e2f6cfd/2023/HHelfOffMakeupRemover/57548__Closed_0655_V3_R.jpg?sfrm=png&sw=480&q=90&yocs=F_J_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
730fa02412a70e357756fa7db61803300c32704283d4d93c42bb6c293ad19211

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:19 GMT
via
1.1 7a220a3092d83b83525989666566c488.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status
HIT
x-amz-cf-pop
ATL56-C3
x-amz-meta-cleanquerystring
sfrm=png&sw=480&q=90
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/10000000000100 si/33118cae0c62-1689773352-1327182810 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
age
465995
content-length
4960
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true, true
x-amz-expiration
expiry-date="Sun, 23 Jun 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj
h2pri
server
cloudflare
x-timer
S1692730160.734337,VS0,VE1
content-type
image/webp
cache-control
public, max-age=31104000
x-yottaa-metrics
33218cae0c8e/[3,-,1692259642354] 33118cae0c62/[-,4.468]
accept-ranges
bytes
cf-ray
7f806c4c5b95ad7a-ATL
x-amz-cf-id
DUVMu3z0b2yRlFJHEM7kFlTdbNTNSNjtiXLgL7cHX0210FClcsP2eg==
x-cache-hits
1
0723_BTS_SKIN_BUNDLE-2.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7ed7038b/2023/BackToSchoolKits2023/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7ed7038b/2023/BackToSchoolKits2023/0723_BTS_SKIN_BUNDLE-2.jpg?sw=480&q=90&yocs=F_J_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5abb82b288064f89dd1e5bc3dbaefead51285022422e38871364a54699aaa8ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:19 GMT
via
1.1 f47eef689e9260f8a962e04962beaf9a.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status
MISS
x-amz-meta-cleanquerystring
sw=480&q=90
x-amz-cf-pop
DFW56-P6
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/10000000000101 si/3211a5fec6ec-1692101823-401535888 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
age
338160
content-length
9236
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true, true
x-amz-expiration
expiry-date="Tue, 17 Sep 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
server
cloudflare
x-timer
S1692730160.734313,VS0,VE1
content-type
image/webp
cache-control
public, max-age=31104000
x-yottaa-metrics
3221a5fec614/[4,-,1692387497536] 3211a5fec6ec/[hit]
accept-ranges
bytes
cf-ray
7f8c9dc2af964778-DFW
x-amz-cf-id
0EWt3muFYpHt2Hn1GqRC3JM7JvdazNxVXJRwaVtGZimJrOuKUX8-_g==
x-cache-hits
1
59910_SCREM_Closed_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw44d0f80d/2022/HolyHydration!NewPackaging/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw44d0f80d/2022/HolyHydration!NewPackaging/59910_SCREM_Closed_R.jpg?sfrm=png&sw=480&q=90&yocs=F_J_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
058d4d2cb31b98a5c98c0fcb31b0aad78fdafd1834a3820c3da114c1583ace4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:19 GMT
via
1.1 102c2ce84f6702e1add78e397cea7b84.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status
HIT
x-amz-cf-pop
ORD53-C1
x-amz-meta-cleanquerystring
sfrm=png&sw=480&q=90
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/10000000000100 si/2611cc028372-1688062903-1860694659 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
age
43041
content-length
4828
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true, true
x-amz-expiration
expiry-date="Sun, 05 May 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj
h2pri
server
cloudflare
x-timer
S1692730160.776107,VS0,VE4
content-type
image/webp
cache-control
public, max-age=31104000
x-yottaa-metrics
2621cc02832c/[4,-,1692685830257] 2611cc028372/[-,6.823]
accept-ranges
bytes
cf-ray
7fa911465e082237-ORD
x-amz-cf-id
fGMusF45F7EWPHcdV8v1dmLcmgfbwJtGYMABrVl15khQVKW58IlyCg==
x-cache-hits
1
57074_SCTRE_Closed_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dweee0bfd7/2021/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dweee0bfd7/2021/57074_SCTRE_Closed_R.jpg?sfrm=png&sw=480&q=90&yocs=F_J_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f921aa72024c76fc8efa00451922256fbd9ef299b8a5656df938afcaccc7c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:19 GMT
via
1.1 fb8e6daa39bc4124e46750734008822c.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status
HIT
x-amz-cf-pop
DFW3-C1
x-amz-meta-cleanquerystring
sfrm=png&sw=480&q=90
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/0 si/3211a5fec642-1692101820-828813694 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
age
217
content-length
12469
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true
x-amz-expiration
expiry-date="Sun, 05 May 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj
h2pri
server
cloudflare
x-timer
S1692730160.776977,VS0,VE4
content-type
image/jpeg
cache-control
max-age=900
x-yottaa-metrics
3221a5fec615/[34,29,-] 3211a5fec642/[-,36.723]
accept-ranges
bytes
cf-ray
7fad46400bb73172-DFW
x-amz-cf-id
hgIX_780lrOXOOfZ5yPSt2tLunb39X8LJeFplGgjxYcXfySLolDFiA==
x-cache-hits
1
59990_SCCLE_Closed_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5ccf5840/2022/HolyHydration!NewPackaging/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5ccf5840/2022/HolyHydration!NewPackaging/59990_SCCLE_Closed_R.jpg?sfrm=png&sw=480&q=90&yocs=F_J_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a115f42b4e58698d80198657c99d63c4030c2e5338d462ea886af0700e654d52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:19 GMT
via
1.1 4415a352e914eb2ce98de1c6bdfa37ca.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status
HIT
x-amz-cf-pop
ORD52-C2
x-amz-meta-cleanquerystring
sfrm=png&sw=480&q=90
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/10000000000100 si/2611cc8d5869-1688062899-1132845439 tts/1691704961291 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
age
1023734
content-length
3200
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true, true
x-amz-expiration
expiry-date="Mon, 06 May 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj
h2pri
server
cloudflare
x-timer
S1692730160.776719,VS0,VE2
content-type
image/webp
cache-control
public, max-age=31104000
x-yottaa-metrics
2621cc8d5872/[5,-,1691705916103] 2611cc8d5869/[-,8.700]
accept-ranges
bytes
cf-ray
7f4b9d97195ee178-ORD
x-amz-cf-id
AAaNNOXXUsQCoGWHIA3XjxR6QWbIfFVgyUAukdPBkprqQbc2dAaUZw==
x-cache-hits
1
57014_SCMOI_Closed_R.jpeg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw73edcbbf/2020/HH/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw73edcbbf/2020/HH/57014_SCMOI_Closed_R.jpeg?sw=480&q=90&yocs=F_J_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f262c387278e4f08b062f0432881eb5eb54049cefdc7331bb69ef7dd3964fdfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:19 GMT
via
1.1 423570c3bf5a4f5c4eaaf51bd2bfafe8.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C4
x-amz-meta-cleanquerystring
sw=480&q=90
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/10000000000100 si/33118cae0c62-1689773352-1322850967 tts/1691704961291 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
age
641891
content-length
3736
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true, true
x-amz-expiration
expiry-date="Mon, 06 May 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj
h2pri
server
cloudflare
x-timer
S1692730160.776928,VS0,VE1
content-type
image/webp
cache-control
public, max-age=31104000
x-yottaa-metrics
33218cae0ce8/[2,-,1692086642323] 33118cae0c62/[-,3.275]
accept-ranges
bytes
cf-ray
7f6fecaa2c4fad34-ATL
x-amz-cf-id
q0P82wL4mI_CIybG_wtm-x-uF8TN9StM8BYHZhj8slrOj6H5PP2KGg==
x-cache-hits
1
57581_CLOSED_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbee87592/2023/57581AdvancedNightRetinoidSerum/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbee87592/2023/57581AdvancedNightRetinoidSerum/57581_CLOSED_R.jpg?sfrm=png&sw=480&q=90&yocs=F_J_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af8782095e113010e6d0487cc2dcdaf8b979e70aeb627263d27e532b1b76636

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:19 GMT
via
1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status
MISS
x-amz-meta-cleanquerystring
sfrm=png&sw=480&q=90
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/10000000000100 si/23114047a14c-1689712058-1317989197 tts/1691704961291 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
age
1018415
content-length
3218
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true, true
x-amz-expiration
expiry-date="Sun, 05 May 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
server
cloudflare
x-timer
S1692730160.776661,VS0,VE1
content-type
image/webp
cache-control
public, max-age=31104000
x-yottaa-metrics
23214047a188/[4,-,1691706453505] 23114047a14c/[-,7.444]
accept-ranges
bytes
cf-ray
7f4baab579732003-IAD
x-amz-cf-id
pJY307Z05tVJhFP6yxKwSdzEglTcDuqNVcMGQUuQuLFi3CTC_6XBlw==
x-cache-hits
1
57530_OpenA_R.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb5ac6120/2021/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb5ac6120/2021/57530_OpenA_R.jpg?sfrm=png&sw=480&q=90&yocs=F_J_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4cd437859d8ca99a60f3eb08ac89accbe8cd91d5d5f3293d9c8492205c919c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:19 GMT
via
1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 varnish
cf-cache-status
HIT
x-amz-cf-pop
SFO5-P2
x-amz-meta-cleanquerystring
sfrm=png&sw=480&q=90
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/0 si/2511cc02853d-1689090836-818930395 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, MISS
age
0
content-length
12680
x-served-by
cache-fra-eddf8230045-FRA
x-yottaa-forcecache
true
x-amz-expiration
expiry-date="Sun, 26 May 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj
h2pri
server
cloudflare
x-timer
S1692730160.776653,VS0,VE164
content-type
image/jpeg
cache-control
max-age=900
x-yottaa-metrics
2521cc02850f/[17,15,-] 2511cc02853d/[-,17.964]
accept-ranges
bytes
cf-ray
7fad4b8b1f57234f-SJC
x-amz-cf-id
PJ-DuD-kHyktKTmejlHgfg1lqCi7cOxocE4dp1BdQYQ6qn1uv_acRA==
x-cache-hits
0
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		540 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
98f96e82fb53c90e48b9de0ceffff52448e92a80a81cab254c3282167c3da3e3

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 22 Aug 2023 18:49:19 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
540
OtAutoBlock.js
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/OtAutoBlock.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/main.js?yocs=F_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/main.js?yocs=F_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
X1C0PY0lSDg1JSpsyFxfYA==
age
79036
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6837
x-ms-lease-status
unlocked
last-modified
Mon, 21 Aug 2023 17:10:59 GMT
server
cloudflare
etag
0x8DBA269973EC8AB
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5bd67f6c-c01e-006d-2268-d48dc8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7fad4b934e562baa-FRA
gtm.js
www.googletagmanager.com/ 		400 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6176226adea9b2eac7ab614fd839968dd92f02f47b01aa90757c9156e50955c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116656
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Aug 2023 18:49:21 GMT
api_dynamic.js
cdn.dynamicyield.com/api/8772046/ 		299 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:e600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
9b61d44e208c5341f1fd1a0da8a4cc9382c589c21487059d4a5daf25aa5cfcca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:48:59 GMT
content-encoding
gzip
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 15:23:54 GMT
server
DYCDN
age
39
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
etag
W/"660915258454d017ae9145ae9cd9f867"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=30
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
k1KC500G1B8aVhJpF6USTp6Fl75mkMN9wGE_CHtUsK0fYGUGfFrAYQ==
api_static.js
cdn.dynamicyield.com/api/8772046/ 		299 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:e600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
980e27ca7132df6ac9563888075be9c06f47dbf5ec357f878ea913b56723011a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 07:36:50 GMT
content-encoding
gzip
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 13:04:31 GMT
server
DYCDN
age
40352
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
etag
W/"355a983abf735bf947554403b287fc21"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
R-9rNpETCVsU0izqfXeNP321FfDyxBvC9_DGxDuSB1e8YLOCce5DRw==
/
api.ipify.org/ 		21 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.185.227.156 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-227-156.static.webnx.com
Software
nginx/1.25.1 /
Resource Hash
4747ef4fa0343c6ef21607af0b75346e5f1d8898239068dd254c02ce4ec3ea29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Aug 2023 18:49:21 GMT
Server
nginx/1.25.1
Connection
keep-alive
Content-Length
21
Vary
Origin
Content-Type
application/json
/
api.ipify.org/ 		21 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.185.227.156 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-227-156.static.webnx.com
Software
nginx/1.25.1 /
Resource Hash
4747ef4fa0343c6ef21607af0b75346e5f1d8898239068dd254c02ce4ec3ea29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Aug 2023 18:49:21 GMT
Server
nginx/1.25.1
Connection
keep-alive
Content-Length
21
Vary
Origin
Content-Type
application/json
new-9FAEE5
cdn.media.amplience.net/i/elfcosmetics/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/new-9FAEE5?%24Desktop%24=&fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::5f64:87e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
774750eac984a3f73fcf8aef4926b4ed999600b51caf9b635cf6d5617e4cae90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:21 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
U81qf2ckw,l4p5bDg2e,mF-g78ke7,tJjh4FgGa
x-req-id
6ICAXHqe9Y
content-length
182202
x-xss-protection
1; mode=block
x-amp-source-height
96
server
Unknown
x-frame-options
DENY
x-amp-source-width
112
access-control-allow-origin
*
content-type
image/webp
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 04 May 2023 17:05:15 GMT
holyGrail-FFAE62
cdn.media.amplience.net/i/elfcosmetics/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/holyGrail-FFAE62?%24Desktop%24=&fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::5f64:87e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
dcdd0f3fb9932e3c1dbcf1220b55de20bb2c4b3efcb634ffa7946c3b7024db7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:21 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
DdoGGzgfn,l4p5bDg2e,mF-g78ke7,41UJNF_BE
x-req-id
m03AViULcR
content-length
184802
x-xss-protection
1; mode=block
x-amp-source-height
96
server
Unknown
x-frame-options
DENY
x-amp-source-width
112
access-control-allow-origin
*
content-type
image/webp
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 04 May 2023 16:14:06 GMT
badge-gone-viral
cdn.media.amplience.net/i/elfcosmetics/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/badge-gone-viral?%24Desktop%24=&fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::5f64:87e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
11bda28dd29d065faff41cdb718b856ca5e49f3022115bff4788b0542ba9d3c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:21 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
069MLhTVi,l4p5bDg2e,mF-g78ke7,3i2hWg6BQ
x-req-id
ZVdt5WeDik
content-length
102504
x-xss-protection
1; mode=block
x-amp-source-height
1404
server
Unknown
x-frame-options
DENY
x-amp-source-width
1404
access-control-allow-origin
*
content-type
image/webp
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 04 May 2023 17:05:16 GMT
staffPicks-white
cdn.media.amplience.net/i/elfcosmetics/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/staffPicks-white?%24Desktop%24=&fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::5f64:87e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
cb4b49bd17861fe0edfe6316279e470b58f67267e32ffcea30fcee3bc80ae6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:21 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
17dEE71NM,l4p5bDg2e,mF-g78ke7,4MizThq0Q
x-req-id
upckj2xOjT
content-length
117326
x-xss-protection
1; mode=block
x-amp-source-height
96
server
Unknown
x-frame-options
DENY
x-amp-source-width
112
access-control-allow-origin
*
content-type
image/webp
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 04 May 2023 16:14:06 GMT
callback
www.elfcosmetics.com/
Redirect Chain
  • https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=...
  • https://www.elfcosmetics.com/callback?usid=a5a89623-9549-47ae-be63-22363e292718&code=X2u7TZY2V372f_0UwR1zSSvR28cEN3mMpCCX4FRj5Z4
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/callback?usid=a5a89623-9549-47ae-be63-22363e292718&code=X2u7TZY2V372f_0UwR1zSSvR28cEN3mMpCCX4FRj5Z4
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:23 GMT
via
1.1 cd9d9141cd83dabdc9d0a421d1efe1aa.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
x-amz-cf-pop
LHR50-P6
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
cb82cacc-885b-456f-b305-a9e8c3ab8d3e
x-yottaa-optimizations
ob/1000 si/34D1a5fe384c-1692638905-9989172649 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
KE1v_EJeiYcFTcw=
content-length
0
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-64e50332-00a06a294c10729e705f2519;Sampled=0;lineage=2b75b0e9:0
content-type
application/json
cache-control
public, max-age=604800
x-yottaa-os
200
x-yottaa-metrics
3421a5fe389c/[467,461,-] 34D1a5fe384c/[-,472.647]
x-amzn-remapped-date
Tue, 22 Aug 2023 18:49:22 GMT
x-amz-cf-id
rpgxrkKLMIL0mLO60RSPzDEZL6iq2PWPChHsZL-yt0zDqT_t0w9vgA==

Redirect headers

date
Tue, 22 Aug 2023 18:49:21 GMT
x-correlation-id
7fad4b95d996dc9b
via
1.1 a93ae2d95d8c99abc86774820825335a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
LHR50-P6
age
0
x-yottaa-optimizations
ob/0 si/34D1a5fe384c-1692638905-9989172639 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
content-length
0
pragma
no-cache
x-ratelimit-1m-remaining
23589, 833686
x-ratelimit-1m-reset
38175, 38175
x-ratelimit-1m-limit
24000, 850000
vary
Accept-Encoding
location
https://www.elfcosmetics.com/callback?usid=a5a89623-9549-47ae-be63-22363e292718&code=X2u7TZY2V372f_0UwR1zSSvR28cEN3mMpCCX4FRj5Z4
cache-control
no-store
x-yottaa-os
303
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=_1A9QyLDo87Zd661W9oQC4mWMz4U5qjJgPBVC6svxXI
x-yottaa-metrics
3421a5fe383d/[353,351,-] 34D1a5fe384c/[-,355.215]
cf-ray
7fad4b95d996dc9b-LHR
x-amz-cf-id
dKnvhILFSiWt3zTBvCuXJfgUiKDhF4GyA8tdBR5vPoxIAhVlr22_JA==
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-encoding
gzip
date
Tue, 22 Aug 2023 18:49:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220119-FRA
/
sdk.iad-05.braze.com/api/v3/data/ 		323 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
feaed7d61395f2ed0c2a6e3db3747fa5c0a97143003efeb38032ac87440a71cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/json
Referer
https://www.elfcosmetics.com/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 22 Aug 2023 18:49:21 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
MISS
x-request-id
d189dfba-edd9-4314-81bf-383d8b4a9f99
x-served-by
cache-fra-etou8220119-FRA
x-runtime
0.111532
etag
W/"feaed7d61395f2ed0c2a6e3db3747fa5"
access-control-max-age
7200
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin,Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		572 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
86c856150dbdcd5559813728c4afaf956c51fe5473cd9e7a3417010380840fd7

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 22 Aug 2023 18:49:21 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
572
6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff6b9bcb74c91a5bc3e65d864afbb35e9dfbc5d73559a7e4570177055153a189
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
82014
content-md5
1+wgFCvRTUxG+08PxGwSrw==
content-length
1717
x-ms-lease-status
unlocked
last-modified
Thu, 22 Jun 2023 20:41:20 GMT
server
cloudflare
etag
0x8DB7361092FA5A0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1f67bb28-701e-008c-33a4-ca518d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7fad4b974c1e9273-FRA
expires
Wed, 23 Aug 2023 18:49:21 GMT
st
st.dynamicyield.com/ 		114 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=qmvnocxhcuygbp9adxa5rbhbvflotswj&ref=&scriptVersion=1.189.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22CATEGORY%22%2C%22lng%22%3A%22en-SA%22%2C%22data%22%3A%5B%22skin%22%5D%7D
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9200:15:ad21:c740:93a1 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
f85a62c8b4929c623c498c1ef9c629dabc80a531c15d441b04ff11633bcb0d8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:22 GMT
content-encoding
gzip
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control
no-cache
x-amz-cf-id
BSlQELbbazhkHMFHCpw8N_R7rvLx2RO8omv-jngQvqvyP9OKcOEvIg==
expires
Tue, 22 Aug 2023 18:49:21 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7fad4b9d88bd39ee-FRA
access-control-allow-headers
Content-Type
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		32 B
49 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
9d566b192360997a512a9281ee01a72109779a20c0d85dfa43d8a860034988a9

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 22 Aug 2023 18:49:21 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Aug 2023 17:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3579
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 22 Aug 2023 19:49:43 GMT
activityi;dc_pre=CPiKw6D38IADFU1XDQod_P0LNA;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=69042085.1692730163;u6=%2Fen_SA%2Fskin-care;u10=undefined;u12=undefined;u8=undefined;gtm=45H...
9231397.fls.doubleclick.net/ Frame F490
Redirect Chain
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=69042085.1692730163;u6=%2Fen_SA%2Fskin-care;u10=undefined;u12=undefined;u8=undefined;gtm=4...
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CPiKw6D38IADFU1XDQod_P0LNA;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=69042085.1692730163;u6=%2Fen_SA%2Fskin-care;u10=undefine...
725 B
725 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9231397.fls.doubleclick.net/activityi;dc_pre=CPiKw6D38IADFU1XDQod_P0LNA;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=69042085.1692730163;u6=%2Fen_SA%2Fskin-care;u10=undefined;u12=undefined;u8=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
9c15df455457fba78483c83a934c9fbc2d570ec28663d6ecf7cd8132fec9ee4e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
388
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 18:49:23 GMT
expires
Tue, 22 Aug 2023 18:49:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 18:49:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9231397.fls.doubleclick.net/activityi;dc_pre=CPiKw6D38IADFU1XDQod_P0LNA;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=69042085.1692730163;u6=%2Fen_SA%2Fskin-care;u10=undefined;u12=undefined;u8=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CPCuwqD38IADFYGGnwodMv4BhA;src=10742279;type=elf8j0;cat=glo_flap;ord=4308095302702;auiddc=69042085.1692730163;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source...
10742279.fls.doubleclick.net/ Frame 3573
Redirect Chain
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=4308095302702;auiddc=69042085.1692730163;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_sou...
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CPCuwqD38IADFYGGnwodMv4BhA;src=10742279;type=elf8j0;cat=glo_flap;ord=4308095302702;auiddc=69042085.1692730163;u1=https%3A%2F%2Fwww.elfcosmetics...
670 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10742279.fls.doubleclick.net/activityi;dc_pre=CPCuwqD38IADFYGGnwodMv4BhA;src=10742279;type=elf8j0;cat=glo_flap;ord=4308095302702;auiddc=69042085.1692730163;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
86f932c293436b83becf7ab7659477bb7c690cb56088f6518257abe38877fb8f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
323
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 18:49:23 GMT
expires
Tue, 22 Aug 2023 18:49:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 18:49:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10742279.fls.doubleclick.net/activityi;dc_pre=CPCuwqD38IADFYGGnwodMv4BhA;src=10742279;type=elf8j0;cat=glo_flap;ord=4308095302702;auiddc=69042085.1692730163;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cnxtag-min.js
js.cnnx.link/roi/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e9:be00:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d30617b516a30062ca314c2c5f7fe5b9b37b6cc76b1a965b5199862197301608

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:44:41 GMT
via
1.1 google, 1.1 62fb1524856e68ad0114bff2e7022164.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
MXP53-P1
age
280
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
max-age=600
x-amz-cf-id
al314h29Wy2sabPBqaSlxdAnd9CJFtamXTMukqRypxHkWps-rBuNCA==
activityi;dc_pre=CJeMw6D38IADFUWanwod4S0Ngg;src=9231397;type=retarget;cat=skinc0;ord=6444987518103;auiddc=69042085.1692730163;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~ore...
9231397.fls.doubleclick.net/ Frame 366B
Redirect Chain
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=skinc0;ord=6444987518103;auiddc=69042085.1692730163;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~o...
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CJeMw6D38IADFUWanwod4S0Ngg;src=9231397;type=retarget;cat=skinc0;ord=6444987518103;auiddc=69042085.1692730163;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=...
541 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9231397.fls.doubleclick.net/activityi;dc_pre=CJeMw6D38IADFUWanwod4S0Ngg;src=9231397;type=retarget;cat=skinc0;ord=6444987518103;auiddc=69042085.1692730163;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
8424d941f1f71685751ea188c34f931cdb18fed188c0213c1d2b8a96832e9efc
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
315
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 18:49:23 GMT
expires
Tue, 22 Aug 2023 18:49:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 18:49:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9231397.fls.doubleclick.net/activityi;dc_pre=CJeMw6D38IADFUWanwod4S0Ngg;src=9231397;type=retarget;cat=skinc0;ord=6444987518103;auiddc=69042085.1692730163;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.de/pagead/1p-user-list/698270988/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1692730162526&cv=11&fst=1692730162526&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%...
  • https://www.google.com/pagead/1p-user-list/698270988/?random=1692730162526&cv=11&fst=1692727200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics....
  • https://www.google.de/pagead/1p-user-list/698270988/?random=1692730162526&cv=11&fst=1692727200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.c...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/698270988/?random=1692730162526&cv=11&fst=1692727200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&is_vtc=1&random=2401870843&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:23 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-user-list/698270988/?random=1692730162526&cv=11&fst=1692727200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&is_vtc=1&random=2401870843&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:22 GMT
an-x-request-uuid
ed455ba2-2848-4fc7-ad0d-7d9acdf9f24d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.105; 80.255.7.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:22 GMT
an-x-request-uuid
73eb60d2-6b07-471c-ae09-35ff21b589d6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.105; 80.255.7.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 18:49:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1608910%20&seg=6104893&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608910%2520%26seg%3D6104893%26t%3D2
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608910%2520%26seg%3D6104893%26t%3D2
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:22 GMT
an-x-request-uuid
7ba5207f-85be-4aff-b23d-874550117073
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.105; 80.255.7.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:22 GMT
an-x-request-uuid
f75df71f-7800-4cba-9490-c69083a53084
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608910%2520%26seg%3D6104893%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.105; 80.255.7.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:iuefb9m&fmt=3
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 18:49:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
kpi
pixel.pointmediatracker.com/ 		0
0
dy-coll-min.js
cdn.dynamicyield.com/scripts/1.189.0/ 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/scripts/1.189.0/dy-coll-min.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:e600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
c2a6b6a5be44a9c52dc3a0cf654c00ba9731aa036206e83b0d3f2a860f497c93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:33:44 GMT
content-encoding
gzip
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 08:48:21 GMT
server
DYCDN
age
1304139
x-amz-cf-pop
FRA60-P3
etag
W/"437173895d1639385358c987e3c0dd60"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
Myxw4tR2GegKnQnCzWTt_cC1Njia6CYre9NO-r2OOLWu_ETF4VDt4g==
uia
async-px.dynamicyield.com/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/uia?cnst=1&_=1692730162835
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.189.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-128.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:23 GMT
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
GAlMs9V78yUNOfvxFIt5Q3Q3qcRgaqmXD1GWt0V3A8KLAzKjMM1Crg==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=455367&uid=-3346174285220347086&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=598944569d96e2c951f71af9930ffafb&expSes=89500&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.799438.799440&expVisitId=2840677319748668047&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1692730162846&rri=7364880
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.189.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-128.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:23 GMT
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
VDlJAS6sv753XmU-937pirB_pGNRdWwHh977ftPBGLYJm6f6HFmQ2w==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=340348&uid=-3346174285220347086&sec=8772046&t=ri&e=1529559&p=1&ve=12422200&va=%5B28047498%5D&ses=598944569d96e2c951f71af9930ffafb&expSes=89500&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.799438.799440&expVisitId=2840677318124557555&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1692730162847&rri=8786928
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.189.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-128.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:23 GMT
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
32-y5UrO1_RYjtDPtJZg-JquzMbMnU7GffpoFODNcfotPybB_p15og==
expires
0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202306.1.0/ 		404 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XJk1ZZTljtwHFT3qcIJg+w==
age
41762
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
99599
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:36 GMT
server
cloudflare
etag
0x8DB82A15D413626
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7a75efb1-601e-0081-6c94-b47ab1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7fad4b9dee9b2baa-FRA
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=830543100&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&dp=%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&ul=en-us&de=UTF-8&dt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEALAAAAACgAI~&jid=1513397801&gjid=243893706&cid=853737597.1692730163&tid=UA-432816-1&_gid=2105489768.1692730163&_r=1&_slc=1&gtm=45He38l0n81WL3STMX&z=1759975597
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
batch
async-px.dynamicyield.com/ 		0
385 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1692730162929_433715
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.189.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-128.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:23 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
ihxAyGy5qqfvNvBdXu7jcXKIKB6vpXN0FldEq4b35F2KPa-xKy3alA==
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-432816-1&cid=853737597.1692730163&jid=1513397801&gjid=243893706&_gid=2105489768.1692730163&_u=YEBAAEAKAAAAACgAI~&z=1287917872
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 22 Aug 2023 18:49:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/b2d27d23-fa7f-4410-9fdc-6365e7c0c74f/ 		183 KB
31 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/b2d27d23-fa7f-4410-9fdc-6365e7c0c74f/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd48a88ce5fbe99c8bfd145666d73c97bccb433812d328232a99ec867e33012d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
35928
content-md5
8biA3+fGcq863HYjw1RKrg==
content-length
31934
x-ms-lease-status
unlocked
last-modified
Thu, 22 Jun 2023 20:41:20 GMT
server
cloudflare
etag
0x8DB73610964DE9B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
19bd2d4f-801e-0021-1ca4-ca1df8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7fad4b9e9cd09273-FRA
expires
Wed, 23 Aug 2023 18:49:22 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5mNZducabMgxSDzBo+ZI8w==
age
369
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:30 GMT
server
cloudflare
etag
0x8DB82A159AF8EA6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
4e0f40c1-301e-0056-1146-cac86c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7fad4b9f2d599273-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/ 		61 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
sXFDxCJwbPEMIT/8f5Prwg==
age
369
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12544
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:33 GMT
server
cloudflare
etag
0x8DB82A15AFF8646
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
4692622c-401e-0097-60d5-ca6f8e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7fad4b9f2d5b9273-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
v0pzgeeelPwcAOki15i3HA==
age
369
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1766
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:32 GMT
server
cloudflare
etag
0x8DB82A15AB9FB83
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
59e19058-701e-0078-25a4-ca9a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7fad4b9f2d5c9273-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
oWkBTLgDDXvrUsd93y/Zxg==
age
369
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
19fde72f-101e-009a-0146-caa75a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7fad4b9f2d5e9273-FRA
token
www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e21a2bce4b0e839158374a6ddecd369ae86338bb90f19652fa0c60814833d09a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
accept-language
de-DE,de;q=0.9
x-pwa-request
true
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 22 Aug 2023 18:49:23 GMT
content-encoding
gzip
x-correlation-id
7fad4b9f9a513862
cf-cache-status
DYNAMIC
via
1.1 82382b373bb37f94b23638d0711cc150.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
LHR50-P6
age
0
x-yottaa-optimizations
ob/1000 si/34D1a5fe384c-1692638905-9989172664 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
pragma
no-cache
x-ratelimit-1m-remaining
23562, 832612
x-ratelimit-1m-reset
36792, 36791
vary
Accept-Encoding, User-Agent
x-ratelimit-1m-limit
24000, 850000
content-type
application/json
cache-control
no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics
3421a5fe3896/[189,185,-] 34D1a5fe384c/[-,191.396]
cf-ray
7fad4b9f9a513862-LHR
x-amz-cf-id
Wmj0PWX-jG6r-xM0Czw1ForCfTszol90K_z01pKKg10D6jkowg4sYg==
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=853737597.1692730163&jid=1513397801&_u=YEBAAEAKAAAAACgAI~&z=1947778668
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=853737597.1692730163&jid=1513397801&_u=YEBAAEAKAAAAACgAI~&z=1947778668
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
52418
x-ms-lease-status
unlocked
last-modified
Mon, 21 Aug 2023 06:31:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1502ae68-001e-0096-29fc-d33052000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7fad4b9f99042baa-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
515 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
64640
x-ms-lease-status
unlocked
last-modified
Mon, 21 Aug 2023 06:31:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
912815a9-801e-0043-300d-d4dfdf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7fad4b9fadf89273-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
56382
content-length
4036
x-ms-lease-status
unlocked
last-modified
Mon, 21 Aug 2023 17:11:06 GMT
server
cloudflare
etag
0x8DBA2699B36DD4C
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
6a780387-c01e-001f-1d9e-d48a87000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7fad4b9fc9602baa-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 18:49:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
76068
x-ms-lease-status
unlocked
last-modified
Mon, 21 Aug 2023 17:11:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
051cfcad-a01e-0019-445a-d4b938000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7fad4b9fc9612baa-FRA
dc_pre=CPCuwqD38IADFYGGnwodMv4BhA;src=10742279;type=elf8j0;cat=glo_flap;ord=4308095302702;auiddc=*;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarouse...
adservice.google.com/ddm/fls/z/ Frame 3573 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPCuwqD38IADFYGGnwodMv4BhA;src=10742279;type=elf8j0;cat=glo_flap;ord=4308095302702;auiddc=*;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
Requested by
Host: 10742279.fls.doubleclick.net
URL: https://10742279.fls.doubleclick.net/activityi;dc_pre=CPCuwqD38IADFYGGnwodMv4BhA;src=10742279;type=elf8j0;cat=glo_flap;ord=4308095302702;auiddc=69042085.1692730163;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10742279.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
evt.undertone.com/ Frame F490
Redirect Chain
  • https://ads.undertone.com/t?trackerid=7729&cb=984929313
  • https://evt.undertone.com/t?trackerid=7729&cb=984929313
0
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evt.undertone.com/t?trackerid=7729&cb=984929313
Requested by
Host: 9231397.fls.doubleclick.net
URL: https://9231397.fls.doubleclick.net/activityi;dc_pre=CPiKw6D38IADFU1XDQod_P0LNA;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=69042085.1692730163;u6=%2Fen_SA%2Fskin-care;u10=undefined;u12=undefined;u8=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4?
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9231397.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:23 GMT
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://9231397.fls.doubleclick.net/
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
S0dPrJYgdEgN8Wr0oGkXrr1MrO_eIUB1U2LJh4hIAyAHkip0Pa4vCA==
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 22 Aug 2023 18:49:23 GMT
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
location
https://evt.undertone.com/t?trackerid=7729&cb=984929313
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
6FO2l2mMBnJYYuJ79IL_NfWZ7b1rB5Mk_N7_pIt_pHMt5fYswG_Bpw==
dc_pre=CPiKw6D38IADFU1XDQod_P0LNA;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=*;u6=%2Fen_SA%2Fskin-care;u10=undefined;u12=undefined;u8=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=...
adservice.google.com/ddm/fls/z/ Frame F490 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPiKw6D38IADFU1XDQod_P0LNA;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=*;u6=%2Fen_SA%2Fskin-care;u10=undefined;u12=undefined;u8=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
Requested by
Host: 9231397.fls.doubleclick.net
URL: https://9231397.fls.doubleclick.net/activityi;dc_pre=CPiKw6D38IADFU1XDQod_P0LNA;src=9231397;type=retarget;cat=globa0;ord=313727792689;auiddc=69042085.1692730163;u6=%2Fen_SA%2Fskin-care;u10=undefined;u12=undefined;u8=undefined;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9231397.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CJeMw6D38IADFUWanwod4S0Ngg;src=9231397;type=retarget;cat=skinc0;ord=6444987518103;auiddc=*;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosme...
adservice.google.com/ddm/fls/z/ Frame 366B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJeMw6D38IADFUWanwod4S0Ngg;src=9231397;type=retarget;cat=skinc0;ord=6444987518103;auiddc=*;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
Requested by
Host: 9231397.fls.doubleclick.net
URL: https://9231397.fls.doubleclick.net/activityi;dc_pre=CJeMw6D38IADFUWanwod4S0Ngg;src=9231397;type=retarget;cat=skinc0;ord=6444987518103;auiddc=69042085.1692730163;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9231397.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sessions
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
accept-language
de-DE,de;q=0.9
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmY2YxOTBjOC1kODA1LTQ4MTAtYTcwNS03NWY5ZTRiOWE1ZWIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmE1YTg5NjIzLTk1NDktNDdhZS1iZTYzLTIyMzYzZTI5MjcxOCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTY5MjczMDEzMywic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJ3cnRGbWJJMGtIa1JtcnNZbXFZWWwwZEo6OmNoaWQ6ICIsImV4cCI6MTY5MjczMTk2MywiaWF0IjoxNjkyNzMwMTYzLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNTIyMjc5Mzg5MDMwNjMzIn0.gkZcqwJVOkijtksZXqpkFpau7Kl3xY3IY_8ct8N14OHp0fAaQDEbh-kqlD8_W4Nag71lP0y7CwMUrqhGXbeSdA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:23 GMT
via
1.1 fcb7e2ea03344c5cbdb3ce71f1ffa1dc.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
LHR50-P6
age
0
x-yottaa-optimizations
ob/0 si/34D1a5fe384c-1692638905-9989172668 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
deprecated
x-cache
Miss from cloudfront
pragma
no-cache
allow
OPTIONS,POST
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
3421a5fe382b/[158,154,-] 34D1a5fe384c/[-,162.038]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions
accept-ranges
bytes
cf-ray
7fad4ba12983dc49-LHR
x-dw-request-base-id
Gj8KjTMD5WQBAAB_
x-amz-cf-id
d4Ka_xFKwouHvlR-lp9Lk20bR3Tf5rWmhnOmFc4L3WChu33kHw_Sog==
x-yottaa-os
204
expires
Thu, 01 Dec 1994 16:00:00 GMT
shoppercontext
www.elfcosmetics.com/api/v1/ 		145 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
10531efadb4c870ec34a00062fd09b846a351ea6562e59e6e1c3f30bb9ba493a

Request headers

Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
accept-language
de-DE,de;q=0.9
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmY2YxOTBjOC1kODA1LTQ4MTAtYTcwNS03NWY5ZTRiOWE1ZWIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmE1YTg5NjIzLTk1NDktNDdhZS1iZTYzLTIyMzYzZTI5MjcxOCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTY5MjczMDEzMywic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJ3cnRGbWJJMGtIa1JtcnNZbXFZWWwwZEo6OmNoaWQ6ICIsImV4cCI6MTY5MjczMTk2MywiaWF0IjoxNjkyNzMwMTYzLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNTIyMjc5Mzg5MDMwNjMzIn0.gkZcqwJVOkijtksZXqpkFpau7Kl3xY3IY_8ct8N14OHp0fAaQDEbh-kqlD8_W4Nag71lP0y7CwMUrqhGXbeSdA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

date
Tue, 22 Aug 2023 18:49:23 GMT
via
1.1 7e7605dff243a25ecb1590c5d7dcc7f0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amzn-remapped-content-length
145
x-amz-cf-pop
LHR50-P6
age
0
x-amzn-remapped-connection
close
x-yottaa-optimizations
ob/1000 si/34D1a5fe384c-1692638905-9989172669 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid
a63ea503-d804-454a-898c-769af58bc77a
x-cache
Miss from cloudfront
x-amz-apigw-id
KE1wFExqCYcFhXA=
content-length
134
etag
W/"91-9hvxjLVA99gcHRz6RcM26f06pZo"
x-amzn-trace-id
Root=1-64e50333-44884c9171be7e56437936b3;Sampled=0;lineage=2b75b0e9:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
3421a5fe382c/[522,518,-] 34D1a5fe384c/[-,526.246]
x-amzn-remapped-date
Tue, 22 Aug 2023 18:49:23 GMT
x-amz-cf-id
cdXYRveKXe_0fcolxw1XU3bYffSArSiE5pdC4wIUp_wFhk1Y5rP89w==
geo-ip
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.105
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language
de-DE,de;q=0.9
x-pwa-request
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 34214b9a4887c1cdb1a08c4e2e17bcfc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
0
x-yottaa-optimizations
ob/1000 si/34D1a5fe384c-1692638905-9989172673 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
deprecated
x-cache
Miss from cloudfront
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.105
x-yottaa-metrics
3421a5fe3830/[570,566,-] 34D1a5fe384c/[-,574.591]
cf-ray
7fad4ba329008889-LHR
x-dw-request-base-id
80MJ3DQD5WQBAAB_
x-amz-cf-id
yIM5_YHqMeGgnXjhWOpzx3p1ihzBi27lbeQrGOVdpofNma0L_hy3WQ==
geo-ip
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.105
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language
de-DE,de;q=0.9
x-pwa-request
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 1f26f4fcc7c0b4ff4d686295192ee71a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
0
x-yottaa-optimizations
ob/1000 si/34D1a5fe384c-1692638905-9989172676 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
deprecated
x-cache
Miss from cloudfront
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.105
x-yottaa-metrics
3421a5fe3831/[494,491,-] 34D1a5fe384c/[-,497.330]
cf-ray
7fad4ba31d843698-LHR
x-dw-request-base-id
Gj8ZjTQD5WQBAAB_
x-amz-cf-id
ZB-69PLnmm09sLMm6ihW2JGzSykbqXNv9fmxGDLM_ALsGyjL4j6qGA==
baskets
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwrtFmbI0kHkRmrsYmqYYl0dJ/ 		16 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwrtFmbI0kHkRmrsYmqYYl0dJ/baskets?siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
45a53939b0fa7df06e02e10297440c1001e71bd0b645a645bb03b414819cb0ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
accept-language
de-DE,de;q=0.9
x-pwa-request
true
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmY2YxOTBjOC1kODA1LTQ4MTAtYTcwNS03NWY5ZTRiOWE1ZWIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmE1YTg5NjIzLTk1NDktNDdhZS1iZTYzLTIyMzYzZTI5MjcxOCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTY5MjczMDEzMywic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJ3cnRGbWJJMGtIa1JtcnNZbXFZWWwwZEo6OmNoaWQ6ICIsImV4cCI6MTY5MjczMTk2MywiaWF0IjoxNjkyNzMwMTYzLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNTIyMjc5Mzg5MDMwNjMzIn0.gkZcqwJVOkijtksZXqpkFpau7Kl3xY3IY_8ct8N14OHp0fAaQDEbh-kqlD8_W4Nag71lP0y7CwMUrqhGXbeSdA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
x-correlation-id
7fad4ba3e9217785
via
1.1 34214b9a4887c1cdb1a08c4e2e17bcfc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
x-yottaa-optimizations
ob/1000 si/34D1a5fe384c-1692638905-9989172674 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
age
0
content-length
42
x-xss-protection
1; mode=block
vary
Accept-Encoding
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
x-frame-options
SAMEORIGIN
x-yottaa-metrics
3421a5fe3833/[418,404,-] 34D1a5fe384c/[-,525.988]
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwrtFmbI0kHkRmrsYmqYYl0dJ/baskets?siteId=elf-us
x-ratelimit-remaining
4574
x-ratelimit-limit
4600
accept-ranges
bytes
cf-ray
7fad4ba3e9217785-LHR
x-amz-cf-id
CG1sB-6oCC6XDrF0A2bSr9EyxiVvQvPLB_h5jSfwB1cTdDvNS2ySDQ==
x-yottaa-os
200
products
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 		198 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=17649%2C57014%2C57074%2C57530%2C57531%2C57532%2C57534%2C57548%2C57581%2C59910%2C59990%2C85922&currency=SAR&locale=en-SA&allImages=true&perPricebook=true&siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a4cd8f8518e289cf7e6c3d6af52723fa39f213acd028979a935292bc3be43c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
accept-language
de-DE,de;q=0.9
x-pwa-request
true
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmY2YxOTBjOC1kODA1LTQ4MTAtYTcwNS03NWY5ZTRiOWE1ZWIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmE1YTg5NjIzLTk1NDktNDdhZS1iZTYzLTIyMzYzZTI5MjcxOCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTY5MjczMDEzMywic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJ3cnRGbWJJMGtIa1JtcnNZbXFZWWwwZEo6OmNoaWQ6ICIsImV4cCI6MTY5MjczMTk2MywiaWF0IjoxNjkyNzMwMTYzLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNTIyMjc5Mzg5MDMwNjMzIn0.gkZcqwJVOkijtksZXqpkFpau7Kl3xY3IY_8ct8N14OHp0fAaQDEbh-kqlD8_W4Nag71lP0y7CwMUrqhGXbeSdA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
x-correlation-id
7fad4ba3399d23ab
content-encoding
gzip
x-amz-cf-pop
LHR50-P6
x-yottaa-optimizations
ob/1000 si/34D1a5fe384c-1692638905-9989172675 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
via
1.1 8b83ab42dd1ce40247789b7e810e6d4a.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
age
0
x-xss-protection
1; mode=block
last-modified
Tue, 22 Aug 2023 18:49:24 GMT
allow
GET,HEAD,OPTIONS
vary
accept-encoding
content-type
application/json;charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, must-revalidate, max-age=60
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=17649%2C57014%2C57074%2C57530%2C57531%2C57532%2C57534%2C57548%2C57581%2C59910%2C59990%2C85922&currency=SAR&locale=en-SA&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit
28000
x-yottaa-metrics
3421a5fe3832/[1318,1313,-] 34D1a5fe384c/[-,1321.597]
cf-ray
7fad4ba3399d23ab-LHR
x-ratelimit-remaining
27962
x-amz-cf-id
aFqvV4aGF0u7x0HPAISqBBCmiPjw4-KpbDsI5tIcMGB59N-rCzCm3A==
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		32 B
49 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
9d566b192360997a512a9281ee01a72109779a20c0d85dfa43d8a860034988a9

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 22 Aug 2023 18:49:22 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
event
qoe-1.yottaa.net/log-nt/ 		3 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/log-nt/event
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.174.14.146 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 22 Aug 2023 18:49:24 GMT
access-control-expose-headers
X-Results-Data-Source
access-control-allow-credentials
true
cache-control
no-cache
timing-allow-origin
*
content-type
text/json
sa.svg
www.elfcosmetics.com/mobify/bundle/9604/static/img/flag-icons/ 		15 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/mobify/bundle/9604/static/img/flag-icons/sa.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
8946bf63fa81c26b5a509eb6569c3d901a7909a6762be2c040492c1225e378bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
x-amz-version-id
lF7jHYU3JpXgtQJh82MfH6BUmnE9tept
via
1.1 72c8c6bd2753cbcc88d313a4f2598ff0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
LHR50-P6
age
606941
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/34D1a5fe384c-1692109559-2930779224 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-meta-deploy
531955
content-length
7157
x-amz-meta-bundle
9604
x-yottaa-forcecache
true, true
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
3421a5fe382d/[361,353,-] 34D1a5fe384c/[hit]
x-amz-cf-id
GRRDt9Fpkh_b9mEDcVhRHOdJBZ5e5CeHmV8tSghhjiSzYBfCOFAWWQ==
main.js
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 		145 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.86.37.229 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-86-37-229.deploy.static.akamaitechnologies.com
Software
nginx / Express
Resource Hash
df0985bc2d3c2c0c3d7f3e111c2ed93721c451fe411ff41bfd5779da00b8db15
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Date
Tue, 22 Aug 2023 18:49:24 GMT
Server
nginx
ETag
W/"aee69ba74a707d0d04da9e54a88f05bcf203bf23"
X-Powered-By
Express
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, max-age=900
Connection
keep-alive
Content-Length
43553
Expires
Tue, 22 Aug 2023 19:04:24 GMT
110221.ct.js
tag.rmp.rakuten.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.rmp.rakuten.com/110221.ct.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
305fe9a5f5590087ad5d80aa44c7a7f1416966806e955ce7a42ab086ec14e38c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 22 Aug 2023 18:49:24 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js
www.paypal.com/sdk/ 		385 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=SAR&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2ea4cb6777e4745ae601a09aabe6e5e2490a086a99f90c931fa3d70dc4443e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pfgdMP2UgfNHVvlKa/yTi73xoKCOYlVOcCWU8g9BoEhIEh+O' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pfgdMP2UgfNHVvlKa/yTi73xoKCOYlVOcCWU8g9BoEhIEh+O' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pfgdMP2UgfNHVvlKa/yTi73xoKCOYlVOcCWU8g9BoEhIEh+O' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pfgdMP2UgfNHVvlKa/yTi73xoKCOYlVOcCWU8g9BoEhIEh+O' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Aug 2023 18:49:24 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
5906
x-cache
HIT
p3p
true
paypal-debug-id
f887398e27053
server-timing
"traceparent;desc="00-0000000000000000000f887398e27053-7859232208bbe2eb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
109684
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220070-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f887398e27053-7c9a04a9072def94-01
x-timer
S1692730165.502651,VS0,VE6
etag
W/"1ac74-SEUAL33rsKbJFZCTD3eVr9g47rE"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1
/
websdk.appsflyer.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 18:49:24 GMT
Content-Encoding
gzip
x-amz-request-id
2YBD1Y83SA1VBPZN
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
11792
x-amz-id-2
Vo5gJfn4DHGgFFcnzwzpG4njjvgMt8LlOnQtX6RdM+uNb3LkYv06L++KpTpVEqpBqbyFMWzosrU=
Last-Modified
Wed, 14 Jun 2023 06:58:45 GMT
Server
AmazonS3
ETag
"5a676288bcea03bd05e483bc4ce066ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1361
Accept-Ranges
bytes
X-DataStream-Cache-Status
2
Expires
Tue, 22 Aug 2023 19:12:05 GMT
loader.js
cdn.usehero.com/ 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.usehero.com/loader.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:1000:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65b729622512d3c24c30cbd1a03cab9997e925a28eae9a1b8303401e5bd4fcc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:24:19 GMT
content-encoding
gzip
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 08:29:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
1505
x-amz-server-side-encryption
AES256
etag
W/"e88d96f6c8cb9dad9681652a8853e551"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
yvotF0s2t92krZbqhwxUOX6AcodVBuYmxz7VXi_RBHZjzQqHw5VSjw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10812184462/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10812184462/?random=1692730162511&cv=11&fst=1692730162511&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&hn=www.googleadservices.com&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&auid=69042085.1692730163&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e42616aa33a129decb42a827fe0799bc6cdf466152775e54537a85dd3107aca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1371
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/698270988/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/698270988/?random=1692730162514&cv=11&fst=1692730162514&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&value=0&bttype=purchase&auid=69042085.1692730163&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
90a7400d5664efef7aa064f265a8c83347a2153ce9c82f246afc27fb31af3aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1670
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/?random=1692730162526&cv=11&fst=1692730162526&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&hn=www.googleadservices.com&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&auid=69042085.1692730163&uamb=0&uaw=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&rfmt=3&fmt=4
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd2bbe2be54a37219890f439f5373722288c09b5c1b523522d31479d0d80de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
scevent.min.js
sc-static.net/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.38.245 , United States, ASN (),
Reverse DNS
server-3-162-38-245.cdg52.r.cloudfront.net
Software
CloudFront /
Resource Hash
4d37fd4fa6c0db58ee58d1fa67d0e2402883274b42938e745a799756a5cf3b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
gzip
via
1.1 0f03de5c911def3510d9e3ffa72c0a70.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CDG52-P6
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
16343
x-amz-cf-id
U790b6hvoi4mKT2VE9QrGab8fYdGhnKmdZjgqtjb-lgaFqacX_P_Fw==
core.js
s.pinimg.com/ct/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d045ab0a39895392a25e52ccef01397989534a60195d6b9ae227624f600884f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
br
x-cdn
fastly
etag
"6e7ebcfa37884d78352253e11cfcd656"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1474
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.207 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-207.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d63ed6c31d8bc874f7ee23f476c085adfbc29557cab22a7907a9d76089537465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-akamai-request-id
73d80dad.1ed9dd99
date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-207.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time
96,184.86.102.207
server-timing
cdn-cache; desc=MISS, edge; dur=81, origin; dur=15, inner; dur=4
content-length
1632
pragma
no-cache
server
nginx
x-tt-logid
20230822184924A17F828307B91C763DAB
x-cache-remote
TCP_MISS from a23-38-170-39.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
15,23.38.170.39
x-tt-trace-host
014447f45e8341b813f08b336e7c45a546cff73767147e6f58dc4c890620cb46d0de575d8482e9e1cbc028af8c3b8b216f45b07bc29a1f913a9a477708be04828ab02fcf1c1af1ed1378558c0396ab2375c2f75b4e3176c7f54d5875afb8fa6c10654061e8ba17feb37a47169be7c1ab51
expires
Tue, 22 Aug 2023 18:49:24 GMT
widget.js
js.jebbit.com/companion/v1/ 		95 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.jebbit.com/companion/v1/widget.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:7800:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfe3336c47d7719ee457546aafc04eb7650b20339b80df5d45828707c4e03da2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
J2wzRvCGTqFD_0yijOeEXxmM6TccdwDt
date
Mon, 21 Aug 2023 23:47:38 GMT
via
1.1 12106f573f4d659c0533de0d7a9042c0.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jul 2023 16:37:30 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P1
age
83264
x-amz-server-side-encryption
AES256
etag
"b834f59b90c341a5fcabe34f783c85c0"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
97712
x-amz-cf-id
2AVp5kA4SJSlqJP9rr1CB-rU6RuryGO6OMMUQ3zGUF0aYY0kzhO6Rg==
baskets
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a4f067026563de4a6ce70ffc8b5b40fa8a8ff0afe9b3184b14f91035acdbb162
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language
de-DE,de;q=0.9
x-pwa-request
true
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmY2YxOTBjOC1kODA1LTQ4MTAtYTcwNS03NWY5ZTRiOWE1ZWIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmE1YTg5NjIzLTk1NDktNDdhZS1iZTYzLTIyMzYzZTI5MjcxOCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTY5MjczMDEzMywic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJ3cnRGbWJJMGtIa1JtcnNZbXFZWWwwZEo6OmNoaWQ6ICIsImV4cCI6MTY5MjczMTk2MywiaWF0IjoxNjkyNzMwMTYzLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNTIyMjc5Mzg5MDMwNjMzIn0.gkZcqwJVOkijtksZXqpkFpau7Kl3xY3IY_8ct8N14OHp0fAaQDEbh-kqlD8_W4Nag71lP0y7CwMUrqhGXbeSdA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
via
1.1 44c8518ee2715e9ab8d35e8941daca88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-amz-cf-pop
LHR50-P6
age
0
x-yottaa-optimizations
ob/1000 si/34D1a5fe384c-1692638905-9989172689 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
deprecated
x-cache
Miss from cloudfront
content-length
1054
pragma
no-cache
etag
89601a6ac161847ed0be8861a4846048b972abf7450a261be8697c0ead61234b
allow
OPTIONS,POST
content-type
application/json;charset=UTF-8
x-dw-resource-state
89601a6ac161847ed0be8861a4846048b972abf7450a261be8697c0ead61234b
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
3421a5fe383b/[470,469,-] 34D1a5fe384c/[-,473.088]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets
accept-ranges
bytes
cf-ray
7fad4ba7c82d7741-LHR
x-dw-request-base-id
80Ma3DQD5WQBAAB_
x-amz-cf-id
3sZBVUaU7cB4vU1wwX3HoY2dlC_HtMVZua2e_PYknnZlT7d9deNllg==
x-yottaa-os
200
expires
Thu, 01 Dec 1994 16:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 22 Aug 2023 18:49:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47412
x-xss-protection
0
pragma
public
x-fb-debug
6itkK7enhm34R754uKlop64h5WYTye3WFFYn2LIhg+HBBWKWZRusyOYfr+5WSty/ztWv9ILLC4OYczBS9SGlPA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d926e018863e43cd56e25f02611fcef354b04787b3b3d4f932ff0d843c7e356c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89487
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 22 Aug 2023 18:49:24 GMT
1a8bfa042c9c5.js
t.contentsquare.net/uxa/ 		257 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.231.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-231-119.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
714e9295c4675a14aebbe665dccfabdb86f58cfb209046b280a88805201b557d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:11:56 GMT
content-encoding
br
via
1.1 9f8ec9bb50c39de1cdbf541a9313a472.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C1
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
63433
last-modified
Tue, 22 Aug 2023 09:09:21 GMT
server
AmazonS3
etag
"ab6ef0899045c8b7a313b494bf799258"
vary
Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
jBVcoes9nRe9NuJ5iY9TRpcC1JSON0Sn0inG2uR3m4UWNYNaRrSmZQ==
swiper.js
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.6/js/ 		268 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.6/js/swiper.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e6fdfe0de25d903ebf13597e3ac3615fb3c50df486cdf1da967650fcabae659
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1602294
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
39980
last-modified
Thu, 22 Jun 2023 10:42:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"649425b0-9c2c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uy4XFtVPoCkWgDONu1o1IomMEqliKOIaUKfynhT89NG4Vi90KCYM2D30o7JdEQisu62lHVeGWFVEGb67cJidZezEjdVYyTDmJV7s4lHS%2Fy64U6SvBFVEBRCRgFcvJxMmDQUve31Tf72y0Rqh%2FYfXNGsx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fad4ba968795c6e-FRA
expires
Sun, 11 Aug 2024 18:49:24 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:23:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
1575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 22 Aug 2023 19:23:09 GMT
main.85b84545.js
s.pinimg.com/ct/lib/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.85b84545.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1aa00cb6c11b0869393daefa90700e47d7e08001d1972a42e85b6dc78c64d835

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
br
x-cdn
fastly
etag
"5ac911c7d00351e2c4d834e7141ed9df"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
18158
/
www.google.com/pagead/1p-user-list/10812184462/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10812184462/?random=1692730162511&cv=11&fst=1692727200000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&fmt=3&is_vtc=1&random=1877074049&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10812184462/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10812184462/?random=1692730162511&cv=11&fst=1692727200000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&fmt=3&is_vtc=1&random=1877074049&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/698270988/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1839865300&cv=11&fst=1692730162514&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
  • https://www.google.com/pagead/1p-conversion/698270988/?random=1839865300&cv=11&fst=1692730162514&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen...
  • https://www.google.de/pagead/1p-conversion/698270988/?random=1839865300&cv=11&fst=1692730162514&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/698270988/?random=1839865300&cv=11&fst=1692730162514&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&value=0&auid=69042085.1692730163&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=EkxDaEVJOExtUnB3WVFydGJ3X2JtNzZZWEhBUklrQU9JbnlGVzAzd2ZSVXVoanB5UUtCT293bndpU2R1eHJmcElaZWdtT0xKUmZ0dUNjGldDaEVJOExtUnB3WVE2Zk9Ga3YyaDRkRFVBUklzQU1WU0drdTc1NkZKTTU5eklXOG1uMUttMDN4Smk3TTdleWhsMU14WkU4QkFsdmcwdWJuM1dPcHhYeVEiEwjSwJ-h9_CAAxU7xbsIHQ3nC5k&is_vtc=1&ocp_id=NAPlZNLWHruK7_UPjc6vyAk&cid=CAQSKQBpAlJWpZjFJ4VMdbxP6jCofKbUX9UNXFsnxHrSF1TQidagA7UXFCdV&eitems=ChEI8LmRpwYQpPfcoYy4uLygARIdAPUT8aMd-_TNTnhw-tPx-5fcDkm5Fvvn5zPGr2Q&random=684552448&ipr=y
Protocol
H3
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/698270988/?random=1839865300&cv=11&fst=1692730162514&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&value=0&auid=69042085.1692730163&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=EkxDaEVJOExtUnB3WVFydGJ3X2JtNzZZWEhBUklrQU9JbnlGVzAzd2ZSVXVoanB5UUtCT293bndpU2R1eHJmcElaZWdtT0xKUmZ0dUNjGldDaEVJOExtUnB3WVE2Zk9Ga3YyaDRkRFVBUklzQU1WU0drdTc1NkZKTTU5eklXOG1uMUttMDN4Smk3TTdleWhsMU14WkU4QkFsdmcwdWJuM1dPcHhYeVEiEwjSwJ-h9_CAAxU7xbsIHQ3nC5k&is_vtc=1&ocp_id=NAPlZNLWHruK7_UPjc6vyAk&cid=CAQSKQBpAlJWpZjFJ4VMdbxP6jCofKbUX9UNXFsnxHrSF1TQidagA7UXFCdV&eitems=ChEI8LmRpwYQpPfcoYy4uLygARIdAPUT8aMd-_TNTnhw-tPx-5fcDkm5Fvvn5zPGr2Q&random=684552448&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/865242110/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/865242110/?random=1692730162526&cv=11&fst=1692727200000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&random=3559469809&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/865242110/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/865242110/?random=1692730162526&cv=11&fst=1692727200000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&frm=0&tiba=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&random=3559469809&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1692730164628&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=5bddaed8-0548-4088-b6c7-d08d65a43312&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:24 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
display
api.usehero.com/webplugin/ 		162 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&state=untouched&outboundFeature=
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
368d1247b042a15e27862a717fe5f4d8c199d0d691c68cb0027222b10ee5e688
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies
none
surrogate-control
no-store
x-dns-prefetch-control
off
klarna-correlation-id
5711610d-4a65-40c6-80e3-ad7170c8e6de
cross-origin-resource-policy
same-origin
x-geo-longitude
13.38490
pragma
no-cache
referrer-policy
same-origin
etag
W/"a2-io3PLDmGK15PZH4nqZB6VD5m3ZQ"
x-frame-options
SAMEORIGIN
x-geo-zip
10117
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-latitude
52.52030
x-accuracy
1000
expires
0
date
Tue, 22 Aug 2023 18:49:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
x-time-zone
Europe/Berlin
x-envoy-upstream-service-time
79
content-length
162
x-xss-protection
0
x-request-id
5711610d-4a65-40c6-80e3-ad7170c8e6de
cross-origin-opener-policy
same-origin
x-download-options
noopen
x-country
DE
x-geo-city
Berlin
local
www.paypal.com/credit-presentment/experiments/ Frame C731 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1TQVImdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=SAR&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa03c7b2297dcde6853c9227c6ef11030525b3b04896922d3e17840a8d18ba6c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-rv/dzGq+AtXohIRdYGvIMVViq5Tmm5n1EpTlPiFO05w=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
10944
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1523
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-rv/dzGq+AtXohIRdYGvIMVViq5Tmm5n1EpTlPiFO05w=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 18:49:24 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1481-FgbSGljAP0m4qPFsy0JbAk4Echk"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f56236743c5d8
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f56236743c5d8-1ae7f3d8eeb6cc25-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f56236743c5d8-f49565898c2059e1-01
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
4167
x-served-by
cache-fra-etou8220070-FRA
x-timer
S1692730165.836621,VS0,VE1
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.com&t=xo&v=5.0.393&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&vault=true
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e3906cc63014bcd669daac008ea375e04f9e76b24c66a915b5a576a115a058a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Hj/d8nFD+1EyE9RB97rfTcUWsVnmz4IlnigJOZ7ODUwGHlWI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Hj/d8nFD+1EyE9RB97rfTcUWsVnmz4IlnigJOZ7ODUwGHlWI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Aug 2023 18:49:24 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
58121
x-cache
HIT
paypal-debug-id
f73787315503a
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4785
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220070-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f73787315503a-f3bc145d153336c2-01
x-timer
S1692730165.839339,VS0,VE1
etag
W/"359f-ajSq7AFUpBxvylf6YHkhM0ZfVbU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1
logger
www.paypal.com/xoplatform/logger/api/ 		1014 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=SAR&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
167f7c6f6a607d3217f563164479b0d84b3a4b52a71102817a6bb262d3b2f1dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f678334026b2a
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-etou8220024-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f678334026b2a-f703dffb157e67ba-01
x-timer
S1692730165.194732,VS0,VE162
etag
W/"3f6-imqzWNxuWikbIniI3iYLE9djNTw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Tue, 22 Aug 2023 18:49:25 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f678334b6a4aa
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f678334b6a4aa-265a26db68503fef-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220024-FRA
x-timer
S1692730165.963073,VS0,VE190
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=830543100&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&dp=%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&ul=en-us&de=UTF-8&dt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=aGDAAEALAAAAACgMIAC~&jid=&gjid=&cid=853737597.1692730163&tid=UA-432816-1&_gid=2105489768.1692730163&gtm=45He38l0n81WL3STMX&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=category&cd19=&cd21=SA&z=171644250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 22:44:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72269
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/ 		562 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1692730164864&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.85b84545.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
8129658760597457
content-length
385
pin-unauth
dWlkPVlUTXpOamRtTWpFdFlUQmhaQzAwTVdaaExUaGtabUl0TnpOallUUmhZalUyTm1NeA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
2aab430320b88faaad4c2c112b7a9c75e32167e1
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ 		562 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=viewcategory&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1692730164866&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.85b84545.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
2
x-pinterest-rid
3012160309558548
content-length
385
pin-unauth
dWlkPVpUSmhZak0yTnpZdFlUWTRaaTAwT0dSa0xUaGxNVEl0WmpZeE9ERTNabVE0WWpSaw
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
2aab430320b88faaad4c2c112b7a9c75e32167e1
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je38l0&_p=830543100&_gaz=1&cid=853737597.1692730163&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692730164&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&dt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&en=page_view&_fv=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZLYXLXNDL8&cid=853737597.1692730163&gtm=45je38l0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je38l0&_p=830543100&cid=853737597.1692730163&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=IA&_s=2&sid=1692730164&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&dt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZLYXLXNDL8&cid=853737597.1692730163&gtm=45je38l0&aip=1&z=74875031
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MTAwYzY4Y2VmMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		358 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTAwYzY4Y2VmMQ.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.207 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-207.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5ccf4991f47947a07e1b9bd330e12b2f257b32cc305067e39c1b7cafba03eaa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-akamai-request-id
1ed9e144
date
Tue, 22 Aug 2023 18:49:24 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023081014444977608F6053F4E97F875B
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-86-102-207.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
016b5e04c89b39f71b119a4d889305fd00533dcb19d391d2b9432ed65c2a11a7c60ac95e1178812fc8a1be9edb1d4f73610cf0643af3d93f9fdfd8d87d6a9a764269c7e83bc9f3dd91385a3ea7fb8172432a7e44fc48fa781d9e00c6605ee83373
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
98728
1638306756445368
connect.facebook.net/signals/config/ 		318 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1638306756445368?v=2.9.124&r=stable&domain=www.elfcosmetics.com
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
763caa36c114b79c082963b65272ea946d382e03c995a1cf4c1c036b0ea2ff62
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 22 Aug 2023 18:49:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
91550
x-xss-protection
0
pragma
public
x-fb-debug
g8iqCAw3SmN7Aa3XMxf+kKSEW8daMWGBSbJHvVDMTjks2RIk8agGJxJjAqYzr/nLnafkY6iHe8aXDzrSoKvIFg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2285b84545%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1692730164945
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:25 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
pinterest-version
2aab430320b88faaad4c2c112b7a9c75e32167e1
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
4
x-pinterest-rid
1463228638963898
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
1c266e46-2039-4a7f-9fa8-e0d6fcbadeac
https://www.elfcosmetics.com/ 		57 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://www.elfcosmetics.com/1c266e46-2039-4a7f-9fa8-e0d6fcbadeac
Requested by
Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b55f781a91080be3aedaf883d0fa79ea703f14c5e1188bddccbb7902ae2d6793

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
58235
Content-Type
text/css
launcher_configs
external-api.jebbit.com/moments/v2/ 		2 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZ3d3cuZWxmY29zbWV0aWNzLmNvbSUyRmVuX1NBJTJGc2tpbi1jYXJlJTNGZWxmX3NvdXJjZSUzREhQJTI2ZWxmX21lZGl1bSUzRGNhcm91c2VsJTI2ZWxmX2NhbXBhaWduJTNEcXVpY2tsaW5rNA==&completedLightboxCampaigns=W10=&jebbitCookies=
Requested by
Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.128.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-128-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options
noopen
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
expires
0
js
www.paypal.com/sdk/ Frame C731 		385 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=SAR&vault=true&components=buttons,messages
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1TQVImdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2ea4cb6777e4745ae601a09aabe6e5e2490a086a99f90c931fa3d70dc4443e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pfgdMP2UgfNHVvlKa/yTi73xoKCOYlVOcCWU8g9BoEhIEh+O' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pfgdMP2UgfNHVvlKa/yTi73xoKCOYlVOcCWU8g9BoEhIEh+O' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1TQVImdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pfgdMP2UgfNHVvlKa/yTi73xoKCOYlVOcCWU8g9BoEhIEh+O' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pfgdMP2UgfNHVvlKa/yTi73xoKCOYlVOcCWU8g9BoEhIEh+O' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Aug 2023 18:49:25 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
5907
x-cache
HIT
p3p
true
paypal-debug-id
f887398e27053
server-timing
"traceparent;desc="00-0000000000000000000f887398e27053-7859232208bbe2eb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
109684
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220070-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f887398e27053-7c9a04a9072def94-01
x-timer
S1692730165.049173,VS0,VE1
etag
W/"1ac74-SEUAL33rsKbJFZCTD3eVr9g47rE"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
2
pageview
c.contentsquare.net/ 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.contentsquare.net/pageview?pid=1926&uu=e637a2e2-9339-ad9d-a34f-72d24b092d65&sn=1&hd=1692730165&pn=1&dw=1600&dh=3418&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&uc=0&la=en-US&cvars=%7B%223%22%3A%5B%22Page%20Type%22%2C%22category%22%5D%7D&cvarp=%7B%223%22%3A%5B%22Page%20Type%22%2C%22category%22%5D%7D&v=13.39.0&pvt=n&ex=&r=331746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.254.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-254-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:25 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
jsp
ut.rd.linksynergy.com/ 		148 B
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
6bb10141d1d1b986a2463fc9ce0e867279b50c73d67c5cea8e5e7699672d81b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/plain; charset=utf-8
date
Tue, 22 Aug 2023 18:49:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-samesite
secure
ts
t.paypal.com/ 		42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1692730165083&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 22 Aug 2023 18:49:25 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
6952612b9e206
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220045-FRA
pragma
no-cache
correlation-id
6952612b9e206
traceparent
00-00000000000000000006952612b9e206-a65a6ec9dfdf0ec5-01
x-timer
S1692730165.209597,VS0,VE157
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:49:25 GMT
a1001eb2-fbb2-4d0d-b919-c2207bd30cc3
https://www.elfcosmetics.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.elfcosmetics.com/a1001eb2-fbb2-4d0d-b919-c2207bd30cc3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08d40bf2e4eed273d931293e52124d963a4c4ac3dd53228837cbb1de831251ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
7329
Content-Type
application/javascript
plugin.5.45.0.js
cdn.usehero.com/ Frame 0815 		244 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.usehero.com/plugin.5.45.0.js
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:1000:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f02f9df966fe2a6a945a46705c56eb14ee6db660daadd8c3050e9a517c2fd8af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:11:49 GMT
content-encoding
gzip
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 08:29:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
2257
x-amz-server-side-encryption
AES256
etag
W/"d3661979a8dc85bdd08cc82c5c26c01e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
s91PZa1gYIHzlhElLRR2o6e0w0s3kDHxYKGPQaxsPvEQY-hscLwSJQ==
PWA-UpdateSession
www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_SA/ 		56 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_SA/PWA-UpdateSession
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b79d4bee7ea24c188a51ae11265558a5fc8217e5f531dc9515264758f7ef082b

Request headers

Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
accept-language
de-DE,de;q=0.9
x-pwa-request
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
content-encoding
gzip
via
1.1 becf925bc0f305e6c4ad68e689dcc2ba.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
LHR50-P6
age
0
x-yottaa-optimizations
ob/1000 si/34D1a5fe384c-1692638905-9989172697 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
pragma
no-cache
content-type
application/json
cache-control
no-cache, no-store, must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_SA/PWA-UpdateSession
x-yottaa-metrics
3421a5fe38a0/[444,441,-] 34D1a5fe384c/[-,446.777]
cf-ray
7fad4bac597d069e-LHR
x-dw-request-base-id
P1ywyzUD5WQBAAB_
x-amz-cf-id
K8d3N7p4QbgyuysbbhObmT-CPVaTlQP2W6I6kabOYhs4Qj1prFSxUw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&rl=&if=false&ts=1692730165134&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692730165124.2019864754&ic=fbpixel&it=1692730164939&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 22 Aug 2023 18:49:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
ct.pinterest.com/v3/ 		35 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=viewcategory&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1692730165139&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2285b84545%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:25 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
pinterest-version
2aab430320b88faaad4c2c112b7a9c75e32167e1
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
x-pinterest-rid
1328239406920843
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify_2ff01.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_2ff01.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.207 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-207.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-akamai-request-id
1ed9e3a9
date
Tue, 22 Aug 2023 18:49:25 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230810144448574ED885D02F3878E2DF
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-86-102-207.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01ef94597cbc7e2775ff26e55ab7b543561fb6d06a94bd3ea3c88a79b21e2feeaddce1ad7a103f7c06b2acfcf54ec0e45dc45ee47c3e1dee1255df8df9c4f15158b0776f081f6d07e46f51aee1186d6303e2919675dac7da1795569eb12abc1dd4
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
30638
pixel
analytics.tiktok.com/api/v2/ 		0
695 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTAwYzY4Y2VmMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.207 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-207.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
5a6a270a.1ed9e449
date
Tue, 22 Aug 2023 18:49:25 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-207.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time
114,184.86.102.207
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=33, inner; dur=25
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202308221849258F843889630EFEFA479C
x-cache-remote
TCP_MISS from a23-38-170-15.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
34,23.38.170.15
x-tt-trace-host
014447f45e8341b813f08b336e7c45a546cff73767147e6f58dc4c890620cb46d02e9db5e14b27be3fb1030d8288e8e23cdb53d5e4f66da304adc428388c211452b4f61efb1bda70c1341d32231a1bb4bdb54835b70671f9852e4f89471f31d7337e460ed46e4bd678ed279a2c2b651b3b
expires
Tue, 22 Aug 2023 18:49:25 GMT
dvar
c.contentsquare.net/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.contentsquare.net/dvar?v=13.39.0&pid=1926&pn=1&sn=1&uu=e637a2e2-9339-ad9d-a34f-72d24b092d65&dv=H4sIAAAAAAAAA6tWcnSKd4mMd8%2FJT0rMUXDOzyspys9RCEktLlGyUnKpzEvMzUxWiMxMzUlRcK0oSC3KTM1LTi1W0oHqQ4gpGAI1hCUWZSaWZObnAXkwJT755QqeeSWpeSATA%2FILSnOAikoqlWoB8S1cunwAAAA%3D&ct=2&r=334798
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.254.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-254-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 18:49:25 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
c69c204f-fba0-4685-aea8-ad32f799fa5d.js
tr.snapchat.com/config/com/ 		151 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/c69c204f-fba0-4685-aea8-ad32f799fa5d.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
eebd913d0c940be62e69720864ce2231bfb381f9a41454024a909e68dc698a81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/
Origin
https://www.elfcosmetics.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://www.elfcosmetics.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
hash
www.paypal.com/credit-presentment/experiments/ Frame C731 		40 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_60e6d2ba65_mtg6ndk6mju
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1TQVImdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f0f4e76fe2d0b54ca506288a097fb74ba17de519f6de75e7dd217bf4b14960b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1TQVImdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding
gzip
via
1.1 varnish
date
Tue, 22 Aug 2023 18:49:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
edge-cache-tag
up-treatments-hash
x-cache
MISS
paypal-debug-id
f67833474662c
server-timing
"traceparent;desc="00-0000000000000000000f67833474662c-d3110abef66fe01f-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
57
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220070-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f67833474662c-6aee5ff65e048cc1-01
x-timer
S1692730165.353198,VS0,VE178
etag
W/"28-GNlGFFbtzUtFFQ4d20lcsOZlJnc"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
s-maxage=86400, max-age=0
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0
i
tr.snapchat.com/cm/ Frame F3E7 		0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=cf5e0266-dda4-4b31-9f43-d56e7564cc6f&u_sclid=f351357f-ca52-47cd-8e03-b7ab271641b4
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 22 Aug 2023 18:49:25 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
sa.svg
www.elfcosmetics.com/mobify/bundle/9604/static/img/flag-icons/ 		15 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/mobify/bundle/9604/static/img/flag-icons/sa.svg
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
8946bf63fa81c26b5a509eb6569c3d901a7909a6762be2c040492c1225e378bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
x-amz-version-id
lF7jHYU3JpXgtQJh82MfH6BUmnE9tept
via
1.1 72c8c6bd2753cbcc88d313a4f2598ff0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
LHR50-P6
age
606942
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/34D1a5fe384c-1692109559-2930779224 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-meta-deploy
531955
content-length
7157
x-amz-meta-bundle
9604
x-yottaa-forcecache
true, true
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
3421a5fe382d/[361,353,-] 34D1a5fe384c/[hit]
x-amz-cf-id
GRRDt9Fpkh_b9mEDcVhRHOdJBZ5e5CeHmV8tSghhjiSzYBfCOFAWWQ==
act
analytics.tiktok.com/api/v2/pixel/ 		0
694 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTAwYzY4Y2VmMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.207 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-207.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7b92c87f.1ed9e82f
date
Tue, 22 Aug 2023 18:49:25 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-207.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time
106,184.86.102.207
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=26, inner; dur=18
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202308221849254CE7A0FFCB0854FB290C
x-cache-remote
TCP_MISS from a23-38-170-84.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
26,23.38.170.84
x-tt-trace-host
014447f45e8341b813f08b336e7c45a546cff73767147e6f58dc4c890620cb46d0c13b4fec26ba844cd2de4e43ffc58e9d5525c50eb39069cd79cb05b6086b4efb57113a5c85c852215f4b4f794112509dffe026a39c70a857e2284706e735009c11a2ba95c4d37533c6541e3f52f70c3f
expires
Tue, 22 Aug 2023 18:49:25 GMT
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
a809a1bbc7930fd08bb2bec3444442b2b2b90b2e9667626258c94ae674d1e362
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
f699ded0132b5
dc
ccg11-origin-www-1.paypal.com
content-length
16399
last-modified
Thu, 17 Aug 2023 18:18:25 GMT
server
ECAcc (frc/4CA9)
traceparent
00-0000000000000000000f699ded0132b5-df9b93c1afb23289-01
etag
"64de6471-dad6+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 22 Aug 2023 19:49:25 GMT
ct.html
ct.pinterest.com/ Frame 26A9 		565 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 18:49:25 GMT
pinterest-version
2aab430320b88faaad4c2c112b7a9c75e32167e1
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
1288247449206873
chunk.716.dfe15fe122d1d132c920.js
cdn.usehero.com/ Frame 0815 		832 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.usehero.com/chunk.716.dfe15fe122d1d132c920.js
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/plugin.5.45.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:1000:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d385a7d1e3abd69b6dd4e5078de04295e3d3153efd11cfaccdb1d938e12547b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 17:56:07 GMT
content-encoding
gzip
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 08:29:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
3199
x-amz-server-side-encryption
AES256
etag
W/"d249cceeb11c30df800231f85432cf5c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Kt8Ew8tvQcTh-pqQZ6C0H6qNs68MfE4Omx6fp-c3Ms6OKhwmA4qzqQ==
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1638306756445368&ev=Microdata&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&rl=&if=false&ts=1692730165693&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN%22%2C%22meta%3Adescription%22%3A%22Shop%20e.l.f.%20Cosmetics%20skin%20care%20for%20luxury%20products%20at%20a%20budget-friendly%20price.%20Affordable%2C%20cruelty-free%20beauty%20at%20drugstore%20prices.%20Buy%20now!%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22e.l.f.%20Cosmetics%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692730165124.2019864754&ic=fbpixel&it=1692730164939&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 22 Aug 2023 18:49:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
logger
www.paypal.com/xoplatform/logger/api/ Frame C731 		0
0
p
tr.snapchat.com/ 		68 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&bt=1d53c387&if=false&d_bvs=%5B%5D&huah=true&m_dcl=5155&m_df=true&m_dv=true&m_fcps=5095&m_pi=5155&m_pl=9860&m_pv=2&m_rd=11505&m_sl=0&m_sh=1200&m_sw=1600&rf=&trackId=dc3b66a3-a844-4c52-80a6-b3750c222c38&ts=1692730165720&u_c1=88f188c9-ce4e-469d-9fa0-acde46a4879c&u_sclid=f351357f-ca52-47cd-8e03-b7ab271641b4&u_scsid=cf5e0266-dda4-4b31-9f43-d56e7564cc6f&v=3.1.6-2308171801
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
aea6191ac8a9900ebe756a2e86
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets/aea6191ac8a9900ebe756a2e86
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.9e/mobify/bundle/9604/vendor.js?yocs=F_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
87c4202cfb748228eab37640e03ad9d0b55a15dd4a8e81e1956cad5f6413ec07
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language
de-DE,de;q=0.9
x-pwa-request
true
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmY2YxOTBjOC1kODA1LTQ4MTAtYTcwNS03NWY5ZTRiOWE1ZWIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmE1YTg5NjIzLTk1NDktNDdhZS1iZTYzLTIyMzYzZTI5MjcxOCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTY5MjczMDEzMywic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJ3cnRGbWJJMGtIa1JtcnNZbXFZWWwwZEo6OmNoaWQ6ICIsImV4cCI6MTY5MjczMTk2MywiaWF0IjoxNjkyNzMwMTYzLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNTIyMjc5Mzg5MDMwNjMzIn0.gkZcqwJVOkijtksZXqpkFpau7Kl3xY3IY_8ct8N14OHp0fAaQDEbh-kqlD8_W4Nag71lP0y7CwMUrqhGXbeSdA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

x-yottaa-profileid
5a0c9b7632f01c35d4210220
date
Tue, 22 Aug 2023 18:49:26 GMT
via
1.1 0316c07369e8911f4fffe6ae5475e30c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-amz-cf-pop
LHR50-P6
age
0
x-yottaa-optimizations
ob/1000 si/34D1a5fe384c-1692638905-9989172708 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
deprecated
x-cache
Miss from cloudfront
content-length
1004
etag
202edc99c17c5f7aa7b856c94154ac399418fe713a3e94e9d277e2cda920d35c
allow
DELETE,GET,HEAD,OPTIONS,PATCH
content-type
application/json;charset=UTF-8
x-dw-resource-state
202edc99c17c5f7aa7b856c94154ac399418fe713a3e94e9d277e2cda920d35c
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-os
200
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets/aea6191ac8a9900ebe756a2e86
accept-ranges
bytes
cf-ray
7fad4bb05be4dc51-LHR
x-dw-request-base-id
80M23DYD5WQBAAB_
x-amz-cf-id
74Nu99ZCMMFak3jmQNaC4F3sfYcSNSUqEj1g-SZ5aHokdJwRNl53Uw==
x-yottaa-metrics
3421a5fe389b/[335,332,-] 34D1a5fe384c/[-,338.525]
shopper
api.usehero.com/localisation/ Frame 0815 		35 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/localisation/shopper?appId=efcf9631-4c6b-4874-9f76-51f71464249a&version=5.45.0
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/chunk.716.dfe15fe122d1d132c920.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0845565f82ccec60254a6467286855b9ad9c58f9b75a1833b4f546c1533edfc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-time-zone
Europe/Berlin
klarna-correlation-id
344354b8-6dce-47af-b057-ff5b20b65310
x-envoy-upstream-service-time
15
x-geo-longitude
13.38490
x-request-id
344354b8-6dce-47af-b057-ff5b20b65310
access-control-max-age
21600
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-country
DE
cache-control
max-age=86400, public
x-geo-city
Berlin
x-geo-latitude
52.52030
x-geo-zip
10117
access-control-allow-headers
DNT,Accept-Language,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,x-region-id,x-api-version
x-accuracy
1000
hm
tr.snapchat.com/ 		68 B
88 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/hm
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Aug 2023 18:49:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/json
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-transform
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
hm
tr.snapchat.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/hm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
https://www.elfcosmetics.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 22 Aug 2023 18:49:25 GMT
server
API Gateway
via
1.1 google
index.html
www.paypalobjects.com/muse/analytics/ Frame 2537 		55 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
6f0c358d27c999e8e496a45ddb195f408565fc8fda4b5810ead872b80abdc76e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16723
content-type
text/html
date
Tue, 22 Aug 2023 18:49:25 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64de6471-da89+gzip"
expires
Tue, 22 Aug 2023 19:49:25 GMT
last-modified
Thu, 17 Aug 2023 18:18:25 GMT
paypal-debug-id
ecb4174d62df2
server
ECAcc (frc/4CBF)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000ecb4174d62df2-cfeb3b4a35fa0970-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
noop.js
www.paypalobjects.com/muse/ Frame 2537 		18 B
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7D25) /
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
paypal-debug-id
1041facd77d93
dc
ccg11-origin-www-1.paypal.com
content-length
18
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
server
ECAcc (daa/7D25)
traceparent
00-00000000000000000001041facd77d93-5c4975d3adb1ed34-01
etag
"60271cd0-12"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 22 Aug 2023 18:49:25 GMT
ts
t.paypal.com/ 		42 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Skin%20Care%20Products%20%7C%20e.l.f.%20SKIN&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1692730165931&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 22 Aug 2023 18:49:26 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
8a3d1ebe97cc9
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220045-FRA
pragma
no-cache
correlation-id
8a3d1ebe97cc9
traceparent
00-00000000000000000008a3d1ebe97cc9-b420495cf3666387-01
x-timer
S1692730166.949883,VS0,VE145
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:49:26 GMT
settings
api.usehero.com/webplugin/ Frame 0815 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/webplugin/settings?appId=efcf9631-4c6b-4874-9f76-51f71464249a
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/chunk.716.dfe15fe122d1d132c920.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
84a997d5c14b6f085d2dfbf74a012f911aca8cde52abcdd825fc986aaeb90ed1
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-encoding
gzip
x-permitted-cross-domain-policies
none
surrogate-control
no-store
x-dns-prefetch-control
off
klarna-correlation-id
495e6e21-751d-4a89-a98a-eefa282d78d0
cross-origin-resource-policy
same-origin
x-geo-longitude
13.38490
pragma
no-cache
referrer-policy
same-origin
etag
W/"625-ExeunQrj0CJKAR1lIdEbE2S4ZNk"
x-frame-options
SAMEORIGIN
x-geo-zip
10117
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-latitude
52.52030
x-accuracy
1000
expires
0
date
Tue, 22 Aug 2023 18:49:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
x-time-zone
Europe/Berlin
x-envoy-upstream-service-time
11
x-xss-protection
0
x-request-id
495e6e21-751d-4a89-a98a-eefa282d78d0
cross-origin-opener-policy
same-origin
x-download-options
noopen
x-country
DE
x-geo-city
Berlin
sa.svg
www.elfcosmetics.com/mobify/bundle/9604/static/img/flag-icons/ 		15 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/mobify/bundle/9604/static/img/flag-icons/sa.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.76 Hutto, United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
8946bf63fa81c26b5a509eb6569c3d901a7909a6762be2c040492c1225e378bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/en_SA/skin-care?elf_source=HP&elf_medium=carousel&elf_campaign=quicklink4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:26 GMT
x-amz-version-id
lF7jHYU3JpXgtQJh82MfH6BUmnE9tept
via
1.1 72c8c6bd2753cbcc88d313a4f2598ff0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
LHR50-P6
age
606943
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/34D1a5fe384c-1692109559-2930779224 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-meta-deploy
531955
content-length
7157
x-amz-meta-bundle
9604
x-yottaa-forcecache
true, true
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
3421a5fe382d/[361,353,-] 34D1a5fe384c/[hit]
x-amz-cf-id
GRRDt9Fpkh_b9mEDcVhRHOdJBZ5e5CeHmV8tSghhjiSzYBfCOFAWWQ==
graphql
www.paypal.com/targeting/ Frame 2537 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bbc34fd4b5e29e169a81d802b2b080fe215da0c0cbd433b059ef794696023a8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-HyviQK9Iwf/WRyT2q5qv3+mrtWIvbdVK3r0KEywrpJrWnRv+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-HyviQK9Iwf/WRyT2q5qv3+mrtWIvbdVK3r0KEywrpJrWnRv+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish
date
Tue, 22 Aug 2023 18:49:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
paypal-debug-id
f158246ccdc15
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220070-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f158246ccdc15-62f5f4bc9ab054b6-01
x-timer
S1692730167.674528,VS0,VE239
etag
W/"1b3-4tczsRtWeBVfHbms8RrIwfifWNU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 22 Aug 2023 18:49:26 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f2504235aa410
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f2504235aa410-ad10df9adcbb9a59-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220024-FRA
x-timer
S1692730166.458414,VS0,VE176
metrics
api.usehero.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/metrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 22 Aug 2023 18:49:26 GMT
expires
0
klarna-correlation-id
a5749e6e-9675-4484-a89e-bc8cbfcfd0d0
origin-agent-cluster
?1
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=15552000; includeSubDomains max-age=31536000; includeSubdomains; preload
surrogate-control
no-store
vary
Access-Control-Request-Headers
x-accuracy
1000
x-content-type-options
nosniff
x-country
DE
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
7
x-frame-options
SAMEORIGIN
x-geo-city
Berlin
x-geo-latitude
52.52030
x-geo-longitude
13.38490
x-geo-zip
10117
x-permitted-cross-domain-policies
none
x-request-id
a5749e6e-9675-4484-a89e-bc8cbfcfd0d0
x-time-zone
Europe/Berlin
x-xss-protection
0
metrics
api.usehero.com/ Frame 0815 		0
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/metrics
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/chunk.716.dfe15fe122d1d132c920.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 22 Aug 2023 18:49:26 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
surrogate-control
no-store
x-dns-prefetch-control
off
x-time-zone
Europe/Berlin
klarna-correlation-id
93f2c63b-b58e-45b3-9f2e-7d8eaa6e4213
x-envoy-upstream-service-time
9
cross-origin-resource-policy
same-origin
x-geo-longitude
13.38490
x-xss-protection
0
x-request-id
93f2c63b-b58e-45b3-9f2e-7d8eaa6e4213
pragma
no-cache
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-geo-zip
10117
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-city
Berlin
x-geo-latitude
52.52030
x-country
DE
x-accuracy
1000
expires
0
metrics
api.usehero.com/ Frame 0815 		0
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/metrics
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/chunk.716.dfe15fe122d1d132c920.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 22 Aug 2023 18:49:26 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
surrogate-control
no-store
x-dns-prefetch-control
off
x-time-zone
Europe/Berlin
klarna-correlation-id
d83aee79-8097-4cf1-9db9-08e64a50af09
x-envoy-upstream-service-time
11
cross-origin-resource-policy
same-origin
x-geo-longitude
13.38490
x-xss-protection
0
x-request-id
d83aee79-8097-4cf1-9db9-08e64a50af09
pragma
no-cache
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-geo-zip
10117
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-city
Berlin
x-geo-latitude
52.52030
x-country
DE
x-accuracy
1000
expires
0
metrics
api.usehero.com/ Frame 0815 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/metrics
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/chunk.716.dfe15fe122d1d132c920.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 22 Aug 2023 18:49:26 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
surrogate-control
no-store
x-dns-prefetch-control
off
x-time-zone
Europe/Berlin
klarna-correlation-id
7e71151c-b212-4d02-a914-56f1cccd2e9c
x-envoy-upstream-service-time
8
cross-origin-resource-policy
same-origin
x-geo-longitude
13.38490
x-xss-protection
0
x-request-id
7e71151c-b212-4d02-a914-56f1cccd2e9c
pragma
no-cache
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-geo-zip
10117
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-city
Berlin
x-geo-latitude
52.52030
x-country
DE
x-accuracy
1000
expires
0
lineup
api.usehero.com/info/ Frame 0815 		284 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/info/lineup?appId=efcf9631-4c6b-4874-9f76-51f71464249a&id=3VNlAm9GwR
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/chunk.716.dfe15fe122d1d132c920.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
db925c18e65ac76d3e7bf91e972b553d7b49871eaf825b7a02107afd19f1ccb1
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies
none
surrogate-control
no-store
x-dns-prefetch-control
off
klarna-correlation-id
c5fccad3-10e0-49f4-9632-67660f8cab2e
cross-origin-resource-policy
same-origin
x-geo-longitude
13.38490
pragma
no-cache
referrer-policy
same-origin
etag
W/"11c-HvpyE9rfkr76/mQFHROdWU4+drg"
x-frame-options
SAMEORIGIN
x-geo-zip
10117
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public, max-age=120
x-geo-latitude
52.52030
x-accuracy
1000
expires
0
date
Tue, 22 Aug 2023 18:49:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
x-time-zone
Europe/Berlin
x-envoy-upstream-service-time
11
content-length
284
x-xss-protection
0
x-request-id
c5fccad3-10e0-49f4-9632-67660f8cab2e
cross-origin-opener-policy
same-origin
x-download-options
noopen
x-country
DE
x-geo-city
Berlin
metrics
api.usehero.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/metrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 22 Aug 2023 18:49:26 GMT
expires
0
klarna-correlation-id
2f2bdb61-778d-49fe-b146-88713d9cd6fa
origin-agent-cluster
?1
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=15552000; includeSubDomains max-age=31536000; includeSubdomains; preload
surrogate-control
no-store
vary
Access-Control-Request-Headers
x-accuracy
1000
x-content-type-options
nosniff
x-country
DE
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
6
x-frame-options
SAMEORIGIN
x-geo-city
Berlin
x-geo-latitude
52.52030
x-geo-longitude
13.38490
x-geo-zip
10117
x-permitted-cross-domain-policies
none
x-request-id
2f2bdb61-778d-49fe-b146-88713d9cd6fa
x-time-zone
Europe/Berlin
x-xss-protection
0
metrics
api.usehero.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/metrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 22 Aug 2023 18:49:26 GMT
expires
0
klarna-correlation-id
acd6e038-4423-4455-a9b5-4a1230ac362b
origin-agent-cluster
?1
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=15552000; includeSubDomains max-age=31536000; includeSubdomains; preload
surrogate-control
no-store
vary
Access-Control-Request-Headers
x-accuracy
1000
x-content-type-options
nosniff
x-country
DE
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
4
x-frame-options
SAMEORIGIN
x-geo-city
Berlin
x-geo-latitude
52.52030
x-geo-longitude
13.38490
x-geo-zip
10117
x-permitted-cross-domain-policies
none
x-request-id
acd6e038-4423-4455-a9b5-4a1230ac362b
x-time-zone
Europe/Berlin
x-xss-protection
0
metrics
api.usehero.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/metrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 22 Aug 2023 18:49:26 GMT
expires
0
klarna-correlation-id
8d3157b2-0a90-4e25-aba9-e25e5ca03938
origin-agent-cluster
?1
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=15552000; includeSubDomains max-age=31536000; includeSubdomains; preload
surrogate-control
no-store
vary
Access-Control-Request-Headers
x-accuracy
1000
x-content-type-options
nosniff
x-country
DE
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
5
x-frame-options
SAMEORIGIN
x-geo-city
Berlin
x-geo-latitude
52.52030
x-geo-longitude
13.38490
x-geo-zip
10117
x-permitted-cross-domain-policies
none
x-request-id
8d3157b2-0a90-4e25-aba9-e25e5ca03938
x-time-zone
Europe/Berlin
x-xss-protection
0
metrics
api.usehero.com/ Frame 0815 		0
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/metrics
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/chunk.716.dfe15fe122d1d132c920.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.98.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-98-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.elfcosmetics.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 22 Aug 2023 18:49:26 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
surrogate-control
no-store
x-dns-prefetch-control
off
x-time-zone
Europe/Berlin
klarna-correlation-id
c92ba37e-852a-4dd8-8b94-63ab9e58b01e
x-envoy-upstream-service-time
8
cross-origin-resource-policy
same-origin
x-geo-longitude
13.38490
x-xss-protection
0
x-request-id
c92ba37e-852a-4dd8-8b94-63ab9e58b01e
pragma
no-cache
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-geo-zip
10117
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-city
Berlin
x-geo-latitude
52.52030
x-country
DE
x-accuracy
1000
expires
0
lqRiQXDD6L-uKFjelXCdNsJJUB86TAX--56x56.jpg
upload.usehero.com/avatars/ Frame 0815 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.usehero.com/avatars/lqRiQXDD6L-uKFjelXCdNsJJUB86TAX--56x56.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-117.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64fb011f8aa4f1a4470c3093845f0c2047a21504f823e2ec6f6684d87b81f0f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 12:33:01 GMT
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
last-modified
Sun, 12 Feb 2023 00:23:18 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
age
22587
x-amz-server-side-encryption
AES256
etag
"278d510e97539c507718c7343b8f3dc7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
928
x-amz-cf-id
GKdk39hmiD7FACtnoBIaU8h9BKTaNsgzRjifiV7FF5KHrxqUk5ruiA==
U5YtXBWRyw-lXZknMeYZw50zvH2qmOtC-56x56.jpg
upload.usehero.com/avatars/ Frame 0815 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.usehero.com/avatars/U5YtXBWRyw-lXZknMeYZw50zvH2qmOtC-56x56.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-117.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6c31aab66c7d12f65fb2d3d9feb66b5eaa697471a6259c19f65d55337eee0d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:16:58 GMT
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
last-modified
Thu, 06 Apr 2023 20:17:49 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
age
1950
x-amz-server-side-encryption
AES256
etag
"42ac0c7f92c94a27b5bf3f04ae16a051"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1174
x-amz-cf-id
kvqGrZJQ2Hv1xICLNTWtYrZruDipiQICtSvsFW3URh9KqzvU0mxgFg==
BUUYQz9sKY-10CD5q-b8ktpSU8JDZYrl-56x56.jpg
upload.usehero.com/avatars/ Frame 0815 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.usehero.com/avatars/BUUYQz9sKY-10CD5q-b8ktpSU8JDZYrl-56x56.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-117.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39b407ba527842ba6587698367b62e9c4770a0f1fb906c220879568cce0b1063

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:30:40 GMT
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
last-modified
Tue, 22 Feb 2022 11:23:23 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
age
15528
etag
"3436467bdbf884d229cc844f2d56d81a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1279
x-amz-cf-id
Mbniy0yNpUTM6RxuOKEpDRsVbu6Svi_IMvQQqtwgtUN7CVZZrdk40A==
458359.gif
idsync.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458359.gif?partner_uid=5d74a8e7-d140-40c7-9ac1-3430e7da1b68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:49:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
lqRiQXDD6L-uKFjelXCdNsJJUB86TAX--56x56.jpg
upload.usehero.com/avatars/ Frame E05E 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.usehero.com/avatars/lqRiQXDD6L-uKFjelXCdNsJJUB86TAX--56x56.jpg
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/plugin.5.45.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-117.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64fb011f8aa4f1a4470c3093845f0c2047a21504f823e2ec6f6684d87b81f0f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 12:33:01 GMT
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
last-modified
Sun, 12 Feb 2023 00:23:18 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
age
22587
x-amz-server-side-encryption
AES256
etag
"278d510e97539c507718c7343b8f3dc7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
928
x-amz-cf-id
_5BkqyZ95tMmt7LS3D4kH969HS1ezyCXPDX_EI8QUMSaA55g3IBiNQ==
U5YtXBWRyw-lXZknMeYZw50zvH2qmOtC-56x56.jpg
upload.usehero.com/avatars/ Frame E05E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.usehero.com/avatars/U5YtXBWRyw-lXZknMeYZw50zvH2qmOtC-56x56.jpg
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/plugin.5.45.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-117.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6c31aab66c7d12f65fb2d3d9feb66b5eaa697471a6259c19f65d55337eee0d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:16:58 GMT
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
last-modified
Thu, 06 Apr 2023 20:17:49 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
age
1950
x-amz-server-side-encryption
AES256
etag
"42ac0c7f92c94a27b5bf3f04ae16a051"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1174
x-amz-cf-id
VWPRR564uqoQc7X5LBBOqEp0x4NlDeXH_TJq5geLKA24KR81ul3i-A==
BUUYQz9sKY-10CD5q-b8ktpSU8JDZYrl-56x56.jpg
upload.usehero.com/avatars/ Frame E05E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.usehero.com/avatars/BUUYQz9sKY-10CD5q-b8ktpSU8JDZYrl-56x56.jpg
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/plugin.5.45.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-117.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39b407ba527842ba6587698367b62e9c4770a0f1fb906c220879568cce0b1063

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:30:40 GMT
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
last-modified
Tue, 22 Feb 2022 11:23:23 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
age
15528
etag
"3436467bdbf884d229cc844f2d56d81a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1279
x-amz-cf-id
t8-7Ck5SQZJggjr24qC1D63FhFpIL_pHvpotg-GdMI_sb1EjTPJonA==
lqRiQXDD6L-uKFjelXCdNsJJUB86TAX--56x56.jpg
upload.usehero.com/avatars/ Frame A813 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.usehero.com/avatars/lqRiQXDD6L-uKFjelXCdNsJJUB86TAX--56x56.jpg
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/plugin.5.45.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-117.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64fb011f8aa4f1a4470c3093845f0c2047a21504f823e2ec6f6684d87b81f0f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 12:33:01 GMT
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
last-modified
Sun, 12 Feb 2023 00:23:18 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
age
22587
x-amz-server-side-encryption
AES256
etag
"278d510e97539c507718c7343b8f3dc7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
928
x-amz-cf-id
WNK1mCYZVes6BwCgUHcR11keTn4jLrtFtD5YmdYet0yIOtzazUompw==
U5YtXBWRyw-lXZknMeYZw50zvH2qmOtC-56x56.jpg
upload.usehero.com/avatars/ Frame A813 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.usehero.com/avatars/U5YtXBWRyw-lXZknMeYZw50zvH2qmOtC-56x56.jpg
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/plugin.5.45.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-117.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6c31aab66c7d12f65fb2d3d9feb66b5eaa697471a6259c19f65d55337eee0d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 18:16:58 GMT
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
last-modified
Thu, 06 Apr 2023 20:17:49 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
age
1950
x-amz-server-side-encryption
AES256
etag
"42ac0c7f92c94a27b5bf3f04ae16a051"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1174
x-amz-cf-id
VoebZwjPDFal29DlbXIUMAJ6ig5XmnkSOAoy_sMfRXIs9WLW7cdxiQ==
BUUYQz9sKY-10CD5q-b8ktpSU8JDZYrl-56x56.jpg
upload.usehero.com/avatars/ Frame A813 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.usehero.com/avatars/BUUYQz9sKY-10CD5q-b8ktpSU8JDZYrl-56x56.jpg
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/plugin.5.45.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-117.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39b407ba527842ba6587698367b62e9c4770a0f1fb906c220879568cce0b1063

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:30:40 GMT
via
1.1 834f63af56be39c339db32b1eb931e1a.cloudfront.net (CloudFront)
last-modified
Tue, 22 Feb 2022 11:23:23 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
age
15528
etag
"3436467bdbf884d229cc844f2d56d81a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1279
x-amz-cf-id
LK-R0yhoNK_IcYItfQCqucTzD5-EujVMLWIZVSNMdLY6k1BrDeL3NQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.pointmediatracker.com
URL
https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=28e41719-94f1-40cf-88a6-0fbcc13f6845&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&gtmcb=632931498
Domain
www.paypal.com
URL
https://www.paypal.com/xoplatform/logger/api/logger

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| documentPictureInPicture object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host string| _pxAppId object| content object| PXXT4Gy2ig object| PX undefined| _XT4Gy2ighandler object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime function| _ function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive boolean| __HYDRATING__ object| dataLayer boolean| rakutenDataLayer object| DataLayer object| gaViewedIdsForPage object| DY boolean| otSPAPathChange boolean| otIsInitialized boolean| otBlockOptOutInitReload function| OptanonWrapper string| AppsFlyerSdkObject function| AF object| OneTrustStub object| DYExps object| DYO object| _dy_memStore object| DYJSON object| _uxa object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| onetrustActiveGroups function| create_UUID function| createCookie string| GoogleAnalyticsObject function| ga object| HeroWebPluginSettings string| HeroObject function| hero object| GooglebQhCsO function| snaptr function| pintrk function| rdt string| TiktokAnalyticsObject object| ttq object| JebbitObject function| jebbit function| fbq function| _fbq function| cnxtag object| cnxDataLayer object| DYWork function| $dy object| DYCS string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| gaplugins object| gaGlobal object| gaData object| Optanon object| OneTrust boolean| otLastAcceptAllValue function| ___rmuid object| ___RMCMPW object| AF_cleanupMethods object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| DataLayerHelper object| AF_SDK object| _scPxHelper object| og object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions boolean| OG_OFFERS_TEST_MODE_ENABLE object| OG object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_1___uid_numhnacfzmymuvpacsidplhppphjzs function| onYouTubeIframeAPIReady function| setImmediate function| clearImmediate function| Swiper object| CS_CONF object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| UXAnalytics object| paypalDDL string| PaypalOffersObject function| ppq object| tagConfig object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| __post_robot_10_0_44__ object| PAYPAL object| Hero object| cti110221

72 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
www.elfcosmetics.com/ Name: _pxhd
Value: x0IUnV-muWaa/oHyNLihhfPkmxtUwU0J5W/CkkWY4RsJaFr63oS7jik-evXofKcw6wkPPZQlXUeAG1PEAEMPiw==:NOSGEorY416N4tYpaD1smQx-YB3podlwCx4YTS9znwIcc6xGQpvy92K7PI7oqkSB39hbQ/Og6Lh5Y3U8I/qyoqGY/Le-qLwKYU8ozs2eTSg=
.elfcosmetics.com/ Name: pxcts
Value: 9a390ee9-411c-11ee-b521-4a6168644b66
.elfcosmetics.com/ Name: _pxvid
Value: 97231729-411c-11ee-ab31-5e6f08bac307
www.elfcosmetics.com/ Name: initAuthComplete
Value: true
.elfcosmetics.com/ Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: %7B%22g%22%3A%221a6a9aae-3c11-5c0d-8f39-d152687b89b6%22%2C%22e%22%3A1692731961075%2C%22c%22%3A1692730161075%2C%22l%22%3A1692730161075%7D
.elfcosmetics.com/ Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: %7B%22g%22%3A%22f87ad43e-df32-809e-ecd1-7197ff82d598%22%2C%22c%22%3A1692730161076%2C%22l%22%3A1692730161076%7D
.elfcosmetics.com/ Name: _px3
Value: 76933b3bac609707c3ad2800f30c53ebab8320d1600d7487b97278c3d4831023:ph2QW/qtqg3XFAzyr6QFb3Bw6sjaICusJY9nMlbSP9EPjxsCanTJALqm1t89D5tR+GYftMe1yBCVbkf47cvzfA==:1000:Z5zW8UgRz+8U21yONdk0LpVXs4ikQPaGnIXZCXEwzdnaaodX3WdYnLPTnDn5D6C8GyT9fOzRJvSkA8VV7WzCKNRY+s8Vn+1hkDtlx+U0QHGjkYG4Ey8ZeHXD8uUXpk41fxHc3oxLolPAF78M4ScxXTPa5BGvCIMKyHl8FiJC8IcEJqDlHupbbdxympxz/VO2hE6F0TPdHz3R/OMwSXW70A==
.elfcosmetics.com/ Name: _dyjsession
Value: qmvnocxhcuygbp9adxa5rbhbvflotswj
.elfcosmetics.com/ Name: dy_fs_page
Value: www.elfcosmetics.com%2Fen_sa%2Fskin-care%3Felf_source%3Dhp%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4
.elfcosmetics.com/ Name: _dy_csc_ses
Value: qmvnocxhcuygbp9adxa5rbhbvflotswj
.elfcosmetics.com/ Name: _dy_c_exps
Value:
.elfcosmetics.com/ Name: _dy_soct
Value: 647796.1248068.1692730162.qmvnocxhcuygbp9adxa5rbhbvflotswj*805201.1530825.1692730162*388568.656354.1692730162
.dynamicyield.com/ Name: DYID
Value: -3346174285220347086
.elfcosmetics.com/ Name: _gcl_au
Value: 1.1.69042085.1692730163
www.elfcosmetics.com/ Name: FPC
Value: 28e41719-94f1-40cf-88a6-0fbcc13f6845
.elfcosmetics.com/ Name: _dycnst
Value: dg
.elfcosmetics.com/ Name: _dyid
Value: -3346174285220347086
.elfcosmetics.com/ Name: _dyfs
Value: 1692730162819
.elfcosmetics.com/ Name: _dycst
Value: dk.w.c.ws.
.elfcosmetics.com/ Name: _dy_geo
Value: DE.EU.DE_.DE__
.elfcosmetics.com/ Name: _dy_df_geo
Value: Germany..
.elfcosmetics.com/ Name: _dy_toffset
Value: 0
.elfcosmetics.com/ Name: _gid
Value: GA1.2.2105489768.1692730163
.elfcosmetics.com/ Name: _gat_UA-432816-1
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2ImKFBqpT!@wnf-Te9(>wL5L!!'MV$fB?m
.adnxs.com/ Name: uuid2
Value: 3301620918213502746
.elfcosmetics.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Aug+22+2023+20%3A49%3A23+GMT%2B0200+(Central+European+Summer+Time)&version=202306.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2Fen_SA%2Fskin-care%3Felf_source%3DHP%26elf_medium%3Dcarousel%26elf_campaign%3Dquicklink4&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
.doubleclick.net/ Name: IDE
Value: AHWqTUnuHolgppkjfr12e12oWhuv53aRDVtmv9IOzawgVH0HuDmcvJuNLeBMCuI292U
www.elfcosmetics.com/ Name: dwsid
Value: kOiIorsceS66uVy0mmIlX-1aNMMGvW2uLr15_oLv0GcGQzwBOMVAcb3_hVqr3Bv3lEzakukw_Ja2BqJ0ib838A==
www.elfcosmetics.com/ Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92
Value: abwrtFmbI0kHkRmrsYmqYYl0dJ
www.elfcosmetics.com/ Name: __cq_dnt
Value: 1
www.elfcosmetics.com/ Name: dw_dnt
Value: 1
.undertone.com/ Name: UTID
Value: 7ac064b40e6d4529afa1278c3d4528cc
.undertone.com/ Name: UTID_ENC
Value: 79m9xbvna7z9kgt3q7c99mswc
.elfcosmetics.com/ Name: rmStore
Value: dmid:9097
.elfcosmetics.com/ Name: _rdt_uuid
Value: 1692730164612.5bddaed8-0548-4088-b6c7-d08d65a43312
.elfcosmetics.com/ Name: _scid
Value: 88f188c9-ce4e-469d-9fa0-acde46a4879c
.elfcosmetics.com/ Name: _scid_r
Value: 88f188c9-ce4e-469d-9fa0-acde46a4879c
.tiktok.com/ Name: _ttp
Value: 2ULsOkn9j8e6WmoS157ASiRxMcs
.elfcosmetics.com/ Name: _ga
Value: GA1.1.853737597.1692730163
.elfcosmetics.com/ Name: _ga_ZLYXLXNDL8
Value: GS1.1.1692730164.1.0.1692730164.60.0.0
.elfcosmetics.com/ Name: _cs_c
Value: 0
.elfcosmetics.com/ Name: _cs_id
Value: e637a2e2-9339-ad9d-a34f-72d24b092d65.1692730165.1.1692730165.1692730165.1558384338.1726894165053
.elfcosmetics.com/ Name: _pin_unauth
Value: dWlkPVlUTXpOamRtTWpFdFlUQmhaQzAwTVdaaExUaGtabUl0TnpOallUUmhZalUyTm1NeA
.elfcosmetics.com/ Name: hero-session-efcf9631-4c6b-4874-9f76-51f71464249a
Value: author=client&expires=1724266165108&visitor=2b8df9ea-d89e-444d-b4d8-3aeaa6bb6a8a
.elfcosmetics.com/ Name: _fbp
Value: fb.1.1692730165124.2019864754
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZhZjUxMVNlMzN3TlhQc0NRT3BTWURvMmMwalJVQks1QWRJb2dFbzd3MW10am5GRkw2SGF1WmhMYi9vVEpKaGZlTG5NOG1rT0duajJFbDJsQm91THNrTkZoamRiVkxvWWNReFJqc2QvTVlKST0mblBMWTFWTndqUE1FcGVCZENFeSt2Q0FUc1ZzPQ=="
.linksynergy.com/ Name: rmuid
Value: 5d74a8e7-d140-40c7-9ac1-3430e7da1b68
.elfcosmetics.com/ Name: _tt_enable_cookie
Value: 1
.elfcosmetics.com/ Name: _ttp
Value: hSPhAJN_go9pWlyljaFm_qnPVdo
.paypal.com/ Name: ts_c
Value: vr%3D1e94882b18a0a5714ce5b06cfe9891db%26vt%3D1e94882b18a0a5714ce5b06cfe9891da
www.elfcosmetics.com/ Name: esw.currency
Value: SAR
www.elfcosmetics.com/ Name: sid
Value: UzhRbAXMdoR1puLHwwVCci6K7Q24bWIE4aI
www.elfcosmetics.com/ Name: _dyid_server
Value: -3346174285220347086
www.elfcosmetics.com/ Name: esw.InternationalUser
Value: true
www.elfcosmetics.com/ Name: esw.location
Value: SA
www.elfcosmetics.com/ Name: currentLocale
Value: en_SA
www.elfcosmetics.com/ Name: esw.sessionid
Value: abwrtFmbI0kHkRmrsYmqYYl0dJ
www.elfcosmetics.com/ Name: esw.LanguageIsoCode
Value: en_SA
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIOOWRcQzCFAxva6L6IEqMapIriw57UCYakda7egYWyzfDdPgDKtOWUDIAAAA=
.elfcosmetics.com/ Name: _cs_s
Value: 1.5.0.1692731965943
www.elfcosmetics.com/ Name: hero-user-id
Value: null
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: cookie_prefs
Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY5MjczMDE2NjgzOSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: targetingnodeweb
www.paypal.com/ Name: nsid
Value: s%3AIcaDJrnNbSgQQhP-TcoRRJi76iLz0XpG.i4qefRoSgRj2jav2%2BJJ9%2BpNM7H1RlFFYthWBiiL%2BUp0
.paypal.com/ Name: l7_az
Value: dcg13.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1787424566%26vteXpYrS%3D1692731966%26vr%3D1e94882b18a0a5714ce5b06cfe9891db%26vt%3D1e94882b18a0a5714ce5b06cfe9891da%26vtyp%3D
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null

4 Console Messages

Source Level URL
Text
network error URL: https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/OtAutoBlock.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=28e41719-94f1-40cf-88a6-0fbcc13f6845&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&gtmcb=632931498
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://cdn.usehero.com/plugin.5.45.0.js
Message:
<link rel=preload> has an invalid `href` value
network error URL: https://idsync.rlcdn.com/458359.gif?partner_uid=5d74a8e7-d140-40c7-9ac1-3430e7da1b68
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
ads.undertone.com
adservice.google.com
alb.reddit.com
analytics.tiktok.com
api.ipify.org
api.usehero.com
async-px.dynamicyield.com
c.contentsquare.net
cdn-fsly.yottaa.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
cdn.usehero.com
cdnjs.cloudflare.com
collector-pxxt4gy2ig.px-cloud.net
connect.facebook.net
ct.pinterest.com
evt.undertone.com
external-api.jebbit.com
geolocation.onetrust.com
googleads.g.doubleclick.net
idsync.rlcdn.com
insight.adsrvr.org
js.cnnx.link
js.jebbit.com
pixel.pointmediatracker.com
qoe-1.yottaa.net
region1.analytics.google.com
s.pinimg.com
sc-static.net
sdk.iad-05.braze.com
secure.adnxs.com
st.dynamicyield.com
static.ordergroove.com
stats.g.doubleclick.net
t.contentsquare.net
t.paypal.com
tag.rmp.rakuten.com
tr.snapchat.com
upload.usehero.com
ut.rd.linksynergy.com
websdk.appsflyer.com
www.elfcosmetics.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
www.redditstatic.com
pixel.pointmediatracker.com
www.paypal.com
104.86.37.229
140.174.14.146
142.250.181.230
142.250.186.66
143.204.231.119
151.101.1.21
151.101.1.35
151.101.128.84
151.101.129.140
151.101.130.133
151.101.2.133
165.254.56.76
165.254.56.77
18.66.112.128
18.66.97.105
18.66.97.47
184.86.103.207
192.229.221.25
2001:4860:4802:34::36
2600:9000:218e:7800:a:7914:b00:93a1
2600:9000:2250:9200:15:ad21:c740:93a1
2600:9000:2251:e600:a:b89d:a6c0:93a1
2600:9000:236e:1000:13:d6f4:3240:93a1
2600:9000:25e9:be00:11:85b0:d600:93a1
2606:4700:4400::ac40:9b77
2606:4700::6811:190e
2606:4700::6812:bbda
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:827::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9b
2a02:26f0:480:f::213:7ed3
2a02:26f0:7100::5f64:87e9
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::396
2a04:4e42:8e::84
3.127.128.19
3.162.38.245
34.102.147.248
34.98.67.3
35.190.10.96
35.190.43.134
35.244.174.68
35.71.131.137
37.252.171.52
52.48.254.249
52.49.98.241
64.185.227.156
99.86.91.117
058d4d2cb31b98a5c98c0fcb31b0aad78fdafd1834a3820c3da114c1583ace4d
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0845565f82ccec60254a6467286855b9ad9c58f9b75a1833b4f546c1533edfc0
08d40bf2e4eed273d931293e52124d963a4c4ac3dd53228837cbb1de831251ad
10531efadb4c870ec34a00062fd09b846a351ea6562e59e6e1c3f30bb9ba493a
11bda28dd29d065faff41cdb718b856ca5e49f3022115bff4788b0542ba9d3c1
167f7c6f6a607d3217f563164479b0d84b3a4b52a71102817a6bb262d3b2f1dc
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
1aa00cb6c11b0869393daefa90700e47d7e08001d1972a42e85b6dc78c64d835
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cd96023d11a8e1dbe53a7acd11ae987cd7a0d7769f5b00d6ff136594d55802b
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b
2e6fdfe0de25d903ebf13597e3ac3615fb3c50df486cdf1da967650fcabae659
305fe9a5f5590087ad5d80aa44c7a7f1416966806e955ce7a42ab086ec14e38c
368d1247b042a15e27862a717fe5f4d8c199d0d691c68cb0027222b10ee5e688
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39b407ba527842ba6587698367b62e9c4770a0f1fb906c220879568cce0b1063
3a2b3b5ecaa7d5c67e5e28f9712ebcf28a592c7191e24bcde25cc5bb374cbf7b
3bbc34fd4b5e29e169a81d802b2b080fe215da0c0cbd433b059ef794696023a8
3e3906cc63014bcd669daac008ea375e04f9e76b24c66a915b5a576a115a058a
40cd2bbe2be54a37219890f439f5373722288c09b5c1b523522d31479d0d80de
45a53939b0fa7df06e02e10297440c1001e71bd0b645a645bb03b414819cb0ea
45c5d7720e485bf4a3fd489f4b4d325c053e9edbe6c3672334a80e6ad607e8bb
4747ef4fa0343c6ef21607af0b75346e5f1d8898239068dd254c02ce4ec3ea29
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d37fd4fa6c0db58ee58d1fa67d0e2402883274b42938e745a799756a5cf3b53
4f0f4e76fe2d0b54ca506288a097fb74ba17de519f6de75e7dd217bf4b14960b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
55f921aa72024c76fc8efa00451922256fbd9ef299b8a5656df938afcaccc7c7
5abb82b288064f89dd1e5bc3dbaefead51285022422e38871364a54699aaa8ec
5ccf4991f47947a07e1b9bd330e12b2f257b32cc305067e39c1b7cafba03eaa3
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60be311ffc1cd99e198e9cf6207157ac446b34328dc89788d440d85f45639359
6176226adea9b2eac7ab614fd839968dd92f02f47b01aa90757c9156e50955c6
64fb011f8aa4f1a4470c3093845f0c2047a21504f823e2ec6f6684d87b81f0f8
65b729622512d3c24c30cbd1a03cab9997e925a28eae9a1b8303401e5bd4fcc0
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6bb10141d1d1b986a2463fc9ce0e867279b50c73d67c5cea8e5e7699672d81b7
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f0c358d27c999e8e496a45ddb195f408565fc8fda4b5810ead872b80abdc76e
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
714e9295c4675a14aebbe665dccfabdb86f58cfb209046b280a88805201b557d
730fa02412a70e357756fa7db61803300c32704283d4d93c42bb6c293ad19211
763caa36c114b79c082963b65272ea946d382e03c995a1cf4c1c036b0ea2ff62
774750eac984a3f73fcf8aef4926b4ed999600b51caf9b635cf6d5617e4cae90
7d0e06cbfcfdbeff57e2956000b1b5c0cc64f2c24693c54a23fdd1ffb73f852b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8424d941f1f71685751ea188c34f931cdb18fed188c0213c1d2b8a96832e9efc
84a997d5c14b6f085d2dfbf74a012f911aca8cde52abcdd825fc986aaeb90ed1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86c856150dbdcd5559813728c4afaf956c51fe5473cd9e7a3417010380840fd7
86f932c293436b83becf7ab7659477bb7c690cb56088f6518257abe38877fb8f
87c4202cfb748228eab37640e03ad9d0b55a15dd4a8e81e1956cad5f6413ec07
8946bf63fa81c26b5a509eb6569c3d901a7909a6762be2c040492c1225e378bc
8af8782095e113010e6d0487cc2dcdaf8b979e70aeb627263d27e532b1b76636
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90a7400d5664efef7aa064f265a8c83347a2153ce9c82f246afc27fb31af3aae
980e27ca7132df6ac9563888075be9c06f47dbf5ec357f878ea913b56723011a
98f96e82fb53c90e48b9de0ceffff52448e92a80a81cab254c3282167c3da3e3
9b61d44e208c5341f1fd1a0da8a4cc9382c589c21487059d4a5daf25aa5cfcca
9c15df455457fba78483c83a934c9fbc2d570ec28663d6ecf7cd8132fec9ee4e
9d566b192360997a512a9281ee01a72109779a20c0d85dfa43d8a860034988a9
a115f42b4e58698d80198657c99d63c4030c2e5338d462ea886af0700e654d52
a33177a1b1a44698bc85bc710dfd4a6aba8bbe329db64dbb0622c894a1c05cbd
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a4cd8f8518e289cf7e6c3d6af52723fa39f213acd028979a935292bc3be43c2a
a4f067026563de4a6ce70ffc8b5b40fa8a8ff0afe9b3184b14f91035acdbb162
a809a1bbc7930fd08bb2bec3444442b2b2b90b2e9667626258c94ae674d1e362
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b55f781a91080be3aedaf883d0fa79ea703f14c5e1188bddccbb7902ae2d6793
b6c31aab66c7d12f65fb2d3d9feb66b5eaa697471a6259c19f65d55337eee0d5
b79d4bee7ea24c188a51ae11265558a5fc8217e5f531dc9515264758f7ef082b
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c2a6b6a5be44a9c52dc3a0cf654c00ba9731aa036206e83b0d3f2a860f497c93
c4cd437859d8ca99a60f3eb08ac89accbe8cd91d5d5f3293d9c8492205c919c7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb4b49bd17861fe0edfe6316279e470b58f67267e32ffcea30fcee3bc80ae6e8
d045ab0a39895392a25e52ccef01397989534a60195d6b9ae227624f600884f9
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d2ea4cb6777e4745ae601a09aabe6e5e2490a086a99f90c931fa3d70dc4443e7
d30617b516a30062ca314c2c5f7fe5b9b37b6cc76b1a965b5199862197301608
d385a7d1e3abd69b6dd4e5078de04295e3d3153efd11cfaccdb1d938e12547b3
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d63ed6c31d8bc874f7ee23f476c085adfbc29557cab22a7907a9d76089537465
d845fb59750926ccc34a70811d22248a38218c12ae176af2a71e918740243c45
d926e018863e43cd56e25f02611fcef354b04787b3b3d4f932ff0d843c7e356c
db925c18e65ac76d3e7bf91e972b553d7b49871eaf825b7a02107afd19f1ccb1
dcdd0f3fb9932e3c1dbcf1220b55de20bb2c4b3efcb634ffa7946c3b7024db7a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
df0985bc2d3c2c0c3d7f3e111c2ed93721c451fe411ff41bfd5779da00b8db15
dfe3336c47d7719ee457546aafc04eb7650b20339b80df5d45828707c4e03da2
e21a2bce4b0e839158374a6ddecd369ae86338bb90f19652fa0c60814833d09a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42616aa33a129decb42a827fe0799bc6cdf466152775e54537a85dd3107aca6
e5e3349bfcd6a733ddb88abfe5deceec5fe31d74089b4bd0d9f840f31dfb812b
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
eebd913d0c940be62e69720864ce2231bfb381f9a41454024a909e68dc698a81
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02f9df966fe2a6a945a46705c56eb14ee6db660daadd8c3050e9a517c2fd8af
f262c387278e4f08b062f0432881eb5eb54049cefdc7331bb69ef7dd3964fdfe
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f85a62c8b4929c623c498c1ef9c629dabc80a531c15d441b04ff11633bcb0d8f
fa03c7b2297dcde6853c9227c6ef11030525b3b04896922d3e17840a8d18ba6c
fd48a88ce5fbe99c8bfd145666d73c97bccb433812d328232a99ec867e33012d
feaed7d61395f2ed0c2a6e3db3747fa5c0a97143003efeb38032ac87440a71cf
ff6b9bcb74c91a5bc3e65d864afbb35e9dfbc5d73559a7e4570177055153a189