urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmetics.com Open in urlscan Pro
204.2.133.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go.elfcosmetics.com/
Effective URL: https://www.elfcosmetics.com/
Submission: On November 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 61 IPs in 5 countries across 44 domains to perform 245 HTTP transactions. The main IP is 204.2.133.97, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 79513.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 11th 2024. Valid for: a year.
This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.211.184.98 14618 (AMAZON-AES)
1 36 204.2.133.97 393259 (YOTTAA-AS-1)
4 151.101.66.133 54113 (FASTLY)
4 172.64.145.183 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
8 2606:4700:440... 13335 (CLOUDFLAR...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:275... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 104.26.13.205 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
8 104.18.38.107 13335 (CLOUDFLAR...)
14 172.64.155.35 13335 (CLOUDFLAR...)
2 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 172.217.16.196 15169 (GOOGLE)
3 2600:9000:264... 16509 (AMAZON-02)
13 13.35.58.129 16509 (AMAZON-02)
1 2 37.252.171.21 29990 (ASN-APPNEX)
1 3.33.220.150 16509 (AMAZON-02)
1 99.83.184.193 16509 (AMAZON-02)
1 104.18.11.236 13335 (CLOUDFLAR...)
1 34.102.147.248 396982 (GOOGLE-CL...)
4 151.101.1.21 54113 (FASTLY)
1 104.96.154.123 16625 (AKAMAI-AS)
1 18.245.60.28 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 142.250.184.200 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 157.240.253.1 32934 (FACEBOOK)
2 2a04:4e42::396 54113 (FASTLY)
3 2620:1ec:33:3... 8075 (MICROSOFT...)
2 151.101.65.44 54113 (FASTLY)
4 34.49.124.132 396982 (GOOGLE-CL...)
16 2.21.20.2 20940 (AKAMAI-ASN1)
2 2600:9000:206... 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
1 34.120.253.250 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 192.229.221.25 15133 (EDGECAST)
4 8 216.58.206.34 15169 (GOOGLE)
1 151.101.1.140 54113 (FASTLY)
1 151.101.129.140 54113 (FASTLY)
1 151.101.1.44 54113 (FASTLY)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 142.250.185.99 15169 (GOOGLE)
1 35.158.29.246 16509 (AMAZON-02)
6 2.16.96.190 16625 (AKAMAI-AS)
2 104.18.8.17 13335 (CLOUDFLAR...)
1 34.98.67.3 396982 (GOOGLE-CL...)
1 2600:9000:21f... 16509 (AMAZON-02)
7 34.98.72.95 396982 (GOOGLE-CL...)
5 104.18.9.17 13335 (CLOUDFLAR...)
6 141.226.228.48 200478 (TABOOLA-AS)
1 35.244.174.68 15169 (GOOGLE)
2 18.66.122.117 16509 (AMAZON-02)
13 91.235.133.113 30286 (THM)
1 91.235.132.130 30286 (THM)
1 2620:f3:0:14:... 30286 (THM)
1 91.235.134.131 30286 (THM)
1 34.111.8.32 396982 (GOOGLE-CL...)
245 61
1    3.211.184.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-184-98.compute-1.amazonaws.com
go.elfcosmetics.com
36    204.2.133.97 (United States)

ASN393259 (YOTTAA-AS-1, US)
www.elfcosmetics.com
4    151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn-fsly.yottaa.net
4    172.64.145.183 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
elfcosmetics.a.bigcontent.io
2    2606:4700:4400::ac40:9994 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.c1.amplience.net
8    2606:4700:4400::6812:20dd (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.media.amplience.net
12    2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2600:9000:275d:5000:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.dynamicyield.com
4    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
2    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
8    104.18.38.107 (None, )

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
14    172.64.155.35 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.media.amplience.net
2    2600:9000:2250:8c00:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
st.dynamicyield.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
4    172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net
www.google.com
3    2600:9000:2644:8600:1c:df99:ffc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rcom.dynamicyield.com
13    13.35.58.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-129.fra60.r.cloudfront.net
async-px.dynamicyield.com
2    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
1    99.83.184.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0540a066b92ce4ca.awsglobalaccelerator.com
qoe-1.yottaa.net
1    104.18.11.236 (None, )

ASN13335 (CLOUDFLARENET, US)
edge.curalate.com
1    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
tag.rmp.rakuten.com
4    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    104.96.154.123 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-154-123.deploy.static.akamaitechnologies.com
static.ordergroove.com
1    18.245.60.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-28.fra60.r.cloudfront.net
websdk.appsflyer.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
2    2a02:26f0:3500:89b::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
2    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    2620:1ec:33:3::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
4    34.49.124.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.124.49.34.bc.googleusercontent.com
sgtm.elfcosmetics.com
16    2.21.20.2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-2.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2600:9000:206f:b600:a:7914:b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.jebbit.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.wknd.ai
2    2606:4700::6812:911 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn8.eu.inside.chat
5    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypal.com
t.paypal.com
www.paypalobjects.com
8    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
ade.googlesyndication.com
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.gstatic.com
1    35.158.29.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-29-246.eu-central-1.compute.amazonaws.com
external-api.jebbit.com
6    2.16.96.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-96-190.deploy.static.akamaitechnologies.com
ct.pinterest.com
2    104.18.8.17 (None, )

ASN13335 (CLOUDFLARENET, US)
www8.eu.inside.chat
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
ut.rd.linksynergy.com
1    2600:9000:21f3:200:11:85b0:d600:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.cnnx.link
7    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
5    104.18.9.17 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn8.eu.inside.chat
www8.eu.inside.chat
6    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    18.66.122.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-117.fra60.r.cloudfront.net
cdn-scripts.signifyd.com
13    91.235.133.113 (United States)

ASN30286 (THM, US)
imgs.signifyd.com
1    91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net
h.online-metrix.net
1    2620:f3:0:14:b401:8ee8:4321:ad82 (United States)

ASN30286 (THM, US)
h64.online-metrix.net
1    91.235.134.131 (United States)

ASN30286 (THM, US)
w2txo5aab7tohhxw5cemv34epf5zx23e6ieyqzjme6ab51a8800592bcam1.e.aa.online-metrix.net
1    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
events.bouncex.net
Apex Domain
Subdomains		 Transfer
41 elfcosmetics.com
go.elfcosmetics.com
www.elfcosmetics.com — Cisco Umbrella Rank: 79513
sgtm.elfcosmetics.com — Cisco Umbrella Rank: 154857
613 KB
24 amplience.net
cdn.c1.amplience.net — Cisco Umbrella Rank: 27546
cdn.media.amplience.net — Cisco Umbrella Rank: 13697
857 KB
21 dynamicyield.com
cdn.dynamicyield.com — Cisco Umbrella Rank: 9046
st.dynamicyield.com — Cisco Umbrella Rank: 8579
rcom.dynamicyield.com — Cisco Umbrella Rank: 9006
async-px.dynamicyield.com — Cisco Umbrella Rank: 9020
277 KB
16 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 817
243 KB
15 signifyd.com
cdn-scripts.signifyd.com — Cisco Umbrella Rank: 9018
imgs.signifyd.com — Cisco Umbrella Rank: 7626
77 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 326
288 KB
9 inside.chat
cdn8.eu.inside.chat — Cisco Umbrella Rank: 137286
www8.eu.inside.chat — Cisco Umbrella Rank: 334235
176 KB
9 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 862
psb.taboola.com — Cisco Umbrella Rank: 5951
trc.taboola.com — Cisco Umbrella Rank: 686
trc-events.taboola.com — Cisco Umbrella Rank: 2720
28 KB
8 googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 365
1 KB
8 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 2490
2 KB
7 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 2308
172 KB
7 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3226
t.paypal.com — Cisco Umbrella Rank: 3852
127 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
628 KB
6 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 930
5 KB
5 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 34630 Failed
qoe-1.yottaa.net — Cisco Umbrella Rank: 11803
1 MB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
991 B
4 bigcontent.io
elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 139897
10 KB
3 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 3168
h64.online-metrix.net — Cisco Umbrella Rank: 2424
w2txo5aab7tohhxw5cemv34epf5zx23e6ieyqzjme6ab51a8800592bcam1.e.aa.online-metrix.net
837 B
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
3 jebbit.com
js.jebbit.com — Cisco Umbrella Rank: 41381
external-api.jebbit.com — Cisco Umbrella Rank: 38201
61 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
15 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2817
16 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 1994
alb.reddit.com — Cisco Umbrella Rank: 1330
761 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1063
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
76 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 982
25 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
12 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 479
2 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222
8 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2041
500 B
1 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2192
330 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 462
98 B
1 cnnx.link
js.cnnx.link — Cisco Umbrella Rank: 10534
1 KB
1 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 9877
405 B
1 gstatic.com
www.gstatic.com
217 KB
1 wknd.ai
tag.wknd.ai — Cisco Umbrella Rank: 3529
6 KB
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 5850
15 KB
1 ordergroove.com
static.ordergroove.com — Cisco Umbrella Rank: 32550
52 KB
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 8659
15 KB
1 curalate.com
edge.curalate.com — Cisco Umbrella Rank: 10427
20 KB
1 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 945
149 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 498
304 B
0 pointmediatracker.com Failed
pixel.pointmediatracker.com Failed
245 44
Domain Requested by
36 www.elfcosmetics.com 1 redirects cdn-fsly.yottaa.net
22 cdn.media.amplience.net www.elfcosmetics.com
16 analytics.tiktok.com www.elfcosmetics.com
analytics.tiktok.com
13 imgs.signifyd.com www.elfcosmetics.com
imgs.signifyd.com
13 async-px.dynamicyield.com cdn.dynamicyield.com
12 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
www.elfcosmetics.com
8 ade.googlesyndication.com 4 redirects
8 sdk.iad-05.braze.com cdn-fsly.yottaa.net
7 assets.bounceexchange.com www.elfcosmetics.com
7 www.googletagmanager.com www.elfcosmetics.com
www.googletagmanager.com
6 trc-events.taboola.com cdn.taboola.com
6 ct.pinterest.com s.pinimg.com
www.elfcosmetics.com
5 cdn8.eu.inside.chat www.elfcosmetics.com
5 www.paypal.com www.elfcosmetics.com
www.paypal.com
4 www8.eu.inside.chat cdn8.eu.inside.chat
4 sgtm.elfcosmetics.com www.googletagmanager.com
4 www.google.com www.googletagmanager.com
www.elfcosmetics.com
cdn-fsly.yottaa.net
www.gstatic.com
4 elfcosmetics.a.bigcontent.io www.elfcosmetics.com
4 cdn-fsly.yottaa.net www.elfcosmetics.com
3 region1.google-analytics.com www.googletagmanager.com
3 bat.bing.com www.elfcosmetics.com
3 rcom.dynamicyield.com cdn.dynamicyield.com
3 cdn.dynamicyield.com www.elfcosmetics.com
2 cdn-scripts.signifyd.com www.elfcosmetics.com
2 www.paypalobjects.com www.elfcosmetics.com
2 www.facebook.com
2 t.paypal.com
2 js.jebbit.com www.elfcosmetics.com
2 www.redditstatic.com www.elfcosmetics.com
www.redditstatic.com
2 connect.facebook.net www.elfcosmetics.com
2 s.pinimg.com www.elfcosmetics.com
2 www.youtube.com www.elfcosmetics.com
2 secure.adnxs.com 1 redirects
2 st.dynamicyield.com www.elfcosmetics.com
cdn.dynamicyield.com
2 use.fontawesome.com www.elfcosmetics.com
use.fontawesome.com
2 api.ipify.org cdn-fsly.yottaa.net
2 cdn.c1.amplience.net www.elfcosmetics.com
1 events.bouncex.net
1 w2txo5aab7tohhxw5cemv34epf5zx23e6ieyqzjme6ab51a8800592bcam1.e.aa.online-metrix.net
1 h64.online-metrix.net imgs.signifyd.com
1 h.online-metrix.net imgs.signifyd.com
1 idsync.rlcdn.com
1 js.cnnx.link www.elfcosmetics.com
1 ut.rd.linksynergy.com www.elfcosmetics.com
1 external-api.jebbit.com js.jebbit.com
1 www.gstatic.com www.elfcosmetics.com
1 trc.taboola.com www.elfcosmetics.com
1 psb.taboola.com cdn.taboola.com
1 alb.reddit.com
1 pixel-config.reddit.com www.redditstatic.com
1 tag.wknd.ai www.elfcosmetics.com
1 cdn.taboola.com www.elfcosmetics.com
1 websdk.appsflyer.com www.elfcosmetics.com
1 static.ordergroove.com www.elfcosmetics.com
1 tag.rmp.rakuten.com www.elfcosmetics.com
1 edge.curalate.com www.elfcosmetics.com
1 qoe-1.yottaa.net www.elfcosmetics.com
1 insight.adsrvr.org
1 geolocation.onetrust.com cdn.cookielaw.org
1 go.elfcosmetics.com 1 redirects
0 pixel.pointmediatracker.com Failed
245 61
Subject Issuer Validity Valid
*.elfcosmetics.com
Sectigo RSA Domain Validation Secure Server CA		 2024-10-11 -
2025-11-11		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2024-09-05 -
2025-10-07		 a year crt.sh
*.bigcontent.io
GeoTrust TLS RSA CA G1		 2024-04-02 -
2025-05-03		 a year crt.sh
c1.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-15 -
2025-10-23		 a year crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-05 -
2025-08-14		 a year crt.sh
cookielaw.org
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M03		 2024-08-18 -
2025-09-16		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
ipify.org
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
use.fontawesome.com
WE1		 2024-11-07 -
2025-02-06		 3 months crt.sh
sdk.iad-05.braze.com
WE1		 2024-10-13 -
2025-01-11		 3 months crt.sh
geolocation.onetrust.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
edge.curalate.com
WE1		 2024-09-22 -
2024-12-21		 3 months crt.sh
tag.rmp.rakuten.com
WR3		 2024-09-26 -
2024-12-25		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
*.ordergroove.com
Go Daddy Secure Certificate Authority - G2		 2024-08-09 -
2025-08-20		 a year crt.sh
*.appsflyer.com
Amazon RSA 2048 M03		 2024-02-04 -
2025-03-03		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-02 -
2025-08-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-20 -
2024-11-18		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
sgtm.elfcosmetics.com
WR3		 2024-11-05 -
2025-02-03		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.jebbit.com
Amazon RSA 2048 M02		 2024-04-23 -
2025-05-21		 a year crt.sh
tag.wknd.ai
R11		 2024-09-15 -
2024-12-14		 3 months crt.sh
eu.inside.chat
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA		 2024-01-23 -
2025-01-22		 a year crt.sh
js.cnnx.link
Amazon RSA 2048 M02		 2024-06-09 -
2025-07-08		 a year crt.sh
assets.bounceexchange.com
WR3		 2024-11-10 -
2025-02-08		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
cdn-scripts.signifyd.com
Amazon RSA 2048 M02		 2024-06-02 -
2025-06-30		 a year crt.sh
imgs.signifyd.com
Go Daddy Secure Certificate Authority - G2		 2023-10-20 -
2024-11-20		 a year crt.sh
online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2024-09-19 -
2025-10-20		 a year crt.sh
*.aa.online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2024-09-19 -
2025-10-20		 a year crt.sh
*.wunderkind.co
R10		 2024-10-01 -
2024-12-30		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://www.elfcosmetics.com/
Frame ID: BCCF7F9EB2DE556F7FAEC9CC73D9F0BD
Requests: 220 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.elfcosmetics.com
Frame ID: 52ED71196D3FA843B8A7F45596758D2A
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.12&integrationType=SDK
Frame ID: 6ADA34C455FC26F6CB496166CD69DB8B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcA2G4UAAAAAK-fHuRDYBsNQoJlqlDqQvrjGwQu&co=aHR0cHM6Ly93d3cuZWxmY29zbWV0aWNzLmNvbTo0NDM.&hl=de&type=image&v=-ZG7BC9TxCVEbzIO2m429usb&theme=light&size=invisible&badge=bottomright&cb=cwpy6xp6ci4f
Frame ID: 14C342F8B218C3D7F0A99AD1CD48AC0C
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: B306544F7F5AFEFD6D7697D67072E09D
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 18A7C903E9AF68D69D5A0C19CE29DB8A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcA2G4UAAAAAK-fHuRDYBsNQoJlqlDqQvrjGwQu
Frame ID: 4ADBD5B44F62EEE27914F78322BD58C9
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Frame ID: BB04BE409B468F3CA7FADF1AAEFA88B8
Requests: 12 HTTP requests in this frame

Frame: https://imgs.signifyd.com/gYzBwqDZyPNsawHl?e6ddec3d7ec7ba6d=qHpeW37ZDX0FsEzsdTU8WNQZnFulthcaLa6VG6bZ0eYg15sgcARvi1sPxZ6TqIf6SHcVuDt6pUdxMRb8z68fKKsLR81cj6wfjf53hxoQUbtheTNnRFd_BfG_zlwC90y2MsdTJWIzvK0WlWnMga5dJiagOvVuTdODB1K577xZdU5_AYgsGzMkyAabtP-u_x4MPD57plXSEhQ03hZdFHg
Frame ID: 13F011EC7CD219AC97DFFB2F384B9DAC
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/IRsX-vMQtxAXrV55?e9d0b3108f8585f5=P9-HodFT3WYudqxqc8Ikv8LNE8G9vKjrCLsdHfq8-Nf-F-Re7Gp4-QIhgq4SNW8vS75eJUDDrvD-M3VvW_6r-GytjP43mNOm-FBTLWkgDBT6RFV_YdhL6wTJ4SMXBjmGEpfLAws0jEpRD6rpuBWpK2OnN2xlVPalyAwY9iNMviq1Wm5tW-odTiKre56ep3Jgw7Nvl-3vBZ3N7gJ_4NoO
Frame ID: A06D6683E0017FECCD4B137F7D8B59AF
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/nCTRheUBYnTSddXG?76c8a7c590f187f7=1tpERduy42QPR3aP5eNUjXSkITGqvys7Cp5m6xjY5AbqUmH_JJ7lec9Wd1sGnVorsy-fJmQOzSqh5STvInE-uteZYrrYsKv-YHh-TjCNk-7iZs7miE7L4w0v8DWMrx7_FNBwm9K_F5KucxbqfNsqTGHTfZCm1LMPvktk3lrDUfXo1OVmz8BUDIjFRmYXtIL3W8-DYIvkcEm1GksrhoDh
Frame ID: 6BC9BA99E62AA9F6F2929553B638805B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

e.l.f. Cosmetics: Affordable Makeup & Skincare | Clean Beauty Products | e.l.f. Cosmetics

Page URL History Show full URLs

  1. https://go.elfcosmetics.com/ HTTP 301
    https://www.elfcosmetics.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /demandware\.static/
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

245
Requests

96 %
HTTPS

31 %
IPv6

44
Domains

61
Subdomains

61
IPs

5
Countries

5297 kB
Transfer

17707 kB
Size

56
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.elfcosmetics.com/ HTTP 301
    https://www.elfcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=n-qY7vg4ju0kIE85FGW4bNwN5LjgXQg-alTXL2Dcyw8 HTTP 303
  • https://www.elfcosmetics.com/callback?usid=224ce325-ccb7-42ab-b5d6-65129fdb1025&code=3mrSmrB8VWrNP0hD1pfZvAjDinIXxyINcsWw5YdhijQ
Request Chain 55
  • https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
Request Chain 107
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=7814833169379;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=undefined;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629~102017403;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLG684jG1IkDFWCxOgUdGSc3sw;type=retarget;cat=globa0;ord=7814833169379;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=undefined;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629~102017403;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com
Request Chain 108
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=2041919204011;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CP6JxojG1IkDFblZCAQd5lUvgw;type=elf8j0;cat=glo_flap;ord=2041919204011;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com
Request Chain 169
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=5644486140594;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CN33_YjG1IkDFd-vOgUdtmoFTw;type=elf8j0;cat=glo_flhp;ord=5644486140594;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com
Request Chain 178
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=8378667825873;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=COnrk4nG1IkDFZGsOgUdfmIleA;type=conte0;cat=homep0;ord=8378667825873;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com

245 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.elfcosmetics.com/
Redirect Chain
  • https://go.elfcosmetics.com/
  • https://www.elfcosmetics.com/
1 MB
271 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
190c6575130c9f415bb48543b83643f1597a759614ee7b3b4b008e2bb2556da0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
274 274
alt-svc
h3=":443"; ma=86400
cache-control
public, must-revalidate, s-maxage=900
content-encoding
gzip
content-length
276233
content-type
text/html; charset=utf-8
date
Mon, 11 Nov 2024 15:01:41 GMT
etag
W/"115cc6-RuZ5Zluw6uitPankLNzWaABW7f8"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 0cb53c06b4d3d66446893feb6331dc78.cloudfront.net (CloudFront)
x-amz-apigw-id
BFkyYHp2CYcEHKA=
x-amz-cf-id
jilrkEzubv_ALwrFkIFSRDhff5lvrVYYcjYGw4f4UO8PXmYuR32mzQ==
x-amz-cf-pop
SFO53-P7
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
1137862
x-amzn-remapped-date
Mon, 11 Nov 2024 14:57:07 GMT
x-amzn-requestid
95074279-cc3a-49f9-ae90-3bd2de4d7cb9
x-amzn-trace-id
Root=1-67321b42-6c59d04e525d10eb2c2fb211;Parent=5e29043dc0417842;Sampled=0;Lineage=1:2b75b0e9:0
x-cache
Hit from cloudfront
x-yottaa-metrics
2521cc028591/[157,77,-] 25D1cc028561/[-,202.613]
x-yottaa-optimizations
ob/1000000100001000 si/25D1cc028561-1730834774-9715897029 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-os
200

Redirect headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Authorization, x-access-token, Accept, *
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Content-Length
112
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Nov 2024 15:01:41 GMT
Location
https://www.elfcosmetics.com
Server
nginx/1.27.2
Vary
Accept
X-Powered-By
Express
/
cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/ 		0
0
/
cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.elfcosmetics.com
Referer
https://www.elfcosmetics.com/

Response headers

x-amzn-remapped-content-length
1138008
content-encoding
gzip
x-amzn-remapped-connection
close
etag
W/"115d58-escGeVCpYXx8fku8ymiYKeSJRx4"
age
441
x-amzn-requestid
6ecc4697-b382-42a9-8302-a05fad49c927
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
ZCgljAGwRuFkzDX7K3_Qs7Z1eV-4WYmv3V1A9G9A6Ork7CuX4bRNug==
date
Mon, 11 Nov 2024 15:01:42 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-fra-etou8220054-FRA
x-cache-hits
1
x-yottaa-optimizations
ob/1000000100001000 si/2511cc028a76-1730386258-62796950 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
cache-control
public, must-revalidate, s-maxage=900
x-amz-apigw-id
BFkYaE9aCYcEGbA=
x-amzn-remapped-date
Mon, 11 Nov 2024 14:54:21 GMT
x-timer
S1731337302.482895,VS0,VE2
x-amzn-trace-id
Root=1-67321a9b-41d831f959d0faa05161d8d1;Parent=4c0dec588fd2281a;Sampled=0;Lineage=1:2b75b0e9:0
via
1.1 91d64e3146c8df0b14190aeddd0a2e66.cloudfront.net (CloudFront), 1.1 varnish
x-yottaa-metrics
2521cc028595/[214,127,-] 2511cc028a76/[-,259.040]
accept-ranges
bytes
access-control-allow-origin
*
content-length
276263
x-amz-cf-pop
SFO53-P7
server
CloudFront
/
cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/ 		0
0
/
cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/ 		0
0
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.elfcosmetics.com
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.elfcosmetics.com
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
Icon-BeautySquad-Logo-png
elfcosmetics.a.bigcontent.io/v1/static/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/Icon-BeautySquad-Logo-png?%24Desktop%24=&fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
359722b660d0b4a5afb34561728a3918b96bdccf3a3cddc4291ee4cd15f65c3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
x-amz-version-id
null
age
11084
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=86400
content-type
image/png
last-modified
Sun, 10 Nov 2024 23:52:30 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
s-maxage=86400, max-age=1800
x-amp-cf-worker
true
cf-ray
8e0f28bd9fb9e504-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
6783
server
cloudflare
x-amz-server-side-encryption
AES256
icon-noun-bolt-red-6744234
elfcosmetics.a.bigcontent.io/v1/static/ 		352 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-bolt-red-6744234?%24Desktop%24=&fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fa7ded4aa8a4a3c65e534e33fe4acbc016443a1a58749fcf02f5dc2f60a011f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
age
336
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=86400
content-type
image/svg+xml
last-modified
Mon, 11 Nov 2024 14:00:44 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
s-maxage=86400, max-age=1800
x-amp-cf-worker
true
cf-ray
8e0f28bd9fb3e504-TXL
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
age
36081
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=86400
content-type
image/svg+xml
last-modified
Sun, 10 Nov 2024 07:00:12 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
s-maxage=86400, max-age=1800
x-amp-cf-worker
true
cf-ray
8e0f28bd9fbfe504-TXL
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
icon-noun-family-7026571-min
elfcosmetics.a.bigcontent.io/v1/static/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-family-7026571-min?%24Desktop%24=&fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c31826b9b61e051e0f0c582d9963e9f7835ec7249ed88cc651ce10b349496b8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
age
11881
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=86400
content-type
image/svg+xml
last-modified
Sun, 10 Nov 2024 19:53:10 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
s-maxage=86400, max-age=1800
x-amp-cf-worker
true
cf-ray
8e0f28bd9fbae504-TXL
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
locale-link-rewriter-0.0.3-min
cdn.c1.amplience.net/c/elfcosmetics/ 		785 B
379 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.3-min
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211712b7c1d41d38ce53d0e4f6523bb2fc6b57ce6ff83bc021542c7edffd6e6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
s-maxage=1800, max-age=120
content-encoding
gzip
cf-cache-status
HIT
age
1727
cf-ray
8e0f28bdce511e60-FRA
access-control-allow-origin
*
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=1800
content-type
application/javascript; charset=utf-8
last-modified
Mon, 11 Nov 2024 14:30:00 GMT
vary
Accept-Encoding
server
cloudflare
locale-link-rewriter-0.0.2-min
cdn.c1.amplience.net/c/elfcosmetics/ 		553 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.2-min
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
s-maxage=1800, max-age=120
content-encoding
gzip
cf-cache-status
HIT
age
410
cf-ray
8e0f28bdce531e60-FRA
access-control-allow-origin
*
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=1800
content-type
application/javascript; charset=utf-8
last-modified
Mon, 11 Nov 2024 14:54:52 GMT
vary
Accept-Encoding
server
cloudflare
vendor.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/ 		2 MB
643 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b27c6c4bfdd785ac0a86aa41d64ea5e6a2492258250deaa91ec4aab4723b714f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-amz-meta-deploy
920359
content-encoding
gzip
age
237053
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
vUXJLLB-vkF4kBPlBbIepolX8Y92Jth5zRakdC9wgHojCm8gWV4HjQ==
date
Mon, 11 Nov 2024 15:01:42 GMT
content-type
application/javascript; charset=utf8
x-served-by
cache-fra-etou8220134-FRA
x-cache-hits
1
x-yottaa-optimizations
ob/1001 si/3211a5fec642-1730389938-1123216040 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
vary
Accept-Encoding
x-yottaa-forcecache
true, true
cache-control
public, max-age=31104000
x-timer
S1731337303.796568,VS0,VE2
via
1.1 a65725dd05dc27eea7ae75a2e122228e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-bundle
12647
x-yottaa-metrics
3221a5fec60c/[263,188,-] 3211a5fec642/[hit]
accept-ranges
bytes
access-control-allow-origin
*
content-length
657954
x-amz-cf-pop
DFW57-P1
server
AmazonS3
main.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/ 		2 MB
564 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a782aaec748517fc03f175d15c0cbab70a76dc04d0832ae9f05cbb00fd4b3df0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-amz-meta-deploy
920359
content-encoding
gzip
age
237051
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
zgsUj8d-BdOteYNAKMtTQuOvdIKUgkeCNxtUl14fQaq42Agio-_LCA==
date
Mon, 11 Nov 2024 15:01:42 GMT
content-type
application/javascript; charset=utf8
x-served-by
cache-fra-etou8220134-FRA
x-cache-hits
1
x-yottaa-optimizations
ob/1101 si/3211a5fec6ea-1730389938-507585260 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
vary
Accept-Encoding
x-yottaa-forcecache
true, true
cache-control
public, max-age=31104000
x-timer
S1731337303.797032,VS0,VE2
via
1.1 ae39d1ac6bb931d0ff3d636fc3e249de.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-bundle
12647
x-yottaa-metrics
3221a5fec6f4/[31,-,1731100249499] 3211a5fec6ea/[hit]
accept-ranges
bytes
access-control-allow-origin
*
content-length
576795
x-amz-cf-pop
DFW57-P1
server
AmazonS3
pages-home.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/pages-home.js?yocs=Z_14_1K_
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
064a1c99701eb18846c77782c2c146e2dc28471ab9305e802cbffbf280cc8f44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-amz-meta-deploy
920359
content-encoding
gzip
age
237041
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
kqAC3sBT07eQdZ97YjJD8ip7QyAPAjbYNRaQw0d7XICMktEGbnvY4A==
date
Mon, 11 Nov 2024 15:01:42 GMT
content-type
application/javascript; charset=utf8
x-served-by
cache-fra-etou8220134-FRA
x-cache-hits
1
x-yottaa-optimizations
ob/1100 si/2311cc8d59cd-1730225859-376938289 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
vary
Accept-Encoding
x-yottaa-forcecache
true, true
cache-control
public, max-age=31104000
x-timer
S1731337303.797035,VS0,VE1
via
1.1 e4c06b6e6eb895470e2fd65bbc93b3b6.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-bundle
12647
x-yottaa-metrics
2321cc8d59db/[5,-,1731100250496] 2311cc8d59cd/[-,9.730]
accept-ranges
bytes
access-control-allow-origin
*
content-length
2340
x-amz-cf-pop
IAD79-C3
server
AmazonS3
VR-bs-main-image_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/VR-bs-main-image_D-min?fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa2bab00e01cbdc0c926559c2803b90e56e7429235eef87cdbbc75e749c67e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
72069
x-amp-source-width
1606
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 19:00:33 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
kRPpkfpUA,l4p5bDg2e,B_inp_qAR,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
d6dW4XgstG
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28befdccd9d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
130558
x-amp-published
Fri, 01 Nov 2024 05:28:10 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
VR-bs-texture_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/VR-bs-texture_D-min?fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1d43310803248bd6897349526592a20346276eb795b4e460052552829a9675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
72069
x-amp-source-width
1330
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 19:00:33 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
fALlXEBVn,l4p5bDg2e,mwogjf4AX,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
JfE0HVcvQv
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28befdd2d9d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1909
x-amp-published
Fri, 01 Nov 2024 05:28:13 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
VR-bs-eyebrow_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/VR-bs-eyebrow_D-min?fmt=auto
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa565ae5b2d1b4a92a4a32119799e49f726a3596f5a81400ddcea8df8bb6c232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
72068
x-amp-source-width
216
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 19:00:34 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
uvk41qMxR,l4p5bDg2e,EXJAl88F9,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
3igWTXOqfH
x-amp-source-height
137
x-amp-cf-worker
true
cf-ray
8e0f28befdd0d9d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5457
x-amp-published
Fri, 01 Nov 2024 05:28:09 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
wave-3-holiday-gift-shop-2024-11-IMAGE-1_D
cdn.media.amplience.net/i/elfcosmetics/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-1_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-1_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-1_D?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34fe096b450602f45d9d5fc8776bc0bfb94b00c1d0527c5134f53cca3fa2befc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
86189
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 15:05:13 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
kICBQX5AP,l4p5bDg2e,YweEFNSGS,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
b6LSJU8hgP
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28befdcfd9d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
41640
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
holiday-gift-shop-2024-10-BACKGROUND_D
cdn.media.amplience.net/i/elfcosmetics/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-BACKGROUND_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-BACKGROUND_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-BACKGROUND_D?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3aefad8320bb991de8eafa41f44a90e72ab74e7c6d485120e9a3b3fd32495b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
76248
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 04:00:49 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
SWzDz9zBH,l4p5bDg2e,6bFvEsMpx,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
FnAwAIn7z4
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28befdd8d9d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
10039
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
wave-3-holiday-gift-shop-2024-11-HEADLINE_D
cdn.media.amplience.net/i/elfcosmetics/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-HEADLINE_D?fmt=auto&w=332%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-HEADLINE_D?fmt=auto&w=664%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-HEADLINE_D?fmt=auto&w=996%203x
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7890d1308d3c7835cb61d98064d10f7746601ce59d10d2d985613052eb564f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
79047
x-amp-source-width
858
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:42 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 17:04:15 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
57zYVp55m,l4p5bDg2e,RuEvOgLoQ,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
S-jy-LWHwJ
x-amp-source-height
248
x-amp-cf-worker
true
cf-ray
8e0f28befddbd9d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
10206
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
holiday-new-arrivals-2024-11-IMAGE-1_D
cdn.media.amplience.net/i/elfcosmetics/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-IMAGE-1_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-IMAGE-1_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-IMAGE-1_D?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65269af2d960301de9becf9bd209ab5adb0323e3a898a64739f8e7ab0aa57eea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
28488
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:43 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Mon, 11 Nov 2024 07:00:15 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
PBxRBkRyU,l4p5bDg2e,xC2g0i2ty,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
hqzEeekedL
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28bfdffcd9d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
80819
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
holiday-new-arrivals-2024-11-HEADLINE_D
cdn.media.amplience.net/i/elfcosmetics/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-HEADLINE_D?fmt=auto&w=332%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-HEADLINE_D?fmt=auto&w=664%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-HEADLINE_D?fmt=auto&w=996%203x
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea90e8ff68723033451384af6790ce5b0c1c404d12b68db0625cdcdb06993e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
37034
x-amp-source-width
1288
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:43 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Mon, 11 Nov 2024 04:44:29 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
kFBUu5QBz,l4p5bDg2e,MoKKBNxEo,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
LPGPhnLOhG
x-amp-source-height
224
x-amp-cf-worker
true
cf-ray
8e0f28bfd801d9d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
12322
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCFF52536C02E8
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
47415
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 15:01:43 GMT
date
Mon, 11 Nov 2024 15:01:43 GMT
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 17:33:43 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
265d7408-301e-0026-05fa-31083e000000
cf-ray
8e0f28c41c885c8c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7212
x-ms-blob-type
BlockBlob
server
cloudflare
api_dynamic.js
cdn.dynamicyield.com/api/8772046/ 		573 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:5000:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
7f5996c22fc09bf3ef02e07473b5677fe8fcc436caffacd309cb9ce46224a9e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

vary
accept-encoding
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
cache-control
max-age=30
content-encoding
gzip
etag
W/"52317057a3ce9e1b508156333a1a75d2"
age
1
via
1.1 b2d59a81483e9c35443be57826cea9fa.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
_nBk_h2EaAwD67faf7kwmPSO5jgOY2s4SpbjUSvYtDflfoZEWHmtog==
date
Mon, 11 Nov 2024 15:01:43 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 09 Nov 2024 19:11:13 GMT
server
DYCDN
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
api_static.js
cdn.dynamicyield.com/api/8772046/ 		395 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:5000:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
72ff5a1f7f8d2a84d8976552d8a42bb69c9ff70656b0c902af9c57902de5b3c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

vary
accept-encoding
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
cache-control
max-age=28800
content-encoding
gzip
etag
W/"15bb49298c3e6444486bceb2176f1eaa"
age
20791
via
1.1 b2d59a81483e9c35443be57826cea9fa.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
yKlpX1ICnWF-jFu5GKZ9eBsfUK8Ewj3ICZOSbVebQYs_h1aXjmCgJw==
date
Mon, 11 Nov 2024 09:15:29 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 09 Nov 2024 19:11:14 GMT
server
DYCDN
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		554 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c31c5763c861ee609a829be7d2e2bd13d9534b0c2c18096b52e981495df9dd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 11 Nov 2024 15:01:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
146650
x-xss-protection
0
server
Google Tag Manager
/
api.ipify.org/ 		21 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
174f4240edf8e867badf2f21c2555a35aa1e8fd1b9ef693d02cf920e8c2a96a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8e0f28c4484962e0-HAM
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=40702&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2304&delivery_rate=96995&cwnd=254&unsent_bytes=0&cid=a64a32117e81627f&ts=167&x=0"
content-length
21
date
Mon, 11 Nov 2024 15:01:43 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api.ipify.org/ 		21 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
174f4240edf8e867badf2f21c2555a35aa1e8fd1b9ef693d02cf920e8c2a96a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8e0f28c54acc62e0-HAM
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=40905&sent=11&recv=13&lost=0&retrans=0&sent_bytes=4355&recv_bytes=2365&delivery_rate=96995&cwnd=257&unsent_bytes=0&cid=a64a32117e81627f&ts=310&x=0"
content-length
21
date
Mon, 11 Nov 2024 15:01:43 GMT
content-type
application/json
vary
Origin
server
cloudflare
searchsession
www.elfcosmetics.com/api/en-us/v2.0/ 		105 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/en-us/v2.0/searchsession?locale=en-us&profile_id=&session_id=
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/ Express
Resource Hash
daae00cdc537a324a902275e68556509bb363e0e4937073a98bf996bc99322cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
x-amzn-remapped-connection
keep-alive
etag
W/"69-tWutbP+WvB+RlEf7ltItW96S9Qs"
age
0
x-content-type-options
nosniff
x-amzn-requestid
23a1fb85-67cc-4cb1-8f48-f46d0be570fd
date
Mon, 11 Nov 2024 15:01:43 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897053 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-os
200
x-amz-apigw-id
BFldxGYZPHcEFHQ=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:43 GMT
x-yottaa-metrics
2521cc02852b/[155,154,-] 25D1cc028561/[-,156.161]
access-control-allow-origin
*
content-length
110
x-powered-by
Express
7f85a56ba4.css
use.fontawesome.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/7f85a56ba4.css
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"8360eb270b919a1fb4776bc448d9ed14"
age
3682
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BZt%2FasxpE%2Bpoqm9paly%2B2C3nIoBKn1sLvLMMWMNc65jwPaQqf3bx%2BG0tem0X%2FnTTI7%2FuRyEacxqfvHDgFTDmEYafvVi2S3OXDUANHLUs7ZgLVmOj7XQFNRmK7l0ZCPDfoRhoIHAO7FbPArRqIBfm04qg"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0f28c4aaa239e0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=39017&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4026&recv_bytes=2234&delivery_rate=99869&cwnd=252&unsent_bytes=0&cid=df63756cd29193f6&ts=84&x=0"
date
Mon, 11 Nov 2024 15:01:43 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 00:57:51 GMT
vary
Accept-Encoding
server
cloudflare
callback
www.elfcosmetics.com/
Redirect Chain
  • https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=...
  • https://www.elfcosmetics.com/callback?usid=224ce325-ccb7-42ab-b5d6-65129fdb1025&code=3mrSmrB8VWrNP0hD1pfZvAjDinIXxyINcsWw5YdhijQ
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/callback?usid=224ce325-ccb7-42ab-b5d6-65129fdb1025&code=3mrSmrB8VWrNP0hD1pfZvAjDinIXxyINcsWw5YdhijQ
Protocol
H2
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-amzn-remapped-content-length
0
x-amzn-remapped-connection
close
age
0
x-amzn-requestid
7a5e4fd5-9d4a-4294-a137-988760a2462d
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
LmPh5NfiJ5oa1bcDKJPlJvKXXHTA3_JV0BEkJZcMClpHjKKq8ckr8w==
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/json
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897063 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
strict-transport-security
max-age=15552000; includeSubDomains
x-yottaa-os
200
x-yottaa-forcecache
true
cache-control
public, max-age=604800
x-amz-apigw-id
BFleAGTGiYcEh2g=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:45 GMT
x-amzn-trace-id
Root=1-67321c59-65e5e3c268f720076f58c492;Parent=03fea89222e8997c;Sampled=0;Lineage=1:2b75b0e9:0
via
1.1 7dbcbf3457f77b741952e31c6826a8dc.cloudfront.net (CloudFront)
x-yottaa-metrics
2521cc028521/[237,235,-] 25D1cc028561/[-,238.225]
access-control-allow-origin
*
content-length
0
x-amz-cf-pop
SFO53-P7

Redirect headers

x-correlation-id
8e0f28cb180769d7
cf-cache-status
DYNAMIC
age
0
x-ratelimit-1m-limit
24000, 2000000
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
h1eqq74vnslz919dsO1UmnS7phHgccPabLmt1AfwQm2o7VyA__JC6A==
date
Mon, 11 Nov 2024 15:01:44 GMT
vary
Accept-Encoding
x-yottaa-optimizations
ob/0 si/25D1cc028561-1730834774-9715897061 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
strict-transport-security
max-age=31536000; includeSubDomains
x-yottaa-os
303
cache-control
no-store
location
https://www.elfcosmetics.com/callback?usid=224ce325-ccb7-42ab-b5d6-65129fdb1025&code=3mrSmrB8VWrNP0hD1pfZvAjDinIXxyINcsWw5YdhijQ
pragma
no-cache
via
1.1 77c3ff47f2ab47e28346b6b3668d2c3a.cloudfront.net (CloudFront)
cf-ray
8e0f28cb180769d7-PDX
x-yottaa-metrics
2521cc028525/[182,180,-] 25D1cc028561/[-,183.322]
access-control-allow-origin
*
x-ratelimit-1m-remaining
22964, 1932036
content-length
0
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=n-qY7vg4ju0kIE85FGW4bNwN5LjgXQg-alTXL2Dcyw8
x-amz-cf-pop
SFO53-P7
x-ratelimit-1m-reset
15119, 15118
/
sdk.iad-05.braze.com/api/v3/data/ 		709 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcbe3223f3a05100b63f00ab4b3e9216a9f7ded14f5af3565daf812a8b0a6377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/
X-Braze-TriggersRequest
true
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-DataRequest
true
X-Braze-Req-Attempt
1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age
7200
x-request-id
7b253088-f5e3-49cf-8473-aa1a2abb84bb
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"dcbe3223f3a05100b63f00ab4b3e9216"
access-control-allow-methods
POST, GET
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.158353
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1731337305
cf-ray
8e0f28c63c5d58e4-TXL
x-ratelimit-remaining
489.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
camo-brontour-new-shades-2024-10-ungated-IMAGE-1_D
cdn.media.amplience.net/i/elfcosmetics/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/camo-brontour-new-shades-2024-10-ungated-IMAGE-1_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/camo-brontour-new-shades-2024-10-ungated-IMAGE-1_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/camo-brontour-new-shades-2024-10-ungated-IMAGE-1_D?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1acc1403e61b9d772305b491744696b75a263a7f5c504d0ba1187e69f387b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
80886
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:43 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 09:01:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
sSWY9jj3W,l4p5bDg2e,9JwOWQN66,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
pUBZ8hHXVj
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28c4c9e0e52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
16462
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
camo-brontour-new-shades-2024-10-ungated-BACKGROUND_D
cdn.media.amplience.net/i/elfcosmetics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/camo-brontour-new-shades-2024-10-ungated-BACKGROUND_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/camo-brontour-new-shades-2024-10-ungated-BACKGROUND_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/camo-brontour-new-shades-2024-10-ungated-BACKGROUND_D?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf38117a6b01a896f53d8ef2be6ee1c9ef86dce3fde76c16f37d357ad3817e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
83619
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:43 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sat, 09 Nov 2024 21:33:27 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
lpvgJ-evB,l4p5bDg2e,_98GR8nKI,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
oT5h5t-zaX
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28c4c9e9e52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2817
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8e0f28c54afe58e4-TXL
content-encoding
gzip
date
Mon, 11 Nov 2024 15:01:44 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf500a4c158d24ba238d521a5fa775e693d03c507fa3f882bffbbeaf9fedeb64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
aY7kJA0jlzEL9QWHODNZDw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCA5D566A7B63C
age
68224
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 12 Nov 2024 15:01:43 GMT
date
Mon, 11 Nov 2024 15:01:43 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 20:25:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
b5f0efaf-a01e-006c-744c-263859000000
cf-ray
8e0f28c57bfc902e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1832
x-ms-blob-type
BlockBlob
server
cloudflare
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://use.fontawesome.com/7f85a56ba4.css

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"36082410df2ef7f83932219089dc1443"
age
42080
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVT%2FbMjquqPiJWbVuWTNiE4nRZ94Nzi5HFsnBOJS5VBiITSqhtY2ZNSYd2DGUwJxwjXHMf9uRmDLoan3WxJpqcONnT%2ByGOM0GNDITGTjXrJOtHPGFZQQgfawE%2B2L3Vkiw7YXcxx0tEoPGPjFHqJb3IL8"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0f28c56b9139e0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=46883&sent=12&recv=14&lost=0&retrans=0&sent_bytes=5129&recv_bytes=2377&delivery_rate=99869&cwnd=257&unsent_bytes=0&cid=df63756cd29193f6&ts=197&x=0"
date
Mon, 11 Nov 2024 15:01:43 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
vary
Accept-Encoding
server
cloudflare
st
st.dynamicyield.com/ 		160 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=kr8roqpib9xhc1jcbvydbqk6eyp1ablz&ref=&scriptVersion=2.44.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8c00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b91c2f03f267048a67d950065653efcd117a6fffb313a61481d95188ca34de13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache
content-encoding
gzip
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
expires
Mon, 11 Nov 2024 15:01:43 GMT
access-control-allow-origin
*
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-amz-cf-id
T-EaOPALUqgNfa-ULxpUu6MEQNqiGGT8caDi0CsZ9ooopaGdeKVFvQ==
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P2
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8e0f28c729f48f39-FRA
access-control-allow-origin
*
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=2124806892.1731337304&auid=587485049.1731337304&npa=1&gtm=45He4b70v896608294za200&gcs=G1--&gcd=13l3l3l2l5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&tft=1731337304098&tfd=3405&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f196.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 52ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.elfcosmetics.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
428472
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Nov 2024 16:00:32 GMT
expires
Thu, 06 Nov 2025 16:00:32 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202406.1.0/ 		451 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
7I5y/rp4ODu7ul89ty+epQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56F667161
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
39968
x-content-type-options
nosniff
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 22:20:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
5bc25b51-101e-0031-4bd5-2cc85d000000
cf-ray
8e0f28c79eb05c8c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
112027
x-ms-blob-type
BlockBlob
server
cloudflare
en.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/01909eed-3bdc-7283-8d20-1f7cc7f672d6/ 		270 KB
47 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/01909eed-3bdc-7283-8d20-1f7cc7f672d6/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3e46bfe2e437ec88b337c4893c591c726abfaafe957984466738e317ec5478
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
O2WrPsqEzZtXQecUT5GJ8Q==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCA5D56988B2D3
age
68213
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 12 Nov 2024 15:01:44 GMT
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 20:25:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
28a8e544-e01e-002f-7c4c-2612b0000000
cf-ray
8e0f28c84e4f902e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
48426
x-ms-blob-type
BlockBlob
server
cloudflare
iab2V2Data.json
cdn.cookielaw.org/vendorlist/ 		593 KB
77 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2V2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a159ed2d66ea53c973024bd4672601417cbf8f31f4c70fdd30f7b7259965d879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
4JFosgY/jm5PZx1thUeFyg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD01B81CE3880D
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
28150
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 15:01:44 GMT
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/json
last-modified
Sun, 10 Nov 2024 18:47:22 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
e6571bf5-d01e-00c2-4ca3-331b34000000
cf-ray
8e0f28c84e54902e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
78127
x-ms-blob-type
BlockBlob
server
cloudflare
otTCF.js
cdn.cookielaw.org/scripttemplates/202406.1.0/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/otTCF.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
w7rriz6IwW2xtS9bVJshOg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56E73A9D1
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
29109
x-content-type-options
nosniff
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 22:19:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
d59425b0-301e-0087-5eeb-30c6a5000000
cf-ray
8e0f28c84f405c8c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
17104
x-ms-blob-type
BlockBlob
server
cloudflare
dy-coll-min.js
cdn.dynamicyield.com/scripts/2.44.0/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:5000:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
2ec6c83ec1824898d15400462916551bf6761d2772bc3baec5b8fba523e03eb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

vary
accept-encoding
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"90e4adaea90c4ceca44f62f926a57eab"
age
722685
via
1.1 b2d59a81483e9c35443be57826cea9fa.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
2M1Hbgo-Xx2GShE4uz9pD4_Fgk-DI6IRnBgt5rXHRLUGxAHFw6WXyg==
date
Sun, 03 Nov 2024 06:17:00 GMT
content-type
text/javascript
last-modified
Sun, 13 Oct 2024 09:14:17 GMT
server
DYCDN
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8e0f28c84fbc58e4-TXL
content-encoding
gzip
date
Mon, 11 Nov 2024 15:01:44 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2436b6965ffae2c5d5dfac98e20fe71cf7b58e0641cdd407c32efda5aba8f457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/
BRAZE-SYNC-RETRY-COUNT
0
X-Braze-DataRequest
true
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-ContentCardsRequest
true
X-Braze-Req-Attempt
1
X-Braze-Req-Tokens-Remaining
29
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age
7200
x-request-id
70327ffb-fd94-4401-a16f-dd4a87d43a2b
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"2436b6965ffae2c5d5dfac98e20fe71c"
access-control-allow-methods
POST, GET
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.066752
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1731337305
cf-ray
8e0f28c9494a58e4-TXL
x-ratelimit-remaining
477.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
sync
sdk.iad-05.braze.com/api/v3/feature_flags/ 		20 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-DataRequest
true
X-Braze-Req-Attempt
1
X-Braze-Req-Tokens-Remaining
28
X-Braze-FeatureFlagsRequest
true
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age
7200
x-request-id
cd2db81e-a60f-4633-8dea-32240f4e0cf5
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"e92f434a50c76d6e52d0d3cc91cdf185"
access-control-allow-methods
POST, GET
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.039489
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1731337305
cf-ray
8e0f28c989d558e4-TXL
x-ratelimit-remaining
482.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
sync
sdk.iad-05.braze.com/api/v3/feature_flags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8e0f28c84fc358e4-TXL
content-encoding
gzip
date
Mon, 11 Nov 2024 15:01:44 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
8772046
rcom.dynamicyield.com/v3/recommend/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rcom.dynamicyield.com/v3/recommend/8772046
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1c:df99:ffc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
94d8cfd31a822427f2192decb01f00a6f6d28be99c1a41b6c03d372c6df2274f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
access-control-allow-methods
GET, POST
via
1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
1185
x-amz-cf-id
L-FQFjUCS7gaGzUYf2z-vc9GXlqMTWpvGPf81RNNO1HQcGJyy18NCw==
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P6
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
uia
async-px.dynamicyield.com/ 		0
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/uia?cnst=1&_=1731337304467
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
2AUsCSXOVbFtKFlOF-aMJKKssMNvHwqz4L6J4hZMSCa7oqGz8gSU8Q==
date
Mon, 11 Nov 2024 15:01:44 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
kpi
pixel.pointmediatracker.com/ 		0
0
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
80.255.7.109; 80.255.7.109; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
80a44703-36c9-4965-a5fb-efddeee10034
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 11 Nov 2024 15:01:45 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
80.255.7.109; 80.255.7.109; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
bb36ad99-f680-4591-b32e-9131ad237d43
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 11 Nov 2024 15:01:45 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
/
insight.adsrvr.org/track/pxl/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-length
70
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
image/gif
server
Kestrel
8772046
rcom.dynamicyield.com/v3/recommend/ 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rcom.dynamicyield.com/v3/recommend/8772046
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1c:df99:ffc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
00f3ca21795a2054d69c5430519db2561d3b034af3a41dd113d49f43a1125ff4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
access-control-allow-methods
GET, POST
via
1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
1690
x-amz-cf-id
M49yWQ5ydSChqLq8-CfTlJ3KD8tzxmMOKnrYXsBa5JY24NcLJanCaQ==
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P6
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
8772046
rcom.dynamicyield.com/v3/recommend/ 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rcom.dynamicyield.com/v3/recommend/8772046
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1c:df99:ffc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e993a85e0bae0f02cdd64d447ab767fd02f05ef76d88658eace6e4590450cd2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
access-control-allow-methods
GET, POST
via
1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
1650
x-amz-cf-id
w21LIfoehcyaVt8w19DxsZ416p_q-SSzumycSlqXgnWmyU54hLcSxA==
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P6
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
otFlat.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
sHJXWIgDpMKY35PyRRy4zQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56B3084E2
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
16313
x-content-type-options
nosniff
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:19:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
296f5804-e01e-0024-0a05-f40ac4000000
cf-ray
8e0f28ca283b902e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3003
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
LtDYZmcfPNW39lMw/Yu0RQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56C7CC8BB
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
47161
x-content-type-options
nosniff
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:19:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
125efa87-d01e-00e0-3577-d87502000000
cf-ray
8e0f28ca283c902e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
12723
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
30506
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=24745
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 22:20:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
c2721718-001e-00c0-0f77-d819ce000000
cf-ray
8e0f28ca283d902e-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
favicon.ico
www.elfcosmetics.com/ 		34 KB
35 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-amzn-remapped-content-length
34494
x-amzn-remapped-connection
close
etag
W/"86be-1930d9d2a00"
age
0
x-amzn-requestid
5b95d93d-f73b-4df6-a1f1-af8763e4d14d
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
pnO3JIbqHxGQeZMda81TV-TFfZFKo2TQ42g7rTzURUK74Zy1btLKKQ==
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
image/x-icon
last-modified
Fri, 08 Nov 2024 21:10:24 GMT
vary
Accept-Encoding
x-yottaa-optimizations
ob/100 si/25D1cc028561-1730834774-9715897060 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
cache-control
max-age=600, s-maxage=600
x-amz-apigw-id
BBtfAHoaCYcEulQ=
x-amzn-remapped-date
Sun, 10 Nov 2024 10:48:50 GMT
x-amzn-trace-id
Root=1-67308f92-6d65e4d252bc78c42d27983c;Parent=7853b65d215087fd;Sampled=0;Lineage=1:2b75b0e9:0
via
1.1 496003b8c4e3056a62dc655a8393be56.cloudfront.net (CloudFront)
x-yottaa-metrics
2521cc02851b/[3,-,1731337088869] 25D1cc028561/[-,3.967]
accept-ranges
bytes
access-control-allow-origin
*
content-length
34494
x-amz-cf-pop
SFO53-P7
batch
async-px.dynamicyield.com/ 		0
384 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1731337304668_598522
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 f1b6636265d2ca44d8a0ca5488a5ec0c.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
RivEK8hGDzgQ8JRcWPW0RmetQFInLFB0X4q590yKmzu2fzxG-7EV9w==
date
Mon, 11 Nov 2024 15:01:44 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
event
qoe-1.yottaa.net/log-nt/ 		3 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/log-nt/event
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.184.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0540a066b92ce4ca.awsglobalaccelerator.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

access-control-allow-origin
*
access-control-expose-headers
X-Results-Data-Source
timing-allow-origin
*
cache-control
no-cache
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
text/json
access-control-allow-credentials
true
site.min.js
edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/ 		84 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/site.min.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"50d92f85574de50a7d4a214fa4131720"
x-amz-version-id
.qrNcRtRG6VmB5kbLKXtk4Otpa6s5GTr
age
1416
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/javascript
last-modified
Fri, 07 Jun 2024 18:56:15 GMT
vary
Accept-Encoding
x-amz-id-2
viPV0ae6QPLxkhpcjgY+OQFe9YoyNZaJt1w8+9sm1vY66nmGEYEKkxeMq3Yr5pZKS5meUdQi9h8=
x-amz-replication-status
COMPLETED
cache-control
max-age=1800,s-maxage=1800
x-amz-request-id
CF031P1YMJB790PP
cf-ray
8e0f28cabde3caad-HAM
server
cloudflare
x-amz-server-side-encryption
AES256
api.js
www.google.com/recaptcha/ 		1 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f196.1e100.net
Software
ESF /
Resource Hash
45a2e6c1e41df41dff8f422299d8d7afa9c0aa58d6663a3a57fa4024aa56fb93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 15:01:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 11 Nov 2024 15:01:44 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=923512&uid=-5219671725872898984&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=b49aba3bed89eba793085c5667699d0a&expSes=89274&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=4854668972467072187&cgtgDecisionId=4854668970903793634&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1731337304670&rri=2130515
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
Ob6NEVqxOjHlbiQEq8gglG6liSJpQLci9ONHopPHtr7tuPfeE-yxlw==
date
Mon, 11 Nov 2024 15:01:44 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=738983&uid=-5219671725872898984&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=b49aba3bed89eba793085c5667699d0a&expSes=89274&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=4854668972461028829&cgtgDecisionId=4854668971957290824&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1731337304671&rri=4477548
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
0aUqxtPBprgEVKjda90j3KgbLUUUJhGS3DvOAARro13xZKcRZFA_-g==
date
Mon, 11 Nov 2024 15:01:44 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=866488&uid=-5219671725872898984&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=b49aba3bed89eba793085c5667699d0a&expSes=89274&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=4854668970604018590&cgtgDecisionId=4854668971211863839&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1731337304671&rri=8251019
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
ol8uqn3BhnimLjiWEMyAbw7s2AikCob_20p62nyZQEObkgQ3uG0WjA==
date
Mon, 11 Nov 2024 15:01:44 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=984747&uid=-5219671725872898984&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28207095%5D&ses=b49aba3bed89eba793085c5667699d0a&expSes=89274&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=4854668970376653924&cgtgDecisionId=4854668970181250291&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1731337304671&rri=4868810
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
Z73KyYD8vXkruIDBtb667QhOYtmuh9sU7Mo81rNMH7G2_449G4-gcQ==
date
Mon, 11 Nov 2024 15:01:44 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=820794&uid=-5219671725872898984&sec=8772046&t=ri&e=1750936&p=1&ve=13617998&va=%5B28818377%5D&ses=b49aba3bed89eba793085c5667699d0a&expSes=89274&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=4854668973680597231&cgtgDecisionId=4854668970350636850&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1731337304672&rri=111628
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
6qN8d83NHtnvzQ8mTMe8SEfTH-aKli5Pd_EjwZKs3qa7LjEHVSGnmQ==
date
Mon, 11 Nov 2024 15:01:44 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=675951&uid=-5219671725872898984&sec=8772046&t=ri&e=1750954&p=1&ve=13618112&va=%5B28973875%5D&ses=b49aba3bed89eba793085c5667699d0a&expSes=89274&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=4854668971439873118&cgtgDecisionId=4854668970393341920&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1731337304672&rri=3226685
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
DAavEa5i0zyo13CIAiBWS8rOvnfWhxs_m0hsxnf158Pw7kfCgEYg-g==
date
Mon, 11 Nov 2024 15:01:44 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
110221.ct.js
tag.rmp.rakuten.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.rmp.rakuten.com/110221.ct.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
290f9c6084b46b94850626f1dbe6df20c7a805bed18c5aad6360bcc4da3bfae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=86400
content-encoding
gzip
x-samesite
secure
via
1.1 google
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
hit
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
text/javascript
last-modified
Mon, 11 Nov 2024 15:01:44 GMT
js
www.paypal.com/sdk/ 		425 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6eb2a6022673c222415a30385c0768cdb2491a4d3036be801de5aeb21cb51597
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ps7yhRTVF+OR0ZPfC+c16mb6COdz8KawtZIsruV3iK8GWofm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ps7yhRTVF+OR0ZPfC+c16mb6COdz8KawtZIsruV3iK8GWofm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f47414715a545
content-encoding
gzip
etag
W/"1d853-l8D2bzDuK+4zwsrOoQxd0wCYGYI"
age
643
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f47414715a545-08eecbbd77031dfe-01
server-timing
"traceparent;desc="00-0000000000000000000f47414715a545-47972a40bc1f65c5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220044-FRA, cache-fra-etou8220044-FRA
x-cache-hits
1, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ps7yhRTVF+OR0ZPfC+c16mb6COdz8KawtZIsruV3iK8GWofm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ps7yhRTVF+OR0ZPfC+c16mb6COdz8KawtZIsruV3iK8GWofm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1731337305.820075,VS0,VE7
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
120915
x-xss-protection
1; mode=block
main.js
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.154.123 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-154-123.deploy.static.akamaitechnologies.com
Software
nginx / Express
Resource Hash
0c22692fd69ca82d18566270bcbf1bd4c8b2f53fcc163cbd2dbffd6dfd0f8c5e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

Strict-Transport-Security
max-age=15768000
Vary
Accept-Encoding
Cache-Control
must-revalidate, max-age=900
Content-Encoding
gzip
Connection
keep-alive
Expires
Mon, 11 Nov 2024 15:16:44 GMT
Access-Control-Allow-Origin
*
Content-Length
53116
Date
Mon, 11 Nov 2024 15:01:44 GMT
Content-Type
application/javascript;charset=UTF-8
X-Powered-By
Express
Server
nginx
X-Frame-Options
SAMEORIGIN
/
websdk.appsflyer.com/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-28.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-amz-cf-pop
FRA60-P5
content-encoding
gzip
etag
W/"7ee104753099f9f00003724eb0a4c433"
age
529
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
UA0Nf6z3LrDiSpNyhDAB7SUDMvrxPu9vJo0VtPy_8nazvSwJ_rF_EA==
date
Mon, 11 Nov 2024 14:52:56 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Tue, 01 Oct 2024 07:07:49 GMT
x-amz-server-side-encryption
AES256
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
533 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
25842
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
image/svg+xml
last-modified
Mon, 11 Nov 2024 03:07:23 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
cb2742af-101e-00b9-46eb-337084000000
cf-ray
8e0f28ca98a2902e-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
E8+sk/ECzKgTUVtDLikiIA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCFF5257872802
age
39147
cf-cache-status
HIT
x-content-type-options
nosniff
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
image/png
last-modified
Thu, 07 Nov 2024 17:33:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
508b3388-901e-00a8-1840-31479f000000
cf-ray
8e0f28caa8b95c8c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4036
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
30576
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
image/svg+xml
last-modified
Thu, 07 Nov 2024 17:33:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
0e9b10b3-c01e-007c-6803-320ebf000000
cf-ray
8e0f28caa8bb5c8c-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
js
www.googletagmanager.com/gtag/ 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9d17d0fbe60f4a6a6cd392945d1aaaa19efcf5fb0ae9181f76d0595f65e8445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 11 Nov 2024 15:01:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108159
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		404 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7111d26e462934e0c78dffd8cea37a0150da548c49213c275bd48ab03ea819d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 11 Nov 2024 15:01:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
132787
x-xss-protection
0
server
Google Tag Manager
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17b3c384ec1b5ed6df85a810d4ae90a3b58461a35b415a9d20daa2a9bedf20d3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Mon, 11 Nov 2024 15:01:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
batch
async-px.dynamicyield.com/ 		0
383 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1731337304823_131662
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 f1b6636265d2ca44d8a0ca5488a5ec0c.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
tlFxbJMscs3FIFO2rrJgx8X45PG4beF-vrBEWFIVxP4-l0nXNHVDxg==
date
Mon, 11 Nov 2024 15:01:44 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
destination
www.googletagmanager.com/gtag/ 		230 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
31baf12ea3c0a1badca40fc2dee6d533d0cc30e6e798c3b6374e5279221f8420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 11 Nov 2024 15:01:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
84165
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		235 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9c4820ec2216ac89831cff9b45b95706b7fe618a48b2594675e017065a056667
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 11 Nov 2024 15:01:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
85510
x-xss-protection
0
server
Google Tag Manager
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0c28a3b893740df4c1372e6321ce52981e0f77543c6fc8384af2deab941773c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

access-control-max-age
86400
cache-control
max-age=7200
access-control-expose-headers
X-CDN
content-encoding
br
etag
"e5ea31abd058f03a816c43871945979e"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
access-control-allow-origin
*
content-length
1879
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-NSQHhPRI' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-NSQHhPRI' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4421, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
xpiCXAHmhZxQlBXX0nXyebY6GdJTAZyxx6PMnpapKGod1rQeZZiycN2RmxR3oZo2riAXHJzVgfwhLmwEzRkPuw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62105
x-xss-protection
0
origin-agent-cluster
?1
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12126
date
Mon, 11 Nov 2024 15:01:44 GMT
last-modified
Tue, 15 Oct 2024 19:34:59 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FE0D7404484042A4B0A8E23380A5F33F Ref B: LON212050703051 Ref C: 2024-11-11T15:01:45Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
tfa.js
cdn.taboola.com/libtrc/unip/1691051/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72d3c7600e0d4e8aede9f364c6e7071a4c372fb59a5bdf28ceff84a090c4938d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
etag
"3af0dc3beeaa16d0e68af2cd83d44f5a"
x-amz-version-id
cKPoZjlYioT5TQpOYSysnVFqKcYvPoyn
age
74
x-cache
HIT
date
Mon, 11 Nov 2024 15:01:44 GMT
last-modified
Sun, 10 Nov 2024 11:09:17 GMT
x-served-by
cache-fra-etou8220133-FRA
x-cache-hits
1
content-type
application/javascript; charset=utf-8
x-amz-id-2
EE9OtztWiHJBLtKguOa4hhm7hZwoXTYEzfiDh6q9+bgb2wM+v/Aix0TN3iaBQOtijluRWTP2Ovw=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14401
x-timer
S1731337305.967871,VS0,VE1
via
1.1 varnish
x-amz-request-id
MDFR37NV2YZFAMH4
accept-ranges
bytes
access-control-allow-origin
*
abp
39
content-length
25659
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
sgtm.elfcosmetics.com/g/ 		65 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4b70v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13m3m3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101823848~101925629&cid=247771635.1731337305&ecid=668276021&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-NW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sst.rnd=2124806892.1731337304&sst.etld=google.de&sst.gcsub=region1&sst.adr=1&sst.ude=0&_s=1&sid=1731337304&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4183&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmetics.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
text/plain
server
Google Frontend
collect
sgtm.elfcosmetics.com/g/ 		65 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4b70v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13m3m3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101823848~101925629&cid=247771635.1731337305&ecid=668276021&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-NW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sst.rnd=2124806892.1731337304&sst.etld=google.de&sst.gcsub=region1&sst.adr=1&sst.ude=0&_s=2&sid=1731337304&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=page_view&ep.vendor_id=facebook&ep.event_id=1731337843648_173133761808510&ep.facebook_pixel_id=1638306756445368&_et=2&tfd=4187&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmetics.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
text/plain
server
Google Frontend
events.js
analytics.tiktok.com/i18n/pixel/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BRR4GA0I9JJBU29G8GF0&lib=ttq
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
488ba59de5ad368ce4b213719fb98467cb066affb1f885c12cec7f5bda16944a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=8, inner; dur=4
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
26343b50.8cb2969e
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af24afbd6fdb6ae6a7670d8650e038240601609408d165997c16945d51fc07a1f143158f85406504a7735b9371fd837e9b26dbf8b4bfb6b264ea2d9120ee397b879d9e1152e6081ad48c1f79c549913ebcbf94f2f45a119660cefd7c4b370ccd4e4
x-origin-response-time
8,23.220.104.7
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2411111501451F6D8F7D1E15CD791BA1-4511E73C1BA8FC52-00
content-length
2391
x-parent-response-time
99,23.51.23.79
x-tt-logid
202411111501451F6D8F7D1E15CD791BA1
server
nginx
events.js
analytics.tiktok.com/i18n/pixel/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4ff0f02dd7d36d7a731923f52f01cf89d31c696618db36cfdf8085a5ad2e077a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-48-100-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=93, origin; dur=9, inner; dur=4
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
eb802bdd.8cb2969f
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af2b984c496d0d36572fb5eda7cbf09ff2d18f47b3bd6f880d1bd4dd98755a286c37a274ecb00d6437e1677c77918be634046dacba0d90303a4ae6eb5186f20da9adfb32a36374ac75ac6e440d0182efb8fc068a9d6bd783000b2a902a89f319e88
x-origin-response-time
9,23.48.100.90
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-241111150145E9B968417CFA72F6A58F-35F828CA353A90E3-00
content-length
2365
x-parent-response-time
101,23.51.23.79
x-tt-logid
20241111150145E9B968417CFA72F6A58F
server
nginx
experience.min.js
edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/ 		0
0
widget.js
js.jebbit.com/companion/v1/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.jebbit.com/companion/v1/widget.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b600:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
226049a96ceaa190e0dd45980c8fba9367127b7c2b19b635ee30bb7f4fa17e52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-amz-version-id
M.fQKrXkVHcvymDK9D8bU4BvoS660wdj
etag
"9ee6264c1a592ca4976fb94c91ef8c87"
age
44092
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
45384
x-amz-cf-id
UDzXc_rMMgS-U7tSAAOrHC6chwxtwQLG6y8OLzSFjiXg099SrJ9dlQ==
date
Mon, 11 Nov 2024 02:46:54 GMT
content-type
text/javascript
last-modified
Mon, 07 Oct 2024 17:19:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je4b70v879088318z8896608294za200zb896608294&gcs=G100&gcd=13m3mPm2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101823848~101925629&cid=247771635.1731337305&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1731337304&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_ss=2&tfd=4273
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.elfcosmetics.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
text/plain
server
Golfe2
i.js
tag.wknd.ai/4142/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.wknd.ai/4142/i.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
61cd5235c705defcd6ed8d137d31147e78278e41541d707a9c3cfa1e28763ca4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
etag
e919852626d8f5
age
1030
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 14:44:35 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
cache-control
public,max-age=60
timing-allow-origin
*
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-router.tag-router.svc.cluster.local:80/*
via
1.1 google
access-control-allow-origin
*
content-length
5935
server
istio-envoy
x-region
us-central1
include.js
cdn8.eu.inside.chat/gtm/IN-1011171-EC/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn8.eu.inside.chat/gtm/IN-1011171-EC/include.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:911 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e5f2fdc1f7a9d0de8db23174e037c1510a852b514811807b4e3f89307486d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"01e251ada13db1:0"
age
324
cf-cache-status
HIT
expires
Mon, 11 Nov 2024 16:01:45 GMT
cf-polished
origSize=38567
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 08:15:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubdomains
cache-control
public, max-age=3600
cf-ray
8e0f28cd0b21d380-FRA
server
cloudflare
batch
async-px.dynamicyield.com/ 		0
383 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1731337304976_579435
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 f1b6636265d2ca44d8a0ca5488a5ec0c.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
N9Ts6qQlSTETUGr9pJgqaA2hXiE1PbNiW4u1yPuaz9NfY4ALDOORow==
date
Mon, 11 Nov 2024 15:01:45 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
www-widgetapi.js
www.youtube.com/s/player/baafab19/www-widgetapi.vflset/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/baafab19/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab729c30cf1f421e9f8d2f9d8a6f5981fc906e90da32d5a46c7cbbf251fe8af3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
br
age
338
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 14:56:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 14:56:07 GMT
last-modified
Wed, 06 Nov 2024 05:17:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10157
x-xss-protection
0
server
sffe
local
www.paypal.com/credit-presentment/experiments/ Frame 6ADA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.12&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CEF) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
63608
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1524
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
correlation-id
0a163549a5512
date
Mon, 11 Nov 2024 15:01:45 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"1479-IXYgqTscQkI6AA60w6WuQegAZ7A"
last-modified
Sun, 10 Nov 2024 21:21:37 GMT
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
0a163549a5512
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (frc/4CEF)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-00000000000000000000a163549a5512-f81a44184dfd7f06-01
vary
Accept-Encoding
x-cache
HIT
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.com&t=xo&v=5.0.463&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21d06125019344e2222ffeaf89f03c0978d7e9ef39399804b1a746d8e782e235
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-jQYOuz/j4tYbCMBxAi0PB93W0i8/+2t8ttAOnTIk1kjpmJat' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

paypal-debug-id
f977258352f6c
content-encoding
gzip
etag
W/"368c-O2jWUbZUI+azxRT1EsoE367DH2w"
age
36645
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f977258352f6c-612142323413a12f-01
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, MISS
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-fra-etou8220044-FRA, cache-fra-etou8220044-FRA
x-cache-hits
1, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-jQYOuz/j4tYbCMBxAi0PB93W0i8/+2t8ttAOnTIk1kjpmJat' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1731337305.067752,VS0,VE7
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4801
x-xss-protection
1; mode=block
1638306756445368
connect.facebook.net/signals/config/ 		79 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1638306756445368?v=2.9.176&r=stable&domain=www.elfcosmetics.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
0525626e975fb6561640f3e8a4e1a8cd0cc7fd9ac389c319cc9776bffa105b34
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-YTJ90Zif' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-YTJ90Zif' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=77, mss=1232, tbw=70903, tp=67, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
qfE3S51i5BwgLD9dN/rX2ke5MnsqlE1DvvMRron9vEPpjzL7WDd2WCO3uWGtM1UWGDA2nLeCMobD7u5bZT3VOA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
15724
x-xss-protection
0
origin-agent-cluster
?1
logger
www.paypal.com/xoplatform/logger/api/ 		979 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54467f6ebdfd19a4e4046c1d250829b5da30764562ac841701850023c4bfd0a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f9041713a14ec
content-encoding
br
etag
W/"3d3-5YDU+qMSNH1nX1ndHDbcmEg86DY"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f9041713a14ec-d56d53373c5c155a-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220155-FRA, cache-fra-etou8220155-FRA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1731337305.390572,VS0,VE173
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://www.elfcosmetics.com
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Mon, 11 Nov 2024 15:01:45 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f90417115ac52
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f90417115ac52-2ac5988f4b4edfe2-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220155-FRA, cache-fra-etou8220155-FRA
x-timer
S1731337305.176127,VS0,VE173
src=9231397;dc_pre=CLG684jG1IkDFWCxOgUdGSc3sw;type=retarget;cat=globa0;ord=7814833169379;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=undefined;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=de...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=7814833169379;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=undefined;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLG684jG1IkDFWCxOgUdGSc3sw;type=retarget;cat=globa0;ord=7814833169379;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=undefined;uaa=;ua...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLG684jG1IkDFWCxOgUdGSc3sw;type=retarget;cat=globa0;ord=7814833169379;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=undefined;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629~102017403;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 11 Nov 2024 15:01:46 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CLG684jG1IkDFWCxOgUdGSc3sw;type=retarget;cat=globa0;ord=7814833169379;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=undefined;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629~102017403;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 11 Nov 2024 15:01:46 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
src=10742279;dc_pre=CP6JxojG1IkDFblZCAQd5lUvgw;type=elf8j0;cat=glo_flap;ord=2041919204011;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;f...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=2041919204011;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;p...
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CP6JxojG1IkDFblZCAQd5lUvgw;type=elf8j0;cat=glo_flap;ord=2041919204011;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uaf...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CP6JxojG1IkDFblZCAQd5lUvgw;type=elf8j0;cat=glo_flap;ord=2041919204011;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 11 Nov 2024 15:01:46 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CP6JxojG1IkDFblZCAQd5lUvgw;type=elf8j0;cat=glo_flap;ord=2041919204011;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 11 Nov 2024 15:01:45 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
config
pixel-config.reddit.com/pixels/t2_16331p/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_16331p/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/json
t2_16331p_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_16331p_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1731337305105&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=3b1ed4c480e6aeb94741492668dc8dd94afb714763b760517cdc0c9dbf763de6&uuid=0ba6c19e-a7d4-4869-a2e8-fa26ddd2f4d7&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
image/gif
server
Varnish
topics_api
psb.taboola.com/ 		65 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
private, max-age=2592000
retry-after
0
x-timer
S1731337305.215258,VS0,VE0
observe-browsing-topics
?1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
65
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-fra-etou8220140-FRA
server
Varnish
x-cache-hits
0
json
trc.taboola.com/1691051/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1691051/trc/3/json?tim=1731337305113&data=%7B%22id%22%3A381%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1731337305105%2C%22cv%22%3A%2220241107-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Delfcosmetics-sccnx%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1731337305113%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2F%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ee3a192e4b1670dc7a493f5c64e3bac1dafdafe799182bc8a638367f4948f76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220133-FRA
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
7395
x-timer
S1731337305.173896,VS0,VE16
x-vcl-time-ms
16
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.13274999999999998
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
main.5aecc8b1.js
s.pinimg.com/ct/lib/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
19576a00ececd1add5cecaa486d9f1f224597e55442a826c77d6ad17f8c11e07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

access-control-max-age
86400
cache-control
max-age=1209600
access-control-expose-headers
X-CDN
content-encoding
br
etag
"f1f002e8782a3d0f44fde21e97f61203"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
access-control-allow-origin
*
content-length
23676
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
ts
t.paypal.com/ 		42 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1731337305165&g=-60&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2F&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC5) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
paypal-debug-id
9ffc3e3660c08
pragma
no-cache
correlation-id
9ffc3e3660c08
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
traceparent;desc="00-00000000000000000009ffc3e3660c08-b5542ed2d9f8976e-01", content-encoding;desc="", x-cdn;desc="edgecast"
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
traceparent
00-00000000000000000009ffc3e3660c08-6f35d5c927c4227c-01
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
image/gif
vary
Accept-Encoding
server
ECAcc (frc/4CC5)
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&rl=&if=false&ts=1731337305173&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731337305170.333120866256340580&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1731337305061&coo=false&eid=1731337843648_173133761808510&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2909, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&rl=&if=false&ts=1731337305173&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731337305170.333120866256340580&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1731337305061&coo=false&eid=1731337843648_173133761808510&tm=1&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436037104699978638"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa230b3a6a6e8856b","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1521466687872304","1388537164494626"]},"debug_reporting":true,"debug_key":"4377217389104011883"}
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
f7TANypLbsO16yiekm57qZ3o0JxyyrxbYk8iu0W0LvFPm2j1498oHs/wKgvcvZBWw2TL9hyKKizaaM9XU6vy5g==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436037104699978638", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3227, tp=-1, tpl=-1, uplat=143, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 		547 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.elfcosmetics.com
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
age
6274
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 13:17:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 13:17:11 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222594
x-xss-protection
0
server
sffe
wave-3-holiday-gift-shop-2024-11-IMAGE-2_D
cdn.media.amplience.net/i/elfcosmetics/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-2_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-2_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-2_D?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1758030f8b1d8e6181269be414212eb170de414123d5701ad34d6ca9834d9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
76126
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:45 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 14:01:04 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
t_Pf33Adp,l4p5bDg2e,Jpp69AcNu,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
U2nZ5vqUEO
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28cd7b1be52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
37068
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
holiday-new-arrivals-2024-11-IMAGE-2_D
cdn.media.amplience.net/i/elfcosmetics/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-IMAGE-2_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-IMAGE-2_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-IMAGE-2_D?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ea801af4ef0b78763ef9d2798cbdb170f0d0f0f1778772886a1bcb40aa925e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
76126
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:45 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 17:04:23 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
d882moTK4,l4p5bDg2e,sAbjMe6N9,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
Oxud557uGo
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28cd7b22e52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
17485
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
widget.css
js.jebbit.com/companion/v1/ 		15 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.jebbit.com/companion/v1/widget.css
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b600:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69beb39687e8656561a843b13137c292498648b7f1ae665214eb292527cd436b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-amz-version-id
fgLtE0C.phC7FjS26Fxc9wt33wvWl9V5
etag
"c2b625a2843069c776e8a618c90b952a"
age
49592
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
15522
x-amz-cf-id
GlMuBRAFAXvfZ7EF4p6eeReIvzpYQkx9jc0abKVQlCA5TCOyc-B9UA==
date
Mon, 11 Nov 2024 01:15:13 GMT
content-type
text/css
last-modified
Mon, 07 Oct 2024 17:19:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
launcher_configs
external-api.jebbit.com/moments/v2/ 		2 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZ3d3cuZWxmY29zbWV0aWNzLmNvbSUyRg==&completedLightboxCampaigns=W10=&jebbitCookies=
Requested by
Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.29.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-29-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

surrogate-control
no-store
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-content-type-options
nosniff
expires
0
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-dns-prefetch-control
off
pragma
no-cache
access-control-allow-credentials
true
x-download-options
noopen
access-control-allow-origin
https://www.elfcosmetics.com
content-length
2
x-xss-protection
1; mode=block
5013978.js
bat.bing.com/p/action/ 		363 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5013978.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4A09F51DB6514D82866DF928919A85B0 Ref B: LON212050703051 Ref C: 2024-11-11T15:01:45Z
x-cache
CONFIG_NOCACHE
date
Mon, 11 Nov 2024 15:01:44 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
ig.js
cdn8.eu.inside.chat/ 		167 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn8.eu.inside.chat/ig.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:911 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf055e03c860dd88d9d4017203050548dc930d6b78749b07320c9b08f3625071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
public, max-age=3600
content-encoding
gzip
cf-cache-status
HIT
etag
75fd15fd6fcf6083994b9a43ad8e8323
age
166
cf-ray
8e0f28cd8c81d380-FRA
expires
Mon, 11 Nov 2024 16:01:45 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
59762
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
/
ct.pinterest.com/user/ 		320 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1731337305191&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.96.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-96-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
b265ad2613382e88fdc2c474d50abd70
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=600
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPVpqUmpZelEyWWpBdFlqTmpNUzAwTURrNExUbGpNakl0TXpsbU1HSTROamxpWkdJeQ
pinterest-version
d16ef5f66d42064f6a10d93cad2b1b66ef81c5eb
access-control-allow-origin
https://www.elfcosmetics.com
content-length
186
akamai-grn
0.e487645f.1731337305.b954383
x-pinterest-rid
1828539344314713
/
ct.pinterest.com/user/ 		320 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22event_id%22%3A%221731337843648_173133761808510%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1731337305192&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.96.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-96-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
8bd59a2adc8f474898a2387bed005d09
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
0
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPU1EaGtZVFl3WXpVdFlXVTFOeTAwTldWbExXSTJZVGN0WlRkaE56WmhOMlpoWkRNeQ
pinterest-version
d16ef5f66d42064f6a10d93cad2b1b66ef81c5eb
access-control-allow-origin
https://www.elfcosmetics.com
content-length
186
akamai-grn
0.e487645f.1731337305.b954385
x-pinterest-rid
1099841534490052
/
ct.pinterest.com/v3/ 		35 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%225aecc8b1%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1731337305193
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.96.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-96-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-pinterest-rid-128bit
95de447947ce606251535923ae32f225
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
image/gif
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pinterest-version
d16ef5f66d42064f6a10d93cad2b1b66ef81c5eb
access-control-allow-origin
https://www.elfcosmetics.com
content-length
35
akamai-grn
0.e487645f.1731337305.b954386
x-pinterest-rid
5860125549920449
main.MWQ2ODQwNTg2MA.js
analytics.tiktok.com/i18n/pixel/static/ 		335 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e510525512914182f11c0b1928d19bf4623a2cbd897694b007e0e31a93b7a605

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-cache
TCP_MEM_HIT from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-2411071256118597F96ECC883196D7F8-3322AE763D988795-00
content-length
95012
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202411071256118597F96ECC883196D7F8
server
nginx
x-akamai-request-id
8cb29bb7
x-tt-trace-host
01d431c0fdcfa9312272c1ae89d108d3b552d5ac4f4a233b04953e26d282f49fb2cc14bf0eee9c676b3a2eb8222c66252e0af022668261b2a2fc88d5868162c00135955ef2819225c0243e98f4ade4ebedc2a4f7855b1b4c616c4839de7a9439bf
main.MWQ2ODQwNTg2MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		341 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
40780f31a9399252b5f948ced83fc2a4e79cde535e3ebb8e001b911a71729bdd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-cache
TCP_HIT from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=4
x-tt-trace-id
00-241107125610761B2E706F286B94BD03-21424CBC1E5D9339-00
content-length
96682
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241107125610761B2E706F286B94BD03
server
nginx
x-akamai-request-id
8cb29bb8
x-tt-trace-host
019496eff7c7d47b417f2949601d540693d6d3052e7f6dccfbbf36ca09e71acd8cd40629ccbf55f0e631a8c2a0465cd21178b156404746e463839d73da5d5b5f8cddbc1d109ce31a55124008e8c35dd3117ba855ce4cbde07e060765ef5b7a86d3
config
www8.eu.inside.chat/ 		231 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.eu.inside.chat/config?acc=IN-1011171&pid=&c1=OK&dev=1&url=https%3A%2F%2Fwww.elfcosmetics.com&sid=1&j=1
Requested by
Host: cdn8.eu.inside.chat
URL: https://cdn8.eu.inside.chat/ig.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.8.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff8813cef2b81266148e34b36cac1269a47d0e1f79bb9d7ec8c4c36fb17f657
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8e0f28cf4cf7e504-TXL
expires
Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin
https://www.elfcosmetics.com
alt-svc
h3=":443"; ma=86400
p3p
CP="insert_p3p_privacy_policy_here"
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/json; charset=UTF-8
last-modified
Sat, 01 Jan 2000 00:00:00 GMT
server
cloudflare
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5013978&tm=gtm002&Ver=2&mid=d11e4e79-4714-423c-af66-7d18f5a30ac3&bo=1&sid=de2bf8c0a03d11ef99a8fb9d029cece2&vid=de2c05c0a03d11ef8ef87b25f3b0971e&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&p=https%3A%2F%2Fwww.elfcosmetics.com%2F&r=&lt=3787&evt=pageLoad&sv=1&cdb=AQEX&rn=106665
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A78B35B39AA64509A79658061ED1020C Ref B: LON212050703051 Ref C: 2024-11-11T15:01:45Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Mon, 11 Nov 2024 15:01:44 GMT
jsp
ut.rd.linksynergy.com/ 		148 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
dd2d83db930d4156a701b5cccf16b237cfda61899513e46b0648730461bc1d4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
date
Mon, 11 Nov 2024 15:01:45 GMT
x-samesite
secure
content-type
text/plain; charset=utf-8
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-cache
TCP_MEM_HIT from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id
00-240830022649CA440527416BD36013BC-5FB018182A83CFA2-00
content-length
39451
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20240830022649CA440527416BD36013BC
server
nginx
x-akamai-request-id
8cb2a170
x-tt-trace-host
010b31067e876c712ee621d1117d24ca7842e88c0cd8303ef08f11fec37ae720cdf36686aa7f2448ee54ad225e1dcf82b79be1a4bc399c96f9c1b3065608284660cc15ae60ec1a38ecfb4eee7e532758235444c0e2f6e91171b119badf5ba56192
performance_interaction
analytics.tiktok.com/api/v2/ 		0
874 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/performance_interaction
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-100-41.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=19, inner; dur=14
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
x-akamai-request-id
d9e01971.8cb2a171
access-control-allow-headers
Authorization,*
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af2b984c496d0d36572fb5eda7cbf09ff2d4aa3a787535c94913ff9d92e003d8f778080942bfabdfc24ab355f16c89ae40eaf7e81a9e686862a6099ec83fb498342d03866bc6c1f9e537c91e6e2af4e34f2dd5d40250af3fd49f063283c421bdbba
x-origin-response-time
19,23.48.100.41
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241111150145608549BE8667CE1590A0-66834C1F54BC6B64-00
content-length
0
x-parent-response-time
105,23.51.23.79
x-tt-logid
20241111150145608549BE8667CE1590A0
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
873 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-100-41.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=25, inner; dur=22
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
x-akamai-request-id
d9e019ad.8cb2a172
access-control-allow-headers
Authorization,*
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af2b984c496d0d36572fb5eda7cbf09ff2d4aa3a787535c94913ff9d92e003d8f77b8e761901350e175b8d8e22ac3dca0b06fc01918326a80c55c61d43341876d8d469e91976180ccf74ec44d1a67b9198cbae86ad460bae3cdd953494624a7c8bb
x-origin-response-time
25,23.48.100.41
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24111115014532636B196152CE6EC303-6DF27619581C262B-00
content-length
0
x-parent-response-time
112,23.51.23.79
x-tt-logid
2024111115014532636B196152CE6EC303
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
874 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

x-cache-remote
TCP_MISS from a23-55-100-6.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=118, origin; dur=111, inner; dur=108
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
x-akamai-request-id
a0b73d2b.8cb2a173
access-control-allow-headers
Authorization,*
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af228c81023ff5a33f9b457266f8883c38222d96702acfae09f9740d4915f2e3061c0f7309df87eac2af61d42a2813b4a9f1b604eccf0aeb6e47ad6c6b7d3fc5bcbd3558de7463a3e6f86ff2bb13f8d91d2cc46d831116a1607b7c087e7b5492bc2
x-origin-response-time
111,23.55.100.6
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24111115014524F33E9E2DBE8B75265F-02A7D1F47949B7C6-00
content-length
0
x-parent-response-time
202,23.51.23.79
x-tt-logid
2024111115014524F33E9E2DBE8B75265F
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
871 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-100-71.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=20, inner; dur=16
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
x-akamai-request-id
bdd5e05b.8cb2a174
access-control-allow-headers
Authorization,*
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af2b984c496d0d36572fb5eda7cbf09ff2d9296416b21ee6cbde6b09a1150d253c7388b9a6a8634a09acde004c803b871dbb8520463554d808c517c34007d4245d5a76c19b0beebc68cca789c2e0fff08152411eeaaf3bdeb004ab7975ee8d23d35
x-origin-response-time
20,23.48.100.71
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24111115014540906042BD68026B335E-1D6691FF8E1AF192-00
content-length
0
x-parent-response-time
108,23.51.23.79
x-tt-logid
2024111115014540906042BD68026B335E
server
nginx
act
analytics.tiktok.com/api/v2/pixel/ 		0
873 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-100-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=98, origin; dur=43, inner; dur=39
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
x-akamai-request-id
eb803a27.8cb2a35b
access-control-allow-headers
Authorization,*
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af2b984c496d0d36572fb5eda7cbf09ff2d18f47b3bd6f880d1bd4dd98755a286c31b9f908b95d92cb033d561aa4305c81e2ffdfb3d02c47ad17569797c3aff2e094225eb9f2fc0a80803695ce638958c3c8501b378254228b36f816151fbfd4031
x-origin-response-time
43,23.48.100.90
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241111150145AD8852F4B0D09C79B370-1ED347A22FE295AA-00
content-length
0
x-parent-response-time
131,23.51.23.79
x-tt-logid
20241111150145AD8852F4B0D09C79B370
server
nginx
act
analytics.tiktok.com/api/v2/pixel/ 		0
872 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-100-41.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=93, origin; dur=33, inner; dur=29
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
x-akamai-request-id
d9e01835.8cb2a35c
access-control-allow-headers
Authorization,*
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af2b984c496d0d36572fb5eda7cbf09ff2d4aa3a787535c94913ff9d92e003d8f778080942bfabdfc24ab355f16c89ae40ee4a0676967fde120acad7a6c847a5402ed7656f830e2518dea8c830a452b8476da25cf1634e7769603aff52ff3e610f3
x-origin-response-time
33,23.48.100.41
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241111150145608549BE8667CE1590A6-79C9A66C16E97D00-00
content-length
0
x-parent-response-time
120,23.51.23.79
x-tt-logid
20241111150145608549BE8667CE1590A6
server
nginx
act
analytics.tiktok.com/api/v2/pixel/ 		0
873 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-100-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=109, origin; dur=60, inner; dur=54
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
x-akamai-request-id
eb80448a.8cb2a35d
access-control-allow-headers
Authorization,*
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af2b984c496d0d36572fb5eda7cbf09ff2d18f47b3bd6f880d1bd4dd98755a286c3d7301a6ed34249517ba10e7db31a96833e2a0c29aec8e5ba7d1d3af707dab1c156c8029a08b9a34b4e8309a78de0363ab9dba6d41b4dc9c80caea74f287c419e
x-origin-response-time
61,23.48.100.90
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2411111501457737F0E3C7879D76D2A5-62741DE368BBACEA-00
content-length
0
x-parent-response-time
160,23.51.23.79
x-tt-logid
202411111501457737F0E3C7879D76D2A5
server
nginx
act
analytics.tiktok.com/api/v2/pixel/ 		0
872 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

x-cache-remote
TCP_MISS from a23-55-100-6.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=33, inner; dur=30
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
x-akamai-request-id
a0b74701.8cb2a35e
access-control-allow-headers
Authorization,*
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af228c81023ff5a33f9b457266f8883c38222d96702acfae09f9740d4915f2e306164c3a385a724983d1d08983474a00a067ae148f8d457816a4201317c1b33c9653e3b2df3296d5453827b2c2ad907840e89db5f0db4b1943f76883a03d4ba03f9
x-origin-response-time
33,23.55.100.6
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2411111501453A7D65CE4252126FAB6F-01F0B5B42F280D70-00
content-length
0
x-parent-response-time
120,23.51.23.79
x-tt-logid
202411111501453A7D65CE4252126FAB6F
server
nginx
act
analytics.tiktok.com/api/v2/pixel/ 		0
872 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

x-cache-remote
TCP_MISS from a23-55-100-6.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=33, inner; dur=31
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
x-akamai-request-id
a0b74559.8cb2a35f
access-control-allow-headers
Authorization,*
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af228c81023ff5a33f9b457266f8883c38222d96702acfae09f9740d4915f2e30617bbf18bb1427c472609bfd197c68ab04207efdc40254da3a1031763c59785e55f03fbe5db52bb49feade9d1820bdd3d3e179a0d71ca392615ce5a63d077ed28c
x-origin-response-time
33,23.55.100.6
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241111150145862436E4F376A1766D35-2A0AEFF37E202B7A-00
content-length
0
x-parent-response-time
119,23.51.23.79
x-tt-logid
20241111150145862436E4F376A1766D35
server
nginx
collect
sgtm.elfcosmetics.com/g/ 		65 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4b70v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13m3m3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101823848~101925629&cid=247771635.1731337305&ecid=668276021&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-NW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sst.rnd=2124806892.1731337304&sst.etld=google.de&sst.gcsub=region1&sst.adr=1&sst.ude=0&sid=1731337304&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&_s=3&tfd=4738&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmetics.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
text/plain
server
Google Frontend
anchor
www.google.com/recaptcha/api2/ Frame 14C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcA2G4UAAAAAK-fHuRDYBsNQoJlqlDqQvrjGwQu&co=aHR0cHM6Ly93d3cuZWxmY29zbWV0aWNzLmNvbTo0NDM.&hl=de&type=image&v=-ZG7BC9TxCVEbzIO2m429usb&theme=light&size=invisible&badge=bottomright&cb=cwpy6xp6ci4f
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f196.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J24Z1CfY6Kcu7xpPJKnt4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-J24Z1CfY6Kcu7xpPJKnt4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Nov 2024 15:01:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
token
www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
4d8a4af48b936e1cc8243afdf8ecfbc76383b229ba9c9cb06d31be07e65bca8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Authorization
Referer
https://www.elfcosmetics.com/
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-correlation-id
8e0f28d00ecc5eec
age
0
x-ratelimit-1m-limit
24000, 2000000
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
QRFasYbynx-r6cZHjUqfJBLgQf1ggtZRrqfMi4gOWiFUIU02tRuRIA==
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/json
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897066 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
strict-transport-security
max-age=31536000; includeSubDomains
x-yottaa-os
200
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 6778e3146eb385e3772c8de867b2c290.cloudfront.net (CloudFront)
cf-ray
8e0f28d00ecc5eec-PDX
x-yottaa-metrics
2521cc0285f6/[170,169,-] 25D1cc028561/[-,171.110]
access-control-allow-origin
*
x-ratelimit-1m-remaining
22947, 1930639
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-amz-cf-pop
SFO53-P7
x-ratelimit-1m-reset
14338, 14337
cnxtag-min.js
js.cnnx.link/roi/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:200:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d5267085b5489f178aae1444e1367dbca2debc7c061d5ddd803a16711a19c93b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
max-age=600
content-encoding
gzip
age
557
via
1.1 google, 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
LAKB0B4FxwxfsFwrd1vmGNeeaR3xR0xSLJzI4jGKk8aUpN-gnjlsdQ==
date
Mon, 11 Nov 2024 14:52:28 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA2-C2
/
ct.pinterest.com/v3/ 		35 B
790 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22event_id%22%3A%221731337843648_173133761808510%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1731337305568&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVpqUmpZelEyWWpBdFlqTmpNUzAwTURrNExUbGpNakl0TXpsbU1HSTROamxpWkdJeQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%225aecc8b1%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.96.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-96-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-pinterest-rid-128bit
0341b4123814fc7e12b8660e5d605511
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
image/gif
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pinterest-version
d16ef5f66d42064f6a10d93cad2b1b66ef81c5eb
access-control-allow-origin
https://www.elfcosmetics.com
content-length
35
akamai-grn
0.e487645f.1731337305.b9543d5
x-pinterest-rid
1348940300279633
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

paypal-debug-id
492efdb6ae33c
content-encoding
br
etag
"64f25363-daa8"
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 16:01:45 GMT
traceparent
00-0000000000000000000492efdb6ae33c-fe745ca8fdc745cb-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/javascript
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
content-length
15742
server
ECAcc (frc/4CA9)
runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		908 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=zwy9lg==, md5=HCxXU9+1dkCoulTxEZNLMA==
etag
"1c2c5753dfb57640a8ba54f111934b30"
age
24971
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
509
date
Mon, 11 Nov 2024 08:05:34 GMT
last-modified
Wed, 06 Nov 2024 15:25:57 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY1y8ff7IrCfpi7MLkY27UkjIg9E8-xYdSWQ62Mc5-cIv2XKCn-qp_jXpgPQEpsIz8qQFtlK7tziiA
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730906757613531
content-length
509
server
UploadServer
cf
www8.eu.inside.chat/page/ 		168 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.eu.inside.chat/page/cf?_=1731337305567.3206
Requested by
Host: cdn8.eu.inside.chat
URL: https://cdn8.eu.inside.chat/ig.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.8.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96f710d5e2d5eeedf23b684873c8eb8929df1292cbd0627a1a937d2226c20522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8e0f28d069cfe504-TXL
expires
Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin
https://www.elfcosmetics.com
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/json
last-modified
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
server
cloudflare
index.html
www.paypalobjects.com/muse/analytics/ Frame B306 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
br
content-length
16057
content-type
text/html
date
Mon, 11 Nov 2024 15:01:45 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"671aa070-db19"
expires
Mon, 11 Nov 2024 16:01:45 GMT
last-modified
Thu, 24 Oct 2024 19:30:56 GMT
paypal-debug-id
338c88f722f02
server
ECAcc (frc/4CBF)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000338c88f722f02-510a473e6ba91a0b-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
act
analytics.tiktok.com/api/v2/pixel/ 		0
876 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

x-cache-remote
TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=153, origin; dur=42, inner; dur=40
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:45 GMT
x-akamai-request-id
42d8ccfd.8cb2aa40
access-control-allow-headers
Authorization,*
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af24afbd6fdb6ae6a7670d8650e0382406013eb33b4b3c324cf289a747949dd7dab1972888b329fcd437d6175a0a95d4ec77ed66046f88acfcb2cc4a7e944307efabb4cac4b4a953461c3a9b263f7569772d2b76f227b4ca2b1a911196b96b684f2
x-origin-response-time
43,23.220.104.19
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2411111501453A0B99D1F38B6976F75F-432A1CE811E12A2B-00
content-length
0
x-parent-response-time
179,23.51.23.79
x-tt-logid
202411111501453A0B99D1F38B6976F75F
server
nginx
frontend-framework.js.bundle
cdn8.eu.inside.chat//js/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn8.eu.inside.chat//js/frontend-framework.js.bundle?v=a741df0-5
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ada904b348f3aec8423f2b8a1335f55aa68d2d8d636da40fb02a2ac7cd4b193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
public, max-age=691200
content-encoding
br
cf-bgj
minify
etag
W/"b3dc4c62828cfc4d4eb3792ee171d025"
age
2626
cf-cache-status
HIT
cf-ray
8e0f28d10c99453a-TXL
expires
Tue, 19 Nov 2024 15:01:45 GMT
cf-polished
origSize=317309
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
ts
t.paypal.com/ 		42 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1731337305756&g=-60&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2F&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D05) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
paypal-debug-id
76c4927fc14ce
pragma
no-cache
correlation-id
76c4927fc14ce
expires
Mon, 11 Nov 2024 15:01:45 GMT
server-timing
traceparent;desc="00-000000000000000000076c4927fc14ce-f6afe2959be31171-01", content-encoding;desc="", x-cdn;desc="edgecast"
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
traceparent
00-000000000000000000076c4927fc14ce-2983f18d76cb3ef0-01
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
image/gif
vary
Accept-Encoding
server
ECAcc (frc/4D05)
main-v2_e09343dd04d7b7bcfa02231dd6dc80d7.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		523 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_e09343dd04d7b7bcfa02231dd6dc80d7.br.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ce96a5e072a92643e09a6f22a824855c7abde5c2b8490f8aeee98e66c6bfcf79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=b9nRjg==, md5=kL1DlL7DU3P+cwl6feoupQ==
etag
"90bd4394bec35373fe73097a7dea2ea5"
age
24723
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
115885
date
Mon, 11 Nov 2024 08:09:42 GMT
last-modified
Wed, 06 Nov 2024 15:25:44 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY1yfVJbh3GapuAh97GV8HRJvbj_v9BKvLNZs8CXr09s39tF2Kdjuxzm6mTpWcpex7J81xtaSwnUAQ
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730906744160264
content-length
115885
server
UploadServer
cjs_min_6ef1802500d8367a80105e664862d0d7.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_6ef1802500d8367a80105e664862d0d7.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
56aea4e78cf1538541603e3c8f14b15dfc9bfee27cadb946f8b3017ebe8abe3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
gzip
x-goog-hash
crc32c=6P9MLA==, md5=6BERCLAZEJG3E4hTDg5sSQ==
etag
"e8111108b0191091b71388530e0e6c49"
age
263574
ad-auction-allowed
true
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
15758
date
Fri, 08 Nov 2024 13:48:51 GMT
last-modified
Wed, 06 Nov 2024 14:57:41 GMT
content-type
text/javascript; charset=utf-8
x-guploader-uploadid
AHmUCY0kC4dEcZr8-mK8wGMMVQmT4PNfMjBJC_NBwWeROlArdFd3p7KrzcfagkNufviE6dR1OyvOOC3i6A
cache-control
public,max-age=31536000,no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730905061873049
content-length
15758
server
UploadServer
sessions
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJiMDdlNmQ4Ny1jN2U5LTQ4ZGItOWJjZS1hNTMwMDhjNzM3MTgiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjIyNGNlMzI1LWNjYjctNDJhYi1iNWQ2LTY1MTI5ZmRiMTAyNSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MzEzMzcyNzUsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0hnWXcwc1hrSHNSdzBsR2xXWVlrS2RHOjpjaGlkOmVsZi11cyIsImV4cCI6MTczMTMzOTEwNSwiaWF0IjoxNzMxMzM3MzA1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxMDAxMjA4MjQyOTUzNzY2OCJ9.8QZNgsOB8cxTkg13qTGmNPj2CXP9xUT6XNS4cdcEJMb4QoaJ_uQFCyY7ojwtQGeeY0RFb9kwHnrmiVh12frMdA
Referer
https://www.elfcosmetics.com/

Response headers

access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-dw-request-base-id
fshJR1kcMmcBAAB_
x-dw-version-status
obsolete
age
0
cf-cache-status
DYNAMIC
expires
Thu, 01 Dec 1994 16:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
xSlJ-tb5fDpZvn89KFuCH9cKyCFzI54mHPgqXhjfOV2HpcxHUkqReQ==
date
Mon, 11 Nov 2024 15:01:46 GMT
x-yottaa-optimizations
ob/0 si/25D1cc028561-1730834774-9715897080 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-os
204
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
allow
OPTIONS,POST
cf-ray
8e0f28d28afa5ef2-PDX
x-yottaa-metrics
2521cc028a84/[228,228,-] 25D1cc028561/[-,230.006]
via
1.1 9a448e42428e8683fe0fc64dff7a7112.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions
x-amz-cf-pop
SFO53-P7
shoppercontext
www.elfcosmetics.com/api/v1/ 		134 B
911 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b50038ad6b0d87bfbfaa940f269aff36d438741d119d8aaf57fbf97712a5caa3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJiMDdlNmQ4Ny1jN2U5LTQ4ZGItOWJjZS1hNTMwMDhjNzM3MTgiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjIyNGNlMzI1LWNjYjctNDJhYi1iNWQ2LTY1MTI5ZmRiMTAyNSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MzEzMzcyNzUsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0hnWXcwc1hrSHNSdzBsR2xXWVlrS2RHOjpjaGlkOmVsZi11cyIsImV4cCI6MTczMTMzOTEwNSwiaWF0IjoxNzMxMzM3MzA1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxMDAxMjA4MjQyOTUzNzY2OCJ9.8QZNgsOB8cxTkg13qTGmNPj2CXP9xUT6XNS4cdcEJMb4QoaJ_uQFCyY7ojwtQGeeY0RFb9kwHnrmiVh12frMdA
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-amzn-remapped-content-length
134
content-encoding
gzip
x-amzn-remapped-connection
close
etag
W/"86-+zmIPv8Gmh5rUok6wVFQOBt53BE"
age
0
x-amzn-requestid
24999beb-2491-438d-b8f1-191787113a4d
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
mowG8qlQD4l_qNJoMJPB6KrIKkASSt3JPzJ90CHFC-AytE7t3O_qXQ==
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json; charset=utf-8
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897081 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
strict-transport-security
max-age=15552000; includeSubDomains
x-yottaa-os
200
x-amz-apigw-id
BFleKFxPiYcEePQ=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:46 GMT
x-amzn-trace-id
Root=1-67321c5a-162681ad5eabfa3b77c7dfc5;Parent=6b33779ff739ef75;Sampled=0;Lineage=1:2b75b0e9:0
via
1.1 d52f5364539f50d2591f4996970cf25e.cloudfront.net (CloudFront)
x-yottaa-metrics
2521cc028a85/[528,527,-] 25D1cc028561/[-,529.280]
access-control-allow-origin
*
content-length
119
x-amz-cf-pop
SFO53-P7
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ddc8d0849cd63f016bf6e739fef30f0fcbefa98f2232c2b455eba966bf1b79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/
BRAZE-SYNC-RETRY-COUNT
0
X-Braze-DataRequest
true
X-Braze-Last-Req-Ms-Ago
1496
X-Braze-ContentCardsRequest
true
X-Braze-Req-Attempt
1
X-Braze-Req-Tokens-Remaining
27
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age
7200
x-request-id
8a2adf2a-fb7a-496a-8177-b31a01b03e36
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"95ddc8d0849cd63f016bf6e739fef30f"
access-control-allow-methods
POST, GET
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.045481
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1731337308
cf-ray
8e0f28d1ce2258e4-TXL
x-ratelimit-remaining
492.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
shoppercontext
www.elfcosmetics.com/api/v1/ 		134 B
910 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b50038ad6b0d87bfbfaa940f269aff36d438741d119d8aaf57fbf97712a5caa3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJiMDdlNmQ4Ny1jN2U5LTQ4ZGItOWJjZS1hNTMwMDhjNzM3MTgiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjIyNGNlMzI1LWNjYjctNDJhYi1iNWQ2LTY1MTI5ZmRiMTAyNSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MzEzMzcyNzUsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0hnWXcwc1hrSHNSdzBsR2xXWVlrS2RHOjpjaGlkOmVsZi11cyIsImV4cCI6MTczMTMzOTEwNSwiaWF0IjoxNzMxMzM3MzA1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxMDAxMjA4MjQyOTUzNzY2OCJ9.8QZNgsOB8cxTkg13qTGmNPj2CXP9xUT6XNS4cdcEJMb4QoaJ_uQFCyY7ojwtQGeeY0RFb9kwHnrmiVh12frMdA
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-amzn-remapped-content-length
134
content-encoding
gzip
x-amzn-remapped-connection
close
etag
W/"86-+zmIPv8Gmh5rUok6wVFQOBt53BE"
age
0
x-amzn-requestid
648ede05-f449-41ea-9102-545aedbc5cea
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
w5RUqqvb8UgIu8XInK5CJMvzYfhmrnLPke-EKA9hfIM80b0qfJUrBA==
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json; charset=utf-8
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897082 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
strict-transport-security
max-age=15552000; includeSubDomains
x-yottaa-os
200
x-amz-apigw-id
BFleKFwyCYcEaCg=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:46 GMT
x-amzn-trace-id
Root=1-67321c5a-36979fd257f261032480a201;Parent=1651ccb3d149d707;Sampled=0;Lineage=1:2b75b0e9:0
via
1.1 42e027e0a25dba57ed6be490a4389144.cloudfront.net (CloudFront)
x-yottaa-metrics
2521cc028a86/[590,588,-] 25D1cc028561/[-,591.106]
access-control-allow-origin
*
content-length
119
x-amz-cf-pop
SFO53-P7
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ddc8d0849cd63f016bf6e739fef30f0fcbefa98f2232c2b455eba966bf1b79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/
BRAZE-SYNC-RETRY-COUNT
0
X-Braze-DataRequest
true
X-Braze-Last-Req-Ms-Ago
1
X-Braze-ContentCardsRequest
true
X-Braze-Req-Attempt
1
X-Braze-Req-Tokens-Remaining
26
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age
7200
x-request-id
fa4677da-1d0f-41bf-86b3-85da93496ee2
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"95ddc8d0849cd63f016bf6e739fef30f"
access-control-allow-methods
POST, GET
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.060705
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1731337308
cf-ray
8e0f28d1ce2358e4-TXL
x-ratelimit-remaining
491.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
geo-ip
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.109
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Referer
https://www.elfcosmetics.com/
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json

Response headers

content-encoding
gzip
x-dw-request-base-id
lUqxeVocMmcBAAB_
x-dw-version-status
obsolete
age
0
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
Fte-P1DTPE9EA9aguKSfkCbPkPOibt4IZobm5y9iI5H274M5djrxuA==
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json;charset=UTF-8
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897083 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
sfdc_customization
HOOK
x-yottaa-os
200
cache-control
max-age=0,no-cache,no-store,must-revalidate
allow
GET,HEAD,OPTIONS
cf-ray
8e0f28d3db6d5ed3-PDX
x-yottaa-metrics
2521cc028a8f/[260,258,-] 25D1cc028561/[-,261.648]
via
1.1 496003b8c4e3056a62dc655a8393be56.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.109
x-amz-cf-pop
SFO53-P7
geo-ip
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.109
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Referer
https://www.elfcosmetics.com/
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json

Response headers

content-encoding
gzip
x-dw-request-base-id
lUrUeVocMmcBAAB_
x-dw-version-status
obsolete
age
0
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
DwYZY7cOL6cvILivEQxhQ_YdJlhYfYvKD57Jk3Mr3xtwA9gTpdZhaA==
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json;charset=UTF-8
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897096 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
sfdc_customization
HOOK
x-yottaa-os
200
cache-control
max-age=0,no-cache,no-store,must-revalidate
allow
GET,HEAD,OPTIONS
cf-ray
8e0f28d69c6727a8-SEA
x-yottaa-metrics
2521cc0285f7/[242,240,-] 25D1cc028561/[-,243.375]
via
1.1 1401c4844b3ea759244fef5091fc307a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.109
x-amz-cf-pop
SFO53-P7
destination
www.googletagmanager.com/gtag/ 		230 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fc55425b0c93f793ce803a10a20cb49b844a82f847c0c3d09dccd0c5c8333a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 11 Nov 2024 15:01:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83887
x-xss-protection
0
server
Google Tag Manager
event
www.elfcosmetics.com/api/en-us/v2.0/ 		105 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/ Express
Resource Hash
daae00cdc537a324a902275e68556509bb363e0e4937073a98bf996bc99322cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
x-amzn-remapped-connection
keep-alive
etag
W/"69-tWutbP+WvB+RlEf7ltItW96S9Qs"
age
0
x-content-type-options
nosniff
x-amzn-requestid
df92d394-a5de-42ad-884c-7997fb8709e3
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897086 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-os
200
x-amz-apigw-id
BFleKHAfPHcELrA=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:46 GMT
x-yottaa-metrics
2521cc028523/[164,162,-] 25D1cc028561/[-,164.500]
access-control-allow-origin
*
content-length
110
x-powered-by
Express
event
www.elfcosmetics.com/api/en-us/v2.0/ 		105 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/ Express
Resource Hash
daae00cdc537a324a902275e68556509bb363e0e4937073a98bf996bc99322cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
x-amzn-remapped-connection
keep-alive
etag
W/"69-tWutbP+WvB+RlEf7ltItW96S9Qs"
age
0
x-content-type-options
nosniff
x-amzn-requestid
04a7d2a4-cc80-4b35-a19e-decbd58bca7a
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897087 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-os
200
x-amz-apigw-id
BFleKH95vHcEh9A=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:46 GMT
x-yottaa-metrics
2521cc028a87/[157,156,-] 25D1cc028561/[-,158.101]
access-control-allow-origin
*
content-length
110
x-powered-by
Express
event
www.elfcosmetics.com/api/en-us/v2.0/ 		105 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/ Express
Resource Hash
daae00cdc537a324a902275e68556509bb363e0e4937073a98bf996bc99322cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
x-amzn-remapped-connection
keep-alive
etag
W/"69-tWutbP+WvB+RlEf7ltItW96S9Qs"
age
0
x-content-type-options
nosniff
x-amzn-requestid
4cd3fe0b-e27b-4657-b28c-5735b131dfef
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897088 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-os
200
x-amz-apigw-id
BFleKGCgvHcEZlQ=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:46 GMT
x-yottaa-metrics
2521cc028a8b/[170,169,-] 25D1cc028561/[-,171.595]
access-control-allow-origin
*
content-length
110
x-powered-by
Express
event
www.elfcosmetics.com/api/en-us/v2.0/ 		105 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/ Express
Resource Hash
daae00cdc537a324a902275e68556509bb363e0e4937073a98bf996bc99322cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
x-amzn-remapped-connection
keep-alive
etag
W/"69-tWutbP+WvB+RlEf7ltItW96S9Qs"
age
0
x-content-type-options
nosniff
x-amzn-requestid
c48e3b87-25b5-4cb4-80c3-9b9fa67bfc8a
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897089 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-os
200
x-amz-apigw-id
BFleKGKhPHcEHng=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:46 GMT
x-yottaa-metrics
2521cc028a89/[165,163,-] 25D1cc028561/[-,165.780]
access-control-allow-origin
*
content-length
110
x-powered-by
Express
src=10742279;dc_pre=CN33_YjG1IkDFd-vOgUdtmoFTw;type=elf8j0;cat=glo_flhp;ord=5644486140594;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;f...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=5644486140594;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;p...
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CN33_YjG1IkDFd-vOgUdtmoFTw;type=elf8j0;cat=glo_flhp;ord=5644486140594;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uaf...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CN33_YjG1IkDFd-vOgUdtmoFTw;type=elf8j0;cat=glo_flhp;ord=5644486140594;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 11 Nov 2024 15:01:46 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CN33_YjG1IkDFd-vOgUdtmoFTw;type=elf8j0;cat=glo_flhp;ord=5644486140594;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 11 Nov 2024 15:01:46 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
baskets
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkHgYw0sXkHsRw0lGlWYYkKdG/ 		11 B
986 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkHgYw0sXkHsRw0lGlWYYkKdG/baskets?siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJiMDdlNmQ4Ny1jN2U5LTQ4ZGItOWJjZS1hNTMwMDhjNzM3MTgiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjIyNGNlMzI1LWNjYjctNDJhYi1iNWQ2LTY1MTI5ZmRiMTAyNSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MzEzMzcyNzUsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0hnWXcwc1hrSHNSdzBsR2xXWVlrS2RHOjpjaGlkOmVsZi11cyIsImV4cCI6MTczMTMzOTEwNSwiaWF0IjoxNzMxMzM3MzA1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxMDAxMjA4MjQyOTUzNzY2OCJ9.8QZNgsOB8cxTkg13qTGmNPj2CXP9xUT6XNS4cdcEJMb4QoaJ_uQFCyY7ojwtQGeeY0RFb9kwHnrmiVh12frMdA
Referer
https://www.elfcosmetics.com/
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

x-yottaa-metrics
2521cc028516/[193,191,-] 25D1cc028561/[-,194.511]
x-correlation-id
8e0f28d3fcacefda
cf-cache-status
DYNAMIC
content-encoding
gzip
age
0
x-content-type-options
nosniff
expires
Thu, 01 Dec 1994 16:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
imcMRynVPdfvmbvuKHWJVTqfTBG746F3ZpqBScwHgBkpo3r4BRKzYQ==
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897084 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
strict-transport-security
max-age=31536000; includeSubDomains
sfdc_customization
HOOK
x-yottaa-os
200
cache-control
no-cache, no-store
pragma
no-cache
via
1.1 fd0518257f901c4d9c7dc3b36830c8be.cloudfront.net (CloudFront)
sfdc_cache_status
MISS [0/1]
cf-ray
8e0f28d3fcacefda-PDX
accept-ranges
bytes
access-control-allow-origin
*
sfdc_load
2
content-length
37
dnt
0
x-ratelimit-limit
99999
x-ratelimit-remaining
999
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkHgYw0sXkHsRw0lGlWYYkKdG/baskets?siteId=elf-us
x-amz-cf-pop
SFO53-P7
dpx
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/dpx?cnst=1&_=629587&name=HP_Visit&props=%7B%7D&uid=-5219671725872898984&sec=8772046&cl=dk.l.c.ws.fst.&ses=b49aba3bed89eba793085c5667699d0a&l=def&p=1&sd=&rf=&trf=0&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%224854668971804734322%22%2C%222%22%2C%223%22%2C%224854668972143915103%22%5D%2C%5B%221261284%22%2C%2211209913%22%2C%2227119924%22%2C0%2Cnull%2Cnull%2C%224854668972467072187%22%2C%221%22%2Cnull%2C%224854668970903793634%22%5D%2C%5B%221574966%22%2C%2212698518%22%2C%2228347247%22%2C0%2Cnull%2Cnull%2C%224854668972461028829%22%2C%221%22%2Cnull%2C%224854668971957290824%22%5D%2C%5B%221609852%22%2C%2212669413%22%2C%2228321879%22%2C0%2Cnull%2Cnull%2C%224854668970604018590%22%2C%221%22%2Cnull%2C%224854668971211863839%22%5D%2C%5B%221456848%22%2C%2212301507%22%2C%2227819391%22%2C0%2Cnull%2Cnull%2C%224854668973856964196%22%2C%221%22%2Cnull%2C%224854668970736644338%22%5D%2C%5B%221575901%22%2C%2212991774%22%2C%2228207095%22%2C0%2Cnull%2Cnull%2C%224854668970376653924%22%2C%221%22%2Cnull%2C%224854668970181250291%22%5D%2C%5B%221750936%22%2C%2213617998%22%2C%2228818377%22%2C0%2Cnull%2Cnull%2C%224854668973680597231%22%2C%221%22%2Cnull%2C%224854668970350636850%22%5D%2C%5B%221750954%22%2C%2213618112%22%2C%2228973875%22%2C0%2Cnull%2Cnull%2C%224854668971439873118%22%2C%221%22%2Cnull%2C%224854668970393341920%22%5D%5D&expSes=89274&tsrc=Direct&reqts=1731337306125&rri=2438449&internalId=&ctx=%7B%22lng%22%3A%22en-US%22%7D&geoData=DE__
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
HIKiUQdgp9MlTne4qmDaHx91CVOppL-oXa_exIjjFfW6IkEnDuE2JQ==
date
Mon, 11 Nov 2024 15:01:46 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
dpx
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/dpx?cnst=1&_=717994&name=HP_Visit&props=%7B%7D&uid=-5219671725872898984&sec=8772046&cl=dk.l.c.ws.fst.&ses=b49aba3bed89eba793085c5667699d0a&l=def&p=1&sd=&rf=&trf=0&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%224854668971804734322%22%2C%222%22%2C%223%22%2C%224854668972143915103%22%5D%2C%5B%221261284%22%2C%2211209913%22%2C%2227119924%22%2C0%2Cnull%2Cnull%2C%224854668972467072187%22%2C%221%22%2Cnull%2C%224854668970903793634%22%5D%2C%5B%221574966%22%2C%2212698518%22%2C%2228347247%22%2C0%2Cnull%2Cnull%2C%224854668972461028829%22%2C%221%22%2Cnull%2C%224854668971957290824%22%5D%2C%5B%221609852%22%2C%2212669413%22%2C%2228321879%22%2C0%2Cnull%2Cnull%2C%224854668970604018590%22%2C%221%22%2Cnull%2C%224854668971211863839%22%5D%2C%5B%221456848%22%2C%2212301507%22%2C%2227819391%22%2C0%2Cnull%2Cnull%2C%224854668973856964196%22%2C%221%22%2Cnull%2C%224854668970736644338%22%5D%2C%5B%221575901%22%2C%2212991774%22%2C%2228207095%22%2C0%2Cnull%2Cnull%2C%224854668970376653924%22%2C%221%22%2Cnull%2C%224854668970181250291%22%5D%2C%5B%221750936%22%2C%2213617998%22%2C%2228818377%22%2C0%2Cnull%2Cnull%2C%224854668973680597231%22%2C%221%22%2Cnull%2C%224854668970350636850%22%5D%2C%5B%221750954%22%2C%2213618112%22%2C%2228973875%22%2C0%2Cnull%2Cnull%2C%224854668971439873118%22%2C%221%22%2Cnull%2C%224854668970393341920%22%5D%5D&expSes=89274&tsrc=Direct&reqts=1731337306128&rri=7869144&internalId=&ctx=%7B%22lng%22%3A%22en-US%22%7D&geoData=DE__
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
-WoismaM9_XOqpqQuhqSyiYs5Usx5OSuUsfz6MfrIEkc95foBy6jDw==
date
Mon, 11 Nov 2024 15:01:46 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.96.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-96-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=7200
content-encoding
gzip
etag
"16d5d552603d86726ae439fc61299d42"
x-cdn
akamai
quic-version
0x00000001
alt-svc
h3=":443"; ma=600
content-length
2114
date
Mon, 11 Nov 2024 15:01:46 GMT
akamai-grn
0.c787645f.1731337306.966d583
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
ct.html
ct.pinterest.com/ Frame 18A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.96.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-96-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

akamai-grn
0.e487645f.1731337306.b95461a
alt-svc
h3=":443"; ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Mon, 11 Nov 2024 15:01:46 GMT
pinterest-version
d16ef5f66d42064f6a10d93cad2b1b66ef81c5eb
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
6153328450279848
x-pinterest-rid-128bit
5bbfa36df2c3e43b5565039fb13c3997
inbox-v2_75060a85c1a4aebcc6f779b9e84db722.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_75060a85c1a4aebcc6f779b9e84db722.br.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
183ae143a7f66c133f3948bdf61a0a9f97eb326be7de5947c1f19b93f3b9db24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=df/Fww==, md5=CihY9k4bsokmzU8kBOwKQw==
etag
"0a2858f64e1bb28926cd4f2404ec0a43"
age
325048
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5475
date
Thu, 07 Nov 2024 20:44:18 GMT
last-modified
Wed, 06 Nov 2024 15:25:38 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY2CkS6TA_shZmPenLGMuN65TjRn5x8Lv5jODHkk0-beLTIwlnLsLRjMqtKV-tsCIthJvLziWFUaOw
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730906738691975
content-length
5475
server
UploadServer
sms-v2_e39203556bab2366e56296ce42e974a7.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_e39203556bab2366e56296ce42e974a7.br.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=ikqFlg==, md5=aEuBb/f6hVJqtLcp+18MkQ==
etag
"684b816ff7fa85526ab4b729fb5f0c91"
age
933004
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1303
date
Thu, 31 Oct 2024 19:51:42 GMT
last-modified
Thu, 31 Oct 2024 19:40:38 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY2cvM1vEKvaXm1G0YZ_NlM26kstDHaFakY0QYETK1GCqxLnc-v-DRd7nI7p6IF1Pz4_2lE
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403638782676
content-length
1303
server
UploadServer
onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a8b68b46f44aac34f59d2926e8db6bdae4bc3b7fe3aad60948e97f428b087531

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=YWhgXQ==, md5=E+t6bCqMhb3KnLqECwDbLA==
etag
"13eb7a6c2a8c85bdca9cba840b00db2c"
age
472416
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5039
date
Wed, 06 Nov 2024 03:48:10 GMT
last-modified
Thu, 31 Oct 2024 19:40:27 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY0r_bOK6liw88gLoN-s69Vgvs7bnK5huGq6zANo0HVVBcwSHJ7P1vr5qXgUzj2MVyitKqgDlKywxQ
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403627837427
content-length
5039
server
UploadServer
src=10265292;dc_pre=COnrk4nG1IkDFZGsOgUdfmIleA;type=conte0;cat=homep0;ord=8378667825873;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181787185z8896608294za20...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=8378667825873;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181787185z8...
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=COnrk4nG1IkDFZGsOgUdfmIleA;type=conte0;cat=homep0;ord=8378667825873;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=deni...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=COnrk4nG1IkDFZGsOgUdfmIleA;type=conte0;cat=homep0;ord=8378667825873;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 11 Nov 2024 15:01:47 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=COnrk4nG1IkDFZGsOgUdfmIleA;type=conte0;cat=homep0;ord=8378667825873;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4b70v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 11 Nov 2024 15:01:46 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
negotiate
www8.eu.inside.chat/signalr/ 		391 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.eu.inside.chat/signalr/negotiate?clientProtocol=2.1&k=IN-1011171%3A15803478-adf2ea896af5afe621d62e15f47a6534b7d7f76650ea02aa324aa8bfb617d44c-5-5%3A67135714%3A4&c=b11e1b464638cc64fd5b92302a429624&nc=0&connectionData=%5B%7B%22name%22%3A%22insidesocialhub%22%7D%5D&_=1731337305254
Requested by
Host: cdn8.eu.inside.chat
URL: https://cdn8.eu.inside.chat/ig.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
838d6cdaa106f1e306e8ea83aebf6b21416140e090fa63f045ec02f1c1b9f623
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
text/plain, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
8e0f28d4bb79453a-TXL
expires
-1
access-control-allow-origin
https://www.elfcosmetics.com
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json; charset=UTF-8
server
cloudflare
ig.css
cdn8.eu.inside.chat// 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn8.eu.inside.chat//ig.css?dev=1&_a741df0-5
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a506503adb523ec7fd71e1cd5b953922dea386950cf0ea6355d1037bd7c6d1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
public, max-age=691200
content-encoding
br
cf-bgj
minify
etag
W/"467ac5f0ff9ddafc490fa480f5fdb10b"
age
1312
cf-cache-status
HIT
cf-ray
8e0f28d4bb7c453a-TXL
expires
Tue, 19 Nov 2024 15:01:46 GMT
cf-polished
origSize=12828
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
jquery-3.7.1.min.js
assets.bounceexchange.com/assets/bounce/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg==
content-encoding
br
etag
W/"2c872dbe60f4ba70fb85356113d8b35e"
age
820021
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
87533
date
Sat, 02 Nov 2024 03:14:45 GMT
last-modified
Thu, 31 Oct 2024 19:40:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0PWQb51N9n6c59jZNjBcJa83tLJFe8njU6YsvA6rEDc3y2VeXEwtQcvWZSASbyBBOtkpRY2MbizA
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1730403600522086
content-length
31009
server
UploadServer
baskets
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
0745bb9b867a058bbc7c07277d21fb7e6a74375238097db61eb0a2711cc9791a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJiMDdlNmQ4Ny1jN2U5LTQ4ZGItOWJjZS1hNTMwMDhjNzM3MTgiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjIyNGNlMzI1LWNjYjctNDJhYi1iNWQ2LTY1MTI5ZmRiMTAyNSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MzEzMzcyNzUsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0hnWXcwc1hrSHNSdzBsR2xXWVlrS2RHOjpjaGlkOmVsZi11cyIsImV4cCI6MTczMTMzOTEwNSwiaWF0IjoxNzMxMzM3MzA1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxMDAxMjA4MjQyOTUzNzY2OCJ9.8QZNgsOB8cxTkg13qTGmNPj2CXP9xUT6XNS4cdcEJMb4QoaJ_uQFCyY7ojwtQGeeY0RFb9kwHnrmiVh12frMdA
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Referer
https://www.elfcosmetics.com/
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-dw-resource-state
543b40509f339cb3c8ae6df338b557ae008478e85c0e3f7bd4d394e272328c59
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
content-encoding
gzip
x-dw-request-base-id
h0pMI1ocMmcBAAB_
etag
543b40509f339cb3c8ae6df338b557ae008478e85c0e3f7bd4d394e272328c59
age
0
x-dw-version-status
obsolete
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
Thu, 01 Dec 1994 16:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
RxIdanZyQxKruXT19KXo4bUM7cupHZYOEYq4w4SFQ8ShCj4IcwI4Dg==
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json;charset=UTF-8
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897095 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
sfdc_customization
HOOK
x-yottaa-os
200
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
allow
OPTIONS,POST
cf-ray
8e0f28d679789b6d-SEA
x-yottaa-metrics
2521cc02851d/[255,254,-] 25D1cc028561/[-,257.604]
via
1.1 d52f5364539f50d2591f4996970cf25e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1105
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets
x-amz-cf-pop
SFO53-P7
bframe
www.google.com/recaptcha/api2/ Frame 4ADB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcA2G4UAAAAAK-fHuRDYBsNQoJlqlDqQvrjGwQu
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f196.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K4ho30vX6N9TncE2IC5FNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-K4ho30vX6N9TncE2IC5FNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Nov 2024 15:01:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
us.svg
www.elfcosmetics.com/mobify/bundle/12647/static/img/flag-icons/ 		9 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/mobify/bundle/12647/static/img/flag-icons/us.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-amz-meta-deploy
920359
content-encoding
gzip
age
236704
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
zknuR1F5zjLh3V5iPFBjbH0d0bhGGVwX0Xlb5c0BA7dp4hy_wSrqQw==
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
image/svg+xml
x-yottaa-optimizations
ob/1101 si/25D1cc028561-1730834774-9713042040 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 d52f5364539f50d2591f4996970cf25e.cloudfront.net (CloudFront)
x-amz-meta-bundle
12647
x-yottaa-metrics
2521cc028a78/[2,-,1731100260334] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
676
x-amz-cf-pop
SFO53-P7
unip
trc-events.taboola.com/1691051/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=1662&scd=0&ssd=1&est=1731337305108&ver=36&isls=true&src=i&invt=1500&msa=4680&rv=1&tim=1731337306770&vi=1731337305105&ri=586168cd7f46bc171393d5099f6c1011&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmetics.com%2F&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://www.elfcosmetics.com/

Response headers

access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Mon, 11 Nov 2024 15:01:47 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1691051/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=1662&scd=0&ssd=1&est=1731337305108&ver=36&isls=true&src=i&invt=1500&msa=4680&rv=1&tim=1731337306770&vi=1731337305105&ri=586168cd7f46bc171393d5099f6c1011&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmetics.com%2F&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.elfcosmetics.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Mon, 11 Nov 2024 15:01:46 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
start
www8.eu.inside.chat/signalr/ 		25 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.eu.inside.chat/signalr/start?transport=webSockets&clientProtocol=2.1&k=IN-1011171%3A15803478-adf2ea896af5afe621d62e15f47a6534b7d7f76650ea02aa324aa8bfb617d44c-5-5%3A67135714%3A4&c=b11e1b464638cc64fd5b92302a429624&nc=0&connectionToken=ouu7cUG9qUEyRlustoZ8r6IPX2bywxA4noeaPEvQnFTAxwe3c9fd3ReSixsFGv1G5RYkxapElFShkoiFVvgZ8dxCUbnQYljhSqmny%2Fpmnz2Dk13%2BDsiXRFhmTbH5N2JJ&connectionData=%5B%7B%22name%22%3A%22insidesocialhub%22%7D%5D&_=1731337305255
Requested by
Host: cdn8.eu.inside.chat
URL: https://cdn8.eu.inside.chat/ig.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
text/plain, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
8e0f28d7781f453a-TXL
expires
-1
access-control-allow-origin
https://www.elfcosmetics.com
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
application/json; charset=UTF-8
server
cloudflare
wave-3-holiday-gift-shop-2024-11-IMAGE-3_D
cdn.media.amplience.net/i/elfcosmetics/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-3_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-3_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-3_D?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b644a5111051cef16d858b1930d5a46ba9dd9ec2abf027367bd4629ff31bc64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
69190
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:46 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 17:11:12 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
J6kvCxdmO,l4p5bDg2e,DWDpkG0K9,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
0w3hRvxje-
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28d77ccee52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
36010
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
holiday-new-arrivals-2024-11-IMAGE-3_D
cdn.media.amplience.net/i/elfcosmetics/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-IMAGE-3_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-IMAGE-3_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-new-arrivals-2024-11-IMAGE-3_D?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c09c3af45168a88e439e23588e09c8d73c8de5ca11221ed3e6db5009e490f78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
69189
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:46 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 17:21:06 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
CvzaKhF8A,l4p5bDg2e,-1uCy2sq-,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
bXgEtvLYCx
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28d77cd1e52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
18499
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
products
www.elfcosmetics.com/api/en-us/v2.0/ 		953 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/en-us/v2.0/products?ids=23212%2C300229%2C300303%2C300200%2C82158%2C59560UP&phash=d6477ce2dbfac64c&siteId=elf-us&locale=en-US&currency=USD
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/ Express
Resource Hash
9036cf262606d52ef3163812a2d6c33f41e4e379006c7519f2784b28e22f03fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJiMDdlNmQ4Ny1jN2U5LTQ4ZGItOWJjZS1hNTMwMDhjNzM3MTgiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjIyNGNlMzI1LWNjYjctNDJhYi1iNWQ2LTY1MTI5ZmRiMTAyNSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MzEzMzcyNzUsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0hnWXcwc1hrSHNSdzBsR2xXWVlrS2RHOjpjaGlkOmVsZi11cyIsImV4cCI6MTczMTMzOTEwNSwiaWF0IjoxNzMxMzM3MzA1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxMDAxMjA4MjQyOTUzNzY2OCJ9.8QZNgsOB8cxTkg13qTGmNPj2CXP9xUT6XNS4cdcEJMb4QoaJ_uQFCyY7ojwtQGeeY0RFb9kwHnrmiVh12frMdA
Referer
https://www.elfcosmetics.com/
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
clientid
982499-0-40048abc

Response headers

content-encoding
gzip
x-amzn-remapped-connection
keep-alive
etag
W/"ee233-HgkklSy/iwqkKS3Yig/xwR6bksQ"
age
0
x-content-type-options
nosniff
x-amzn-requestid
5a4c7bec-5195-4e47-93fb-e4805a7cc99e
date
Mon, 11 Nov 2024 15:01:47 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897100 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-os
200
x-amz-apigw-id
BFleUEH1PHcEAYw=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:47 GMT
x-yottaa-metrics
2521cc0285ac/[81,79,-] 25D1cc028561/[-,81.400]
access-control-allow-origin
*
x-powered-by
Express
products
www.elfcosmetics.com/api/en-us/v2.0/ 		226 KB
29 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/en-us/v2.0/products?ids=71033%2C71040%2C82618%2C70986%2C70974%2C19471%2C19457%2C19456%2C19458%2C19474%2C70987%2C70982%2C19453&phash=d6477ce2dbfac64c&siteId=elf-us&locale=en-US&currency=USD
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/ Express
Resource Hash
9006add35654719da9eba69404344dcee6ceff9d909796d9ca5f333dbb225a29
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJiMDdlNmQ4Ny1jN2U5LTQ4ZGItOWJjZS1hNTMwMDhjNzM3MTgiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjIyNGNlMzI1LWNjYjctNDJhYi1iNWQ2LTY1MTI5ZmRiMTAyNSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MzEzMzcyNzUsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0hnWXcwc1hrSHNSdzBsR2xXWVlrS2RHOjpjaGlkOmVsZi11cyIsImV4cCI6MTczMTMzOTEwNSwiaWF0IjoxNzMxMzM3MzA1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxMDAxMjA4MjQyOTUzNzY2OCJ9.8QZNgsOB8cxTkg13qTGmNPj2CXP9xUT6XNS4cdcEJMb4QoaJ_uQFCyY7ojwtQGeeY0RFb9kwHnrmiVh12frMdA
Referer
https://www.elfcosmetics.com/
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
clientid
982499-0-40048abc

Response headers

content-encoding
gzip
x-amzn-remapped-connection
keep-alive
etag
W/"3869d-nk4WiCmh++F/PfZHrUqpMoOzaUc"
age
0
x-content-type-options
nosniff
x-amzn-requestid
62590c33-3c85-4e5f-90e2-706b60714b17
date
Mon, 11 Nov 2024 15:01:47 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897101 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-os
200
x-amz-apigw-id
BFleUGHPvHcElRg=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:47 GMT
x-yottaa-metrics
2521cc0285ab/[42,41,-] 25D1cc028561/[-,43.549]
access-control-allow-origin
*
x-powered-by
Express
json
st.dynamicyield.com/spa/ 		158 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://st.dynamicyield.com/spa/json?sec=8772046&id=-5219671725872898984&ref=&jsession=kr8roqpib9xhc1jcbvydbqk6eyp1ablz&isSesNew=true&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/api/8772046/api_static.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8c00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f64d0203e17daf26941e5e62d90cc35490891d30caf349fd8ac399971a9b3426

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain; charset=utf-8
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache
content-encoding
gzip
via
1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
expires
Mon, 11 Nov 2024 15:01:46 GMT
access-control-allow-origin
*
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-amz-cf-id
hndvdapr74EAGrQOUb0s-bviwDIEZkDMUuXczIBF_XZwoV_CtcO5oA==
date
Mon, 11 Nov 2024 15:01:47 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P2
PWA-UpdateSession
www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/ 		56 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/vendor.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6

Request headers

c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
x-dw-request-base-id
lUoPelscMmcBAAB_
cf-cache-status
DYNAMIC
age
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
gksfxgKXO_pdgBFGpKc-7MxxXS-BNhZhHxBZQHoz0Lakbm_58O9y_A==
date
Mon, 11 Nov 2024 15:01:47 GMT
content-type
application/json
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897103 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-os
200
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 9a448e42428e8683fe0fc64dff7a7112.cloudfront.net (CloudFront)
cf-ray
8e0f28dbc8f3284a-SEA
x-yottaa-metrics
2521cc028598/[372,371,-] 25D1cc028561/[-,373.389]
access-control-allow-origin
*
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
x-amz-cf-pop
SFO53-P7
458359.gif
idsync.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458359.gif?partner_uid=7dc8a52b-3a58-4cc4-b20d-69378813a5f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 11 Nov 2024 15:01:47 GMT
BS_Exclusives_Badge-tranparent
cdn.media.amplience.net/i/elfcosmetics/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/BS_Exclusives_Badge-tranparent?%24Desktop%24=&fmt=auto&w=70
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596a5f66de9abe6b62ac06d26d7459e293483bb940f66d3ade9e76db63138dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
9791
x-amp-source-width
130
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:48 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Mon, 11 Nov 2024 03:42:10 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
HITLiVQAA,l4p5bDg2e,mF-g78ke7,LrNkTVSmA,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
UMuqLf-hP2
x-amp-source-height
80
x-amp-cf-worker
true
cf-ray
8e0f28dfc882e52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
1657
x-amp-published
Thu, 10 Oct 2024 14:19:39 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
new-9FAEE5
cdn.media.amplience.net/i/elfcosmetics/ 		722 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/new-9FAEE5?%24Desktop%24=&fmt=auto&w=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df9e9875419d2c0d1bc8af23e63949a7e20b1ff5cd2f57c7958fc65a7be8b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
21330
x-amp-source-width
112
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:48 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 12:10:49 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
dPc9cBMhE,l4p5bDg2e,mF-g78ke7,tJjh4FgGa,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
PIZAg9APrz
x-amp-source-height
96
x-amp-cf-worker
true
cf-ray
8e0f28dfc886e52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
722
x-amp-published
Thu, 30 May 2024 19:09:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
1123_ECOMM_PDP_HOLIDAY_VALUE_BADGE-min
cdn.media.amplience.net/i/elfcosmetics/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/1123_ECOMM_PDP_HOLIDAY_VALUE_BADGE-min?%24Desktop%24=&fmt=auto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02c458ae1d9727ae1882982bb0a9791a2782caa000c0a6b40812eef973b535d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
71081
x-amp-source-width
484
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:48 GMT
edge-control
max-age=86400
content-type
image/webp
last-modified
Sat, 09 Nov 2024 21:20:01 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
qaEhTGzM0,l4p5bDg2e,mF-g78ke7,_o3S8Vstd,DtzGFM5oJ
cache-control
s-maxage=86400, max-age=1800
x-req-id
fmeuTwFOqW
x-amp-source-height
485
x-amp-cf-worker
true
cf-ray
8e0f28dfc888e52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
155612
x-amp-published
Thu, 30 May 2024 19:09:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
badge-holiday-blue-background
cdn.media.amplience.net/i/elfcosmetics/ 		197 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/badge-holiday-blue-background?%24Desktop%24=&fmt=auto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c9b20cc559c1c9146dcd9c4915775b66d6728e4bba2714f3bfbe45218402d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
23197
x-amp-source-width
237
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:48 GMT
edge-control
max-age=86400
content-type
image/webp
last-modified
Sun, 10 Nov 2024 22:55:15 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
WlA28y71_,l4p5bDg2e,mF-g78ke7,MjU8swIY_,DtzGFM5oJ
cache-control
s-maxage=86400, max-age=1800
x-req-id
l1qiTz85Hv
x-amp-source-height
237
x-amp-cf-worker
true
cf-ray
8e0f28dfc88be52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
201390
x-amp-published
Tue, 05 Nov 2024 20:53:30 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
71033_InPack_V3_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe53e0f0d/2024/AdventCalendars/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe53e0f0d/2024/AdventCalendars/71033_InPack_V3_R.jpg?sfrm=png&sw=498
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
7b6f4d3d5ef91a8dbc8cb7ab2ecca6c200c7520cb8bfcf88ac1fed6ea2f704d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
MISS
age
257536
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Miss from cloudfront
x-amz-cf-id
RsXwWfcZCa1ty0FiPsDuaXC76HJHkI-oZRUX58rMG4bDpR8uSZR3Pg==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sfrm=png&sw=498
x-amz-expiration
expiry-date="Sat, 08 Nov 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/101 si/25D1cc028561-1730834774-9712809519 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 83a6f42adff040301dd9cde8ff611a9c.cloudfront.net (CloudFront)
cf-ray
8df691aacc027ab8-SJC
x-yottaa-metrics
2521cc028592/[4,-,1731079456831] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
41885
x-amz-cf-pop
SFO53-C1
x-amz-server-side-encryption
AES256
71040_24_Advent_InPack_V4_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb5efc544/2024/AdventCalendars/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb5efc544/2024/AdventCalendars/71040_24_Advent_InPack_V4_R.jpg?sfrm=png&sw=498
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
fc3baad02d19012fe8be2129d8b8e582c3d3733b3efe604be0079f4ffe7f6240

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
MISS
age
257536
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Miss from cloudfront
x-amz-cf-id
uFWehawl_olHBcf8ABslJ67VVgCEQMHP696gRWQyf5qkzVbm2GWx5Q==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sfrm=png&sw=498
x-amz-expiration
expiry-date="Sat, 08 Nov 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/101 si/25D1cc028561-1730834774-9712809520 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 771001bf23680c4bf66e77caba3ceaba.cloudfront.net (CloudFront)
cf-ray
8df691aacfa5f963-SJC
x-yottaa-metrics
2521cc028591/[3,-,1731079456922] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
35435
x-amz-cf-pop
SFO53-C1
x-amz-server-side-encryption
AES256
062524_EXCLUSIVE_GIFTS_N_KITS_LIPOIL_600dpi_RGB_IGF-2.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw18e228df/2024/GlowReviverQuadGoals/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw18e228df/2024/GlowReviverQuadGoals/062524_EXCLUSIVE_GIFTS_N_KITS_LIPOIL_600dpi_RGB_IGF-2.jpg?sw=498
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6b9bb2efbf915c3e24da70b76001ebcd9fd1a0d0f7b010d140492b75b2d34cc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
MISS
age
257536
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Miss from cloudfront
x-amz-cf-id
JeWUaAqfcKDyBGKwIRZUAA9IJlMp37AT6LZ3YKa-FcjLsgju4pu8iw==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sw=498
x-amz-expiration
expiry-date="Tue, 11 Nov 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/101 si/25D1cc028561-1730834774-9712809521 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 ad82d8a3c91257adecf18541576c7e72.cloudfront.net (CloudFront)
cf-ray
8df691aac8c09655-SJC
x-yottaa-metrics
2521cc028590/[3,-,1731079456855] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
34067
x-amz-cf-pop
SFO53-C1
x-amz-server-side-encryption
AES256
70986_InPack_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw8edab371/2023/Holidays2023/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw8edab371/2023/Holidays2023/70986_InPack_R.jpg?sfrm=png&sw=498
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
afba1772b30b03d23c507a9f745a3e82914cf7762ea17668cc1289ed84ef0f1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
MISS
age
257536
x-cache
Miss from cloudfront
x-amz-cf-id
JwVEEX2apKL1GmTMGdRDCtI1NjdwOeR-8R7o_GvFv2AmO5X2YuPepw==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sfrm=png&sw=498
x-amz-expiration
expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/101 si/25D1cc028561-1730834774-9712809522 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 6d77342eb60c8ea96903996368766612.cloudfront.net (CloudFront)
cf-ray
8df691aacb07cfbc-SJC
x-yottaa-metrics
2521cc02858f/[2,-,1731079456855] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
19243
x-amz-cf-pop
SFO53-C1
x-amz-server-side-encryption
AES256
70974_InPack_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1b005e6e/2023/Holidays2023/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1b005e6e/2023/Holidays2023/70974_InPack_R.jpg?sfrm=png&sw=498
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
7e4f943e0e0434bdd25e3f8bb0d938a6b52b749748319fc3ece23cd91c665eec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-bgj
h2pri
cf-cache-status
HIT
age
257536
x-cache
Miss from cloudfront
x-amz-cf-id
dY5w-gUrC41vQz-BbVaSj3WvAtByIc-mapwG7fooZqkshRagmlMzjA==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sfrm=png&sw=498
x-amz-expiration
expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/101 si/25D1cc028561-1730834774-9712809523 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 d6cbeccd9a6d25b691d204399bf8b728.cloudfront.net (CloudFront)
cf-ray
8df691aace45175f-SJC
x-yottaa-metrics
2521cc02858d/[4,-,1731079456520] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
24828
x-amz-cf-pop
SFO5-P2
x-amz-server-side-encryption
AES256
19471_1124_HOLIDAY_ECOMMM_PDP_BUNDLES_MISTLETOE_MAGIC_LIP.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwc7eb9400/2024/Bundles/MistletoeMagicLipTrio/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwc7eb9400/2024/Bundles/MistletoeMagicLipTrio/19471_1124_HOLIDAY_ECOMMM_PDP_BUNDLES_MISTLETOE_MAGIC_LIP.jpg?sw=498
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
30dab470a6ed89ca63d66367f62b3cc40b999c8852301c61f69fcd9892d530b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
MISS
age
257536
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Miss from cloudfront
x-amz-cf-id
eA9FrD489lpDy9n-Qke0aFMMGLyrez34-pqT3rnMB8kj1S6Jc4ZlTQ==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sw=498
x-amz-expiration
expiry-date="Fri, 05 Dec 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/101 si/25D1cc028561-1730834774-9712809524 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 a3b511649bade26170091701ae26b616.cloudfront.net (CloudFront)
cf-ray
8df691aacff6171a-SJC
x-yottaa-metrics
2521cc02852f/[4,-,1731079457069] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
22427
x-amz-cf-pop
SFO53-C1
x-amz-server-side-encryption
AES256
wave-3-holiday-gift-shop-2024-11-IMAGE-4_D
cdn.media.amplience.net/i/elfcosmetics/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-4_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-4_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-4_D?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e99c41ccc991762cbfe42d0bdaf4798746eeec5c3aceaadfac1ba324904d8b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
69189
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:48 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 17:35:02 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
ncmoIIxhF,l4p5bDg2e,sNHOVm0Jx,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
YPnIxzsuyT
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28dfd8afe52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
61542
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je4b70v879088318z8896608294za200zb896608294&gcs=G100&gcd=13m3mPm2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101823848~101925629&cid=247771635.1731337305&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=MA&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1731337304&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&_s=2&tfd=7795
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.elfcosmetics.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je4b70v879088318z8896608294za200zb896608294&gcs=G100&gcd=13m3mPm2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101823848~101925629&cid=247771635.1731337305&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=MA&_s=3&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1731337304&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&en=view_item_list&_c=1&pr1=id23212~nmPrime%20%26%20Stay%20Finishing%20Powder~afELF%20Cosmetics~ds0~k0currency~v0USD~lp0~brELF%20Cosmetics~caface~c2face-powder~lnProduct%20Carousel~vaLight%2FMedium~pr4~qt1&pr2=id82158~nmSheer%20Slick%20Lipstick%20Black%20Cherry~afELF%20Cosmetics~ds0~k0currency~v0USD~lp1~brELF%20Cosmetics~calips~c2lips-lipstick~lnProduct%20Carousel~vaBlack%20Cherry~pr5~qt1&pr3=id300200~nmGlossy%20Lip%20Stain~afELF%20Cosmetics~ds0~k0currency~v0USD~lp2~brELF%20Cosmetics~calips~c2lips-lip-gloss~lnProduct%20Carousel~va~pr6~qt1&pr4=id300229~nmGlow%20Reviver%20Lip%20Oil~afELF%20Cosmetics~ds0~k0currency~v0USD~lp3~brELF%20Cosmetics~calips~c2lips-lip-gloss~lnProduct%20Carousel~va~pr8~qt1&pr5=id300303~nmSoft%20Glam%20Satin%20Foundation~afELF%20Cosmetics~ds0~k0currency~v0USD~lp4~brELF%20Cosmetics~caface~c2face-foundation~lnProduct%20Carousel~va~pr8~qt1&pr6=id59560UP~nmBlemish%20Breakthrough%20Stick%20It%20to%20Zits%20Pimple%20Patches~afELF%20Cosmetics~ds0~k0currency~v0USD~lp5~brELF%20Cosmetics~caskin~lnProduct%20Carousel~va~pr8~qt1&ep.page_type=homepage&ep.page_environment=production&ep.page_country=US&ep.page_language=EN&ep.item_list_name=Product%20Carousel&_et=2481&tfd=7796
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.elfcosmetics.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
text/plain
server
Golfe2
event
www.elfcosmetics.com/api/en-us/v2.0/ 		105 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/ Express
Resource Hash
daae00cdc537a324a902275e68556509bb363e0e4937073a98bf996bc99322cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.elfcosmetics.com/

Response headers

content-encoding
gzip
x-amzn-remapped-connection
keep-alive
etag
W/"69-tWutbP+WvB+RlEf7ltItW96S9Qs"
age
0
x-content-type-options
nosniff
x-amzn-requestid
2daf8cd1-cfda-436a-8874-147dddfd8cd9
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897123 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-os
200
x-amz-apigw-id
BFlehFBgvHcEhLw=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:48 GMT
x-yottaa-metrics
2521cc028592/[171,170,-] 25D1cc028561/[-,172.227]
access-control-allow-origin
*
content-length
110
x-powered-by
Express
BestofBeauty_2024-resized
cdn.media.amplience.net/i/elfcosmetics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/BestofBeauty_2024-resized?%24Desktop%24=&fmt=auto&w=70
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc241faad0fa1d1bc2aa76bac73dd92d2b641e813e2258a9fee2c5b6cfa14af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
6032
x-amp-source-width
100
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:48 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 19:11:22 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
aCbob3NeL,l4p5bDg2e,mF-g78ke7,HlAV_hh57,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
aaPvYdk9p9
x-amp-source-height
100
x-amp-cf-worker
true
cf-ray
8e0f28e25af0e52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2809
x-amp-published
Wed, 25 Sep 2024 14:02:09 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
staffPicks-white
cdn.media.amplience.net/i/elfcosmetics/ 		656 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/staffPicks-white?%24Desktop%24=&fmt=auto&w=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02a020f88f0cd42fad80078f958d9a87a2f83cee756d5fb426a40bc9823da92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
21328
x-amp-source-width
112
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:48 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 19:37:09 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
SHhVQahuW,l4p5bDg2e,mF-g78ke7,4MizThq0Q,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
54CNNf5rWk
x-amp-source-height
96
x-amp-cf-worker
true
cf-ray
8e0f28e25af5e52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
656
x-amp-published
Thu, 09 Nov 2023 14:42:35 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
23212_SILO.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2cf9b493/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2cf9b493/23212_SILO.jpg?sfrm=png&sw=252
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
8693c77187b09e84e1ed7560699662eb076c8f81df8c41c95e37df5300c97462

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-bgj
h2pri
cf-cache-status
HIT
age
256457
x-cache
Hit from cloudfront
x-amz-cf-id
PH15O9oXJQX-rzy81quTKzNDEsYxDBC8v6wRnEyC0s9f4WRK6REmCg==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sfrm=png&sw=252
x-amz-expiration
expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/101 si/25D1cc028561-1730834774-9712818955 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 1dca409ef6ffa2d7a2f28746a7a4d7c0.cloudfront.net (CloudFront)
cf-ray
8df693e64c8efa66-SJC
x-yottaa-metrics
2521cc028598/[3,-,1731079547951] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
5141
x-amz-cf-pop
DFW57-P9
x-amz-server-side-encryption
AES256
82004_OpenA_V7_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw141e8912/2023/GlowReviverLipOil/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw141e8912/2023/GlowReviverLipOil/82004_OpenA_V7_R.jpg?sfrm=png&sw=252
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a715320eb9ed7f814640a36c4ed56bd7912b4bafc599f84b681f107ddb649cd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-bgj
h2pri
cf-cache-status
HIT
age
257298
x-cache
Miss from cloudfront
x-amz-cf-id
KpTgFpmJe1o0imyKqWaecQWhwp343tWSizAqqukXX_3MRVlxc2KRPA==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sfrm=png&sw=252
x-amz-expiration
expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/101 si/25D1cc028561-1730834774-9712811843 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 ddc99690db2a90a14fd13c2d616aafd6.cloudfront.net (CloudFront)
cf-ray
8df693840b24237a-SJC
x-yottaa-metrics
2521cc028a77/[2,-,1731079532201] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
3753
x-amz-cf-pop
DFW57-P9
x-amz-server-side-encryption
AES256
84948_Open_A_v3_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb303949d/2024/SoftGlamSatinFoundation/Medium/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb303949d/2024/SoftGlamSatinFoundation/Medium/84948_Open_A_v3_R.jpg?sfrm=png&sw=252
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
0991113e504350f6ede400492439ac05b18c62ee792f3b1d74eadff63c06006e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-bgj
h2pri
cf-cache-status
HIT
age
257564
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
BgUFDWNcdz6PvPzBD7KdmM_Z43BxyvFDTyF3i6ooEpD227YkE2_OLg==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sfrm=png&sw=252
x-amz-expiration
expiry-date="Sat, 12 Jul 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/101 si/25D1cc028561-1730834774-9712809352 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 df713d2948fa8a1a49dbdc43233cc7fa.cloudfront.net (CloudFront)
cf-ray
8df69140fc4dcf1e-SJC
x-yottaa-metrics
2521cc028595/[4,-,1731079439539] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
5593
x-amz-cf-pop
DFW57-P9
x-amz-server-side-encryption
AES256
81683_OpenA_R_Final.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw4d62e127/2021/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw4d62e127/2021/81683_OpenA_R_Final.jpg?sfrm=png&sw=252
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
25e01968137675b5d89773ef5575463c864d91805d5457031d80be7e8f17bd7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-bgj
h2pri
cf-cache-status
HIT
age
256916
x-cache
Miss from cloudfront
x-amz-cf-id
NZwJ9IW3p7pxF-JqYzaK6uolEWRoD0z4jShBNxWHSy1NsOw7plPA_w==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sfrm=png&sw=252
x-amz-expiration
expiry-date="Tue, 10 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/101 si/25D1cc028561-1730834774-9712814825 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 aef7d5802920ae8fa3e1ae9f10133dae.cloudfront.net (CloudFront)
cf-ray
8df69786de50fa92-SJC
x-yottaa-metrics
2521cc028538/[2,-,1731079696478] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
3524
x-amz-cf-pop
DFW57-P9
x-amz-server-side-encryption
AES256
82158_OpenA_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw65ac6350/2020/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw65ac6350/2020/82158_OpenA_R.jpg?sfrm=png&sw=252
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
9bd5e06df832715784ae82949770417a52bedeb065667880c3dd0c9de69b18b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-bgj
h2pri
cf-cache-status
HIT
age
256439
x-cache
Miss from cloudfront
x-amz-cf-id
osijjHAgvygUdJkOIXlvtsN8IsssSvJosygC_k_jStfLt2Srfm1vNQ==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sfrm=png&sw=252
x-amz-expiration
expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/11 si/25D1cc028561-1730834774-9712819259 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 a1ee2f3d4ad7afa58c3219e56c8cd250.cloudfront.net (CloudFront)
cf-ray
8df69117daab67b2-SJC
x-yottaa-metrics
2521cc0285ab/[1,-,1731079432963] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
3591
x-amz-cf-pop
DFW57-P9
x-amz-server-side-encryption
AES256
59560_InPack_V5_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dweeaa93ea/2023/BBStickItToZits/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dweeaa93ea/2023/BBStickItToZits/59560_InPack_V5_R.jpg?sfrm=png&sw=252
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1fa8fc66d59a869f99eabaa163a55ed1c01c1259b805d739d3bb79e7a60f8e87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
MISS
age
257459
x-cache
Miss from cloudfront
x-amz-cf-id
mnNczqJNbUnrUF1es8h6RDlz39UBxyXIzCQXmZVJHxwIHQsIYhL3sA==
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/jpeg
x-amz-meta-cleanquerystring
sfrm=png&sw=252
x-amz-expiration
expiry-date="Wed, 18 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
x-yottaa-optimizations
ob/101 si/25D1cc028561-1730834774-9712810594 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 c3d007e42510cc2bd48d2a205774e488.cloudfront.net (CloudFront)
cf-ray
8df6914f3b7096ab-SJC
x-yottaa-metrics
2521cc028a82/[3,-,1731079442112] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
4179
x-amz-cf-pop
SFO53-C1
x-amz-server-side-encryption
AES256
1-elf_cosmetic_animatedTab_final3.svg
cdn8.eu.inside.chat/custom/ 		83 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn8.eu.inside.chat/custom/1-elf_cosmetic_animatedTab_final3.svg?1730611369304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1ae1f3f317733df18447e7d06ca45740a82065056ae0ac3f8cd343dd0cbcae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
public, max-age=691200
content-encoding
gzip
cf-cache-status
HIT
etag
"0ee309e70f5da1:0"
cf-ray
8e0f28e289dc453a-TXL
expires
Tue, 19 Nov 2024 15:01:48 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
58162
date
Mon, 11 Nov 2024 15:01:48 GMT
content-type
image/svg+xml
last-modified
Fri, 23 Aug 2024 15:25:00 GMT
vary
Accept-Encoding
server
cloudflare
shoppercontext
www.elfcosmetics.com/api/v1/ 		134 B
910 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us&method=PATCH
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/mobify/bundle/12647/main.js?yocs=Z_14_1K_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b50038ad6b0d87bfbfaa940f269aff36d438741d119d8aaf57fbf97712a5caa3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJiMDdlNmQ4Ny1jN2U5LTQ4ZGItOWJjZS1hNTMwMDhjNzM3MTgiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjIyNGNlMzI1LWNjYjctNDJhYi1iNWQ2LTY1MTI5ZmRiMTAyNSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MzEzMzcyNzUsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0hnWXcwc1hrSHNSdzBsR2xXWVlrS2RHOjpjaGlkOmVsZi11cyIsImV4cCI6MTczMTMzOTEwNSwiaWF0IjoxNzMxMzM3MzA1LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMxMDAxMjA4MjQyOTUzNzY2OCJ9.8QZNgsOB8cxTkg13qTGmNPj2CXP9xUT6XNS4cdcEJMb4QoaJ_uQFCyY7ojwtQGeeY0RFb9kwHnrmiVh12frMdA
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-amzn-remapped-content-length
134
content-encoding
gzip
x-amzn-remapped-connection
close
etag
W/"86-+zmIPv8Gmh5rUok6wVFQOBt53BE"
age
0
x-amzn-requestid
d79cd93e-72e2-42b4-9ba9-c12e1d6d5169
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
UIrv7jtjvQfqF_kY-uxAFLo3sJ46SkGP-sOD42KoCrEDHVSsXSv6ew==
date
Mon, 11 Nov 2024 15:01:49 GMT
content-type
application/json; charset=utf-8
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1730834774-9715897138 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
strict-transport-security
max-age=15552000; includeSubDomains
x-yottaa-os
200
x-amz-apigw-id
BFlelHkuiYcEFpg=
x-amzn-remapped-date
Mon, 11 Nov 2024 15:01:49 GMT
x-amzn-trace-id
Root=1-67321c5c-1523aade29a0db904ef9e1fe;Parent=403f133c2c1b6781;Sampled=0;Lineage=1:2b75b0e9:0
via
1.1 1401c4844b3ea759244fef5091fc307a.cloudfront.net (CloudFront)
x-yottaa-metrics
2521cc028590/[592,591,-] 25D1cc028561/[-,593.302]
access-control-allow-origin
*
content-length
119
x-amz-cf-pop
SFO53-P7
script-tag.js
cdn-scripts.signifyd.com/api/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-117.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

vary
accept-encoding
cache-control
max-age=1800
content-encoding
gzip
etag
W/"73ca6f23f3e08738233832c7a7a0c30c"
age
363
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
jnTQ7NvvK8a8CRSX5u2XNrRWvPHYHuKPK9MkaG72o9PginE_I09O6w==
date
Mon, 11 Nov 2024 14:55:47 GMT
content-type
application/javascript
last-modified
Tue, 23 Apr 2024 14:51:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
company_toolkit.js
cdn-scripts.signifyd.com/api/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-117.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

vary
accept-encoding
cache-control
max-age=1800
content-encoding
gzip
etag
W/"2c3950f122b3977df61b0e077aaa92c8"
age
362
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
NjkygQZHqf2T2llCCtKRfqnZ4Y1ON3jc9dQoOOavBWvSKf4KAiU3lw==
date
Mon, 11 Nov 2024 14:55:48 GMT
content-type
application/javascript
last-modified
Tue, 30 May 2023 10:18:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
gb9041f64qn7aviy.js
imgs.signifyd.com/ 		97 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/gb9041f64qn7aviy.js?g1aktpix3r67vdb4=w2txo5aa&3njbymic43i6uvl9=LzJjMGFiNWI1Yjc0NDAyMzFhZDhjNTAyZmEz
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
cdb5eab6da71d47766901499045fc4ba0134ac5e82580732b6c9e4db99cfb134
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

X-Robots-Tag
noindex, nofollow
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
CP=IVAa PSAa
Keep-Alive
timeout=2, max=100
Date
Mon, 11 Nov 2024 15:01:49 GMT
Content-Type
text/javascript;charset=UTF-8
Vary
Accept-Encoding
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Server
Apache
rcomEvent
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/rcomEvent?cnst=1&_=173516&uid=-5219671725872898984&sec=8772046&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expSes=89274&p=1&cl=dk.l.c.ws.fst.&ses=b49aba3bed89eba793085c5667699d0a&data=%7B%22ctx%22%3A%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D%2C%22widgets%22%3A%7B%22199244%22%3A%7B%22fId%22%3A16887%2C%22fallbackData%22%3Afalse%2C%22expData%22%3A%7B%22expId%22%3Anull%2C%22varId%22%3Anull%7D%2C%22events%22%3A%5B%7B%22type%22%3A%22PIMP%22%2C%22pId%22%3A%5B%2223212%22%2C%22300229%22%2C%22300303%22%2C%22300200%22%2C%2282158%22%2C%2259560UP%22%5D%2C%22strId%22%3A9%2C%22md%22%3A%7B%7D%7D%2C%7B%22type%22%3A%22WIMP%22%2C%22strId%22%3A9%7D%2C%7B%22type%22%3A%22WRIMP%22%2C%22strId%22%3A9%7D%2C%7B%22type%22%3A%22PRIMP%22%2C%22pId%22%3A%5B%2259560UP%22%2C%2282158%22%2C%22300200%22%2C%22300303%22%2C%22300229%22%2C%2223212%22%5D%2C%22strId%22%3A9%2C%22md%22%3A%7B%7D%7D%5D%7D%7D%7D&reqts=1731337309468&rri=1230663
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
47QSg17hQWCk9H5n92m9nRxD-VGJMvSvPBjRPbaC9KYUiFIFe19tEg==
date
Mon, 11 Nov 2024 15:01:49 GMT
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
wave-3-holiday-gift-shop-2024-11-IMAGE-5_D
cdn.media.amplience.net/i/elfcosmetics/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-5_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-5_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/wave-3-holiday-gift-shop-2024-11-IMAGE-5_D?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c4d0116e5af5e8d0abc39954fbc8a89bdc47e8e571330312b49f7b6bef75eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cf-cache-status
HIT
age
69186
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:01:49 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Sun, 10 Nov 2024 17:11:15 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
zTFOBPpoB,l4p5bDg2e,MH0sX8coG,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
dYK5AkAOcs
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8e0f28e93958e52f-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
23091
x-amp-published
Thu, 07 Nov 2024 16:55:02 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
5UXshPhupyapLJAa
imgs.signifyd.com/ Frame BB04 		318 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/gb9041f64qn7aviy.js?g1aktpix3r67vdb4=w2txo5aa&3njbymic43i6uvl9=LzJjMGFiNWI1Yjc0NDAyMzFhZDhjNTAyZmEz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
77b94e31b5ef79ae3fd451d350501ec8382f0fbeb9772adb46db4816175936d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

X-Robots-Tag
noindex, nofollow
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=99
Date
Mon, 11 Nov 2024 15:01:49 GMT
Content-Type
text/javascript;charset=UTF-8
Vary
Accept-Encoding
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
tmx-nonce
e6ab51a8800592bc
X-XSS-Protection
1; mode=block
Server
Apache
lHJItnoWyXLJ6NkV
imgs.signifyd.com/ Frame BB04 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/lHJItnoWyXLJ6NkV?cdad1cbc9ef86bc2=ucOfQFz7DFtevGOJakl5ucr9kOhO1d1YakNtiKKterC_nJW7OSnvuqx_gYoGWJvMY8Vk2m_ckAkgxfUNfcsJiEJcW1trvYV76eq2ZDMIcP6E4ohXnMKuHSbsVNg2RUWTyLX46ylucteZmOCf_cv04r4vBpBwglox66jTq8c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
81
Keep-Alive
timeout=2, max=100
Date
Mon, 11 Nov 2024 15:01:49 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png
Server
Apache
gTfS9FXAxZsQZFsz
imgs.signifyd.com/ Frame BB04 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/gTfS9FXAxZsQZFsz?f0f1587d86a83885=mYFgNWcv_J9sZVOBswQ42VwAjuoDYzKTXAGE6D7sFVhTcMc69Lvzj0wMuLnZ-3VfJF_8KefNiMpSQWhKkFPohoy2wVypTtCUdzZWaSMN7RtsiD6XeCgaZmEj5vU_ABDqkloljHBDvXgm0y4M3UuGANjPeJZMoXjQVtsvZKs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
81
Keep-Alive
timeout=2, max=100
Date
Mon, 11 Nov 2024 15:01:49 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png
Server
Apache
clear.png
imgs.signifyd.com/fp/ Frame BB04 		81 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*, w2txo5aa/e6ab51a8800592bclzjjmgfinwi1yjc0ndaymzfhzdhjntayzmez
Referer
https://www.elfcosmetics.com/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
private, must-revalidate, max-age=0
Etag
cf2483b7502949c08955967d17652950
Connection
Keep-Alive
Expires
Sat, 10 Nov 2029 15:01:49 GMT
Access-Control-Allow-Origin
https://www.elfcosmetics.com
Content-Length
81
Keep-Alive
timeout=2, max=100
Date
Mon, 11 Nov 2024 15:01:49 GMT
Last-Modified
Mon, 11 Nov 2024 15:01:49 GMT
Content-Type
image/png
Server
Apache
gYzBwqDZyPNsawHl
imgs.signifyd.com/ Frame 13F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/gYzBwqDZyPNsawHl?e6ddec3d7ec7ba6d=qHpeW37ZDX0FsEzsdTU8WNQZnFulthcaLa6VG6bZ0eYg15sgcARvi1sPxZ6TqIf6SHcVuDt6pUdxMRb8z68fKKsLR81cj6wfjf53hxoQUbtheTNnRFd_BfG_zlwC90y2MsdTJWIzvK0WlWnMga5dJiagOvVuTdODB1K577xZdU5_AYgsGzMkyAabtP-u_x4MPD57plXSEhQ03hZdFHg
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Mon, 11 Nov 2024 15:01:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
6F45YwDFzkPKushG
imgs.signifyd.com/ Frame BB04 		0
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/6F45YwDFzkPKushG?85e2e8fa11648882=BXJ37MAxYuyirguy654F-gEvHGhydHPwCDrj6bNUhu8MzU1CZzOZNu29sitCQOSBMN9Q8gnCrYMXwAL3CRFwKJGa18F0s9qca9tzm6vReo5Zsk0pIJP4bh_uw1KOJtGJ6y0E35iuUysQWsQtlC9T2SyaArs&jb=3b3c2c667b633f3d6b603d396c3c36356861353c386f3b31383131396c64363f3d3b383d6c396c
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
0
Keep-Alive
timeout=2, max=98
Date
Mon, 11 Nov 2024 15:01:49 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript
Server
Apache
e4KR_yZlcQ8z0jkf
imgs.signifyd.com/ Frame BB04 		134 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/e4KR_yZlcQ8z0jkf?2be7415b50aa419a=pmTrG2XLeMzgsYs7tYXGIBePEW-dDN7J_DlJ9Pjbz-gTff9lNEymwXHC4F-l2uN-PlOVXHJ3rcw3epEB6QpZ536Ndq4yYxGiLtWHQMSO9b_jwtNka4f64fDtj2qMBuQV9997CODjSOGcuRkwX4b3qA
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
2fbcc29862c624620c1c135bfcbecc998b0978e655bd627bc3b8d3ae198f1765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=99
Date
Mon, 11 Nov 2024 15:01:49 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript;charset=UTF-8
Vary
Accept-Encoding
Server
Apache
IRsX-vMQtxAXrV55
h.online-metrix.net/ Frame A06D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/IRsX-vMQtxAXrV55?e9d0b3108f8585f5=P9-HodFT3WYudqxqc8Ikv8LNE8G9vKjrCLsdHfq8-Nf-F-Re7Gp4-QIhgq4SNW8vS75eJUDDrvD-M3VvW_6r-GytjP43mNOm-FBTLWkgDBT6RFV_YdhL6wTJ4SMXBjmGEpfLAws0jEpRD6rpuBWpK2OnN2xlVPalyAwY9iNMviq1Wm5tW-odTiKre56ep3Jgw7Nvl-3vBZ3N7gJ_4NoO
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Mon, 11 Nov 2024 15:01:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
nCTRheUBYnTSddXG
imgs.signifyd.com/ Frame 6BC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/nCTRheUBYnTSddXG?76c8a7c590f187f7=1tpERduy42QPR3aP5eNUjXSkITGqvys7Cp5m6xjY5AbqUmH_JJ7lec9Wd1sGnVorsy-fJmQOzSqh5STvInE-uteZYrrYsKv-YHh-TjCNk-7iZs7miE7L4w0v8DWMrx7_FNBwm9K_F5KucxbqfNsqTGHTfZCm1LMPvktk3lrDUfXo1OVmz8BUDIjFRmYXtIL3W8-DYIvkcEm1GksrhoDh
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Mon, 11 Nov 2024 15:01:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
01QnKqQgnCsbLM6v
h64.online-metrix.net/ Frame BB04 		0
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h64.online-metrix.net/01QnKqQgnCsbLM6v?fe7451fd3eade185=eu2-oWTxsPlAVGVUSxDae3ad_VBSK9fHxRH_WVxRyLFGpgbf3-pQGyq8g5sI7vhjAOnTEMVDjqnXDYKj8ZQqIjVEN9S9FYudlxCD0sLLm8jqN-gSOaS5cQjrWQqfSExrycf_37AJnJkdsZzKrmaS3ZQ1GIXJUWx_
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2620:f3:0:14:b401:8ee8:4321:ad82 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
0
Keep-Alive
timeout=2, max=100
Date
Mon, 11 Nov 2024 15:01:50 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript
Server
Apache
6F45YwDFzkPKushG
imgs.signifyd.com/ Frame BB04 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/6F45YwDFzkPKushG?85e2e8fa11648882=BXJ37MAxYuyirguy654F-gEvHGhydHPwCDrj6bNUhu8MzU1CZzOZNu29sitCQOSBMN9Q8gnCrYMXwAL3CRFwKJGa18F0s9qca9tzm6vReo5Zsk0pIJP4bh_uw1KOJtGJ6y0E35iuUysQWsQtlC9T2SyaArs&ja=39333c322e2461353c322e7a353c32266c3d313e383a7a393830382c6b663d393c38307239383a3a2e717a7137333930703b33302c64707a353b2e393c3038263b3230382639363a38263b3838322e393c32382c39383230263136383826333a3235243b3b302c393b3826677c37383d6e37336c39333c396d3c60663830396a3e3c606c39383f683a61663b693c26676637382c7b61663538362e6c60376a747e70732d3b4b273a4c253a4c7d7777266f6466696779676f7c6b617b2461676d2d3844267a6c3d3d2e7a6a356f3838386e66613d3f3d31333b6c3e6f6a673a3133316d623c6b3b393839306c2e626a356e313c3b3c62653e3c69303a393933326a3460313a316a36696f6639683239392e607167374c61647f782662796a3d49607865676d2730383b31382662796d75374c69667d72246279627d3749687267676d26646069373b3a246c6c673f3026666776703730267c726e3f4d7f72677a6f25324e486d726661642c6769766a7a373638303b6e33633862656b3838673e69633d3c3a30383a6b6c313f3d3e3a3b6e66363d323a3934396e34656b61323c6c693b3c6b666a6e3d3233393939393c692c6e78356a767c7a712d33492f30462f32467f7f7d2c6d66666b65796d657c636b73246b65672f3a442478377264756f636c5f6c6c617b602f374d6c6164796f2170647f6f6964577d63646c6d757b556f6d64616b5d706661796d7a2f374d6c6164796f2170647f6f6964576b6e656a675d6969706762697e27354f6661647b6f237866756f63645f717d636b6b7e61676f2f3d47646966716d2178667767636e5f7b606561637d617e6f2f35456e6b64736f297a667f6f6b6c577867696c786663796f72253d4d6c63647965297a66756761645776666b557a66697b677a2f374d66696671652b706c7d6f636c576e657e6b6676722d3f4d666b64796f2b786e776f636c57737e6d5d766365776d7a2f374d6c6164796f2170647f6f696457606b7c6927374d6c6364736d2c656c55633d7f6d6865645d656a4d462532383b26302f3a3a224578676c4f46273a304d5927323a322e382d38324b6272676763756d215d6d624d442f383a4f4e51442f3038455b2f30303b2e302d3a3a2a477a65664d462532384f5b2538384d4659442730384f512d32383b2c302f32304b60786d65637565235d656243637c576f6a41637e2d30325f6f604f4c4944454c4f5f69667b7e636669656c556b727269737b25394a2f383a4d5a5657686e6d6e6c556f69646d61702d39402d38304d525e5f636463785f6967647e78676e273b48273a304d52565f696f6c677a55607d6c666d78556861646c576666676b7e2f3b40273a3a475054576e67707e685f6b646b6f782f334a2f383045505e576666676b7e556a6e67666e273b422d38324552545f6e7a6b65576e65787e6225334a2f3a304f505e557a676e7b6f656c576f6e6c71657e5f63646967722d39422d383a45585c557b686b6c6f78557c677a7c7f706d5f646566253942253a384f5a5c55746d727e75726d556b6f6778786f797b6b6d66556078746b2f31422f32304d505e5d7c6f787c7f78655f6b656570786d797963676c5d7a6d766b253b4827323a45585c577e67707e757a6f556669647e6d725569646379677670677a6b6b253b4827323a45585c577e67707e757a6f556d697a786772556b666b67785d766755676c676d2f31422f32304d505e5d7b58474a2f3942253a3a474559576f666f65676c7c556b66646d725d75636e742d3b48273a3a4f4d5955666267557a65646c6f7855656b72656b722d334a2f3030454553577b7e63666e617a6e5564657a637e617e617c6f792d31402d383247455b5576657274757a6d55646465617c2f3942253a3a474559577e6f727c77706d5564646f697e5d6c636e65697a2f314a2f3238454f535f7c6f70747f7a6f5562696e64576c6e67617c2f31422f3230474d595d7c6f787c7f78655f606b6466556e66656b7c5d6e61646769722d39402538304f4d5b55746d78746d725561727a6b715f656a606f697c27314a2f3038574d48454c55636f6467785d6a7f666e6f785f66646569742f3b482f383855474a4d4e5763676772726f73736d6c55766d72747d786f5f617b7e6b25394a2f383a5f47404f465d6b6f657a70657973656c577e67707e757a6f5565746b2f3b422f3a3a5d4f4a454e57696d65707a6f71736f645f7c6d72767d7865576f7e63312d394a2538385d4f484f4e5d6b656f78726d7971656e5f746d707e777a6f5f7b397e63253b482d323a5f4f484d445d616767727a657b796764557465707c7f706d55733b7e695f737a6d6a25394a2f383a5f47404f465d6c656a7f655f78656e6c6d78677a5569666c6525334a2f3a305d4d484d465766676a7f655773606b66657873253b4a2f30385d454a4d465f646d7a7c68557c6f727e7d70672d39402d32385d47424d4c5f6c7a6b755768756e6c6f72732d394a2538385d4f484f4e5d6465716d5f6b656c746f78742d3b48273a3a574d484d4c5f657f647463576e786b7f27314a2f3038574d48454c55706f64716d6d66556d676e6f31362e6d645f6235323c6c3b613a3c6b3a3f316a3e3a656b64383c3e33636c3e613f683f633638326a386b6c3f3f3b3e24756f66743549667e676c2f32304166692c2e7d67647837496e7c6f642538384378637b27303845726d6e4f4627323a456e6f6164672e69636c373b&jb=39393e2c64733f456578616c646b27324c352e382d3832205231392f3942253a3a4469647d722f38387a3a3e55343c292d3832417a706c6d5f6f604363742d384c35333f243b362f3a3a224140564f442f304b253a3a6e696165253a384d676b616f212f3830436078676d6f2d384c3b3b322c38243226302d3832536b66617a612f304e3f333f243936
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

Strict-Transport-Security
max-age=31536000
Keep-Alive
timeout=2, max=99
Date
Mon, 11 Nov 2024 15:01:49 GMT
Content-Type
text/javascript;charset=UTF-8
Server
Apache
Connection
Keep-Alive
l5RQRhBxtY_gpXQM
w2txo5aab7tohhxw5cemv34epf5zx23e6ieyqzjme6ab51a8800592bcam1.e.aa.online-metrix.net/ Frame BB04 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2txo5aab7tohhxw5cemv34epf5zx23e6ieyqzjme6ab51a8800592bcam1.e.aa.online-metrix.net/l5RQRhBxtY_gpXQM?f91bd34b1928bc20=KSQtj_NNuk6KucpEKZFujI2MPa-jt5CGZCj04x8dYW4JMJv9xu_i978MscwdXIYJ0_QKMz7bCzO2H3KLmPIgaoum7MPxrWcvbBpIA9sUjtv6heWFcS3GLKxxjpLV4sFDhjF97EBchnYRoCa0BTfWVVOZ4QVZw3M-Fcbz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.134.131 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
close
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
81
Date
Mon, 11 Nov 2024 15:01:49 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png
Server
Apache
OYWQ1Dwuxy0MRf2g
imgs.signifyd.com/ Frame BB04 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/OYWQ1Dwuxy0MRf2g?20f4749d710f2885=SRG58MUjXxWvAoUC26hWTu2AxYoSdKjE-_dnWt3pu1d_YTJBj2GYEr8m8Ti05YHLQbtpGN6jWpap35Kagsjra0BwugUwSnkq1dvF3rpB9tja7NFE6dDBJLE-GUOpZB3bUFQLaYFsKR5LatSRXfPc0pc942b88tY9xGK0exVQOMHtgBesemVoE_R9JZLKluQDZBoh9LgN7Gx610cg8dI&jac=1&je=303e2c2c65676660372a3b253a4933253843332d3a49666b3f336e393b39633b6c6a306c6c6e3e6f3b3b303d6f643b356d6832376f6538393d68673a3a333c323337313c6c3e373b6e6932683d3032693b3b6e66303a2b
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

Strict-Transport-Security
max-age=31536000
Keep-Alive
timeout=2, max=98
Date
Mon, 11 Nov 2024 15:01:49 GMT
Content-Type
text/javascript;charset=UTF-8
Server
Apache
Connection
Keep-Alive
unip
trc-events.taboola.com/1691051/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=4757&scd=0&ssd=1&est=1731337305108&ver=36&isls=true&src=i&invt=3000&msa=4680&rv=1&tim=1731337309865&vi=1731337305105&ri=586168cd7f46bc171393d5099f6c1011&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmetics.com%2F&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://www.elfcosmetics.com/

Response headers

access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Mon, 11 Nov 2024 15:01:49 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1691051/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=4757&scd=0&ssd=1&est=1731337305108&ver=36&isls=true&src=i&invt=3000&msa=4680&rv=1&tim=1731337309865&vi=1731337305105&ri=586168cd7f46bc171393d5099f6c1011&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmetics.com%2F&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.elfcosmetics.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Mon, 11 Nov 2024 15:01:49 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
ely-2sC5o3ej70Mu
imgs.signifyd.com/ Frame BB04 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/ely-2sC5o3ej70Mu?1f722be46f9d2931=OV3TcR0jfiddjAuaQ1wV4m7EdthuyWBCykVbBq1kIdWHVIp279TfF1ALPbsEIlBZstv6A1xWLMs4s8SOjmzgQZl0hXGrSeVbfsvIXfTWdnGmYWLEILKdxyt5eFDzHtzQM8h_ghx5BKStiizr6UCu4MBlH6y5PpmCC1gpNa2Joev_Up9ojVy75DA4sZijxSuvYrXCObeHt7KCkL8hX8Q&jf=3c3b3e2c7b6b6657786c6c3d7c6e705f7354704c3c65576b626c6e7b5b62316f2c7b696e576e6b7e6d3f333f39333b333f3932392c73696c577e7b786f3d7f6f683a656b6e7b612c7b636e5563677b3539323d393b3a33333a36303f3a6b3a3e3e386b6f3964303a3a39303c3832386b3034363069673b64383932313a37303b3c3832383a346e3f6c376169333137383f3868323b37326a3a3a39656e6c36366c38386b3f6e676d6e316a3c6e63353f6b39316e6a396f3a3061616d39336d316b32373839376338693f33693b653d3b3b323838683e64683b6c3e3e3e3b316e3b343f383e3d67363d64303b6d6c3b6e3e396d3e6e34313e383b623f38686f323e3632386c672e73616e5d7363673d3b383e36383832383e6e39666e3e69643a39386e6b6a34673d3a363e316e3f36653963376e3a39346a3c3730383e3831693a3f613a386b38333d35363a3f343c363d3a31356e3435383a38323b3b306e686b33303c3e6c386b38326e333a3a37393c633b666b3330373338313c3b6960393c363f3d3d39396d686a6669383d6f693e3b603b6b3a3e62696f32267969667a353a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=97
Date
Mon, 11 Nov 2024 15:01:49 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png;charset=UTF-8
Server
Apache
6F45YwDFzkPKushG
imgs.signifyd.com/ Frame BB04 		0
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/6F45YwDFzkPKushG?85e2e8fa11648882=BXJ37MAxYuyirguy654F-gEvHGhydHPwCDrj6bNUhu8MzU1CZzOZNu29sitCQOSBMN9Q8gnCrYMXwAL3CRFwKJGa18F0s9qca9tzm6vReo5Zsk0pIJP4bh_uw1KOJtGJ6y0E35iuUysQWsQtlC9T2SyaArs&jac=1&je=3e393f2c2e756b6137333f32263b352e3a2e353e243b32263e2e393c382e323d3b2e776f6137323a2630373d243526313833247763363d6e6c6864323b643b3d3062626d3a3230303f3e30383232386e6824786d35646d266861747b7c37273f48253a386665766d662d32382d394b3b2632322d38412d323a7976617e75732d3a38273b4b253a386968617a6d616e6d2d38382f3f4624697f66603d6b6b35623365366d3e32336b69616b3c6c32613f6939393831393c393c34603d69313937313c60346e38646c3c3234383a33306c6f346638396e636e303e3f332e677a3b376139336b3e67303f396530396e323f3d663b6c6e62306c3230376b31323e3e693a606d69316b336a2c67783e3d633f303d363a3838696b6c39323f3e3861396a6c3f6f383b606d6c343f666b3a24756b683d2d3f48273a38617a696269746d697c75786d2f38382d31432d38302d323a2f30432f32326a617e6c6d79732d38382533492f3a322f3a382f384b27303a6870696e6c792732382533492d3f402d3f442d384925323a6c7d6c665e6f7879616d6c4463717c253a3827334b25354a2d3f462d38432d38386d6f6a6364652f3a382f394964636479672d324b2f3032676f646d642f303a2f33492f3832253a382d32492d38387a6463766e657065253a3827334b25323a2d38302d38432d3838706c697e6e6f78655c6f787b6b6d662f303a253b4b27323825323a2d38412d38327f657d36342d383a2539496c6b667b67273f4e247d61643727374825323a6a7863666e732d38382533492f3d422f3d4e2f384b27303a676d6a69646f2732382533496e6b6e7b6f253a492f3232786669746c6778672f3a30273b4b273a322d3830253d44267b606e3f677a6566
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/5UXshPhupyapLJAa?ab676e0f08890f1b=TFuBPEXIln9DNwTdqXlH2JTOj02dFSUj8sxO9XLJV20QUQj0EoXABiB1zZaQ2PkIXNeoiljY8ByZceitqOZPCiwvJbw1QFDD3tUFziBZlsFlhv3rNVw4NqslOPeBKDtSbOpvnqQ_Ch_DetHsWKeVC8V19xnjMZfbZo8NDuP-ovHnCPcTHGMGlwIuymdnoA0F9A7JIv-zwE8J04-L&jb=3d3a2c2c62716d7d374e616e7d72246a796f3d44616477702c6a7b687f3d436078676d6f2e60796835416a7a656f6d253a3a33333a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
0
Keep-Alive
timeout=2, max=96
Date
Mon, 11 Nov 2024 15:01:50 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript
Server
Apache
collect
sgtm.elfcosmetics.com/g/ 		65 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4b70v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13m3m3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101823848~101925629&cid=247771635.1731337305&ecid=668276021&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-NW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=MA&sst.rnd=2124806892.1731337304&sst.etld=google.de&sst.gcsub=region1&sst.adr=1&sst.ude=0&sid=1731337304&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&_s=4&tfd=10289&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c&gtm=45He4b70v896608294za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmetics.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:01:51 GMT
content-type
text/plain
server
Google Frontend
us.svg
www.elfcosmetics.com/mobify/bundle/12647/static/img/flag-icons/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/mobify/bundle/12647/static/img/flag-icons/us.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

x-amz-meta-deploy
920359
content-encoding
gzip
age
236704
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
zknuR1F5zjLh3V5iPFBjbH0d0bhGGVwX0Xlb5c0BA7dp4hy_wSrqQw==
date
Mon, 11 Nov 2024 15:01:46 GMT
content-type
image/svg+xml
x-yottaa-optimizations
ob/1101 si/25D1cc028561-1730834774-9713042040 tts/1731079396337 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 d52f5364539f50d2591f4996970cf25e.cloudfront.net (CloudFront)
x-amz-meta-bundle
12647
x-yottaa-metrics
2521cc028a78/[2,-,1731100260334] 25D1cc028561/[hit]
access-control-allow-origin
*
content-length
676
x-amz-cf-pop
SFO53-P7
bx_suppress
events.bouncex.net/track.gif/ 		42 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bx_suppress?reason=tcf&status=no_consent&uspString=undefined&details=library%20timeout&message=addEventListener%20command%20timeout%20without%20providing%20a%20valid%20consent&regulation=GDPR&websiteid=4142&source=web&agent=user
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.com/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Mon, 11 Nov 2024 15:01:54 GMT
content-type
image/gif
performance_interaction
analytics.tiktok.com/api/v2/ 		0
873 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/performance_interaction
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-2.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-100-41.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Mon, 11 Nov 2024 15:01:55 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=13, inner; dur=9
x-cache
TCP_MISS from a23-51-23-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Mon, 11 Nov 2024 15:01:55 GMT
x-akamai-request-id
d9e1b125.8cb3f45a
access-control-allow-headers
Authorization,*
x-tt-trace-host
01bbb14ff5615a00adc7e08e5a85701af2b984c496d0d36572fb5eda7cbf09ff2d4aa3a787535c94913ff9d92e003d8f77bfa5b2f5cd7d63e411db7b86dd0a479585bf06f8f4bad8de084c7b1f9d26c9fc55de3ae5629f25d9e69fdee78fcbb5cb2185b67cc1dc11a811539bcd5b99a831
x-origin-response-time
13,23.48.100.41
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241111150155419E06F624B892F4B052-73249EA666547BF9-00
content-length
0
x-parent-response-time
99,23.51.23.79
x-tt-logid
20241111150155419E06F624B892F4B052
server
nginx
unip
trc-events.taboola.com/1691051/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=10760&scd=0&ssd=1&est=1731337305108&ver=36&isls=true&src=i&invt=6000&msa=4680&rv=1&tim=1731337315868&vi=1731337305105&ri=586168cd7f46bc171393d5099f6c1011&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmetics.com%2F&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://www.elfcosmetics.com/

Response headers

access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Mon, 11 Nov 2024 15:01:55 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1691051/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=10760&scd=0&ssd=1&est=1731337305108&ver=36&isls=true&src=i&invt=6000&msa=4680&rv=1&tim=1731337315868&vi=1731337305105&ri=586168cd7f46bc171393d5099f6c1011&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmetics.com%2F&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.elfcosmetics.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Mon, 11 Nov 2024 15:01:55 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/
Domain
pixel.pointmediatracker.com
URL
https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=5bbc0383-2b78-47ee-990f-4f751eb784fd&user_id=undefined&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1764431506
Domain
edge.curalate.com
URL
https://edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/experience.min.js

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host string| CRL8_SITENAME object| crl8 object| content object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime function| _ function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive object| DataLayer object| dataLayer function| getDataLayerEvent object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otIsInitialized boolean| otBlockOptOutInitReload function| OptanonWrapper object| DYcustom string| personalizationHash string| AppsFlyerSdkObject function| AF object| DYO object| contextManager object| DYJSON object| DYExps object| OtTrustedType object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData object| DYWork function| $dy object| otIabModule object| DYCS function| getProductNamesEval object| _uxa function| create_UUID function| createCookie number| gtmPageLoadId function| pintrk function| fbq function| _fbq object| _fbq_gtm_ids function| rdt object| __tfa_pixel_init object| _tfa function| onYouTubeIframeAPIReady string| TiktokAnalyticsObject object| ttq object| JebbitObject function| jebbit object| Optanon object| OneTrust boolean| otLastAcceptAllValue object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gaGlobal object| AF_cleanupMethods function| ___rmuid object| ___RMCMPW object| AF_SDK object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs function| redditNormalizeEmail function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM object| _tecq function| cnxtag object| og object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions boolean| OG_OFFERS_TEST_MODE_ENABLE object| OG object| paypalDDL string| PaypalOffersObject function| ppq object| bouncex function| UET function| UET_init function| UET_push object| ueto_896a730dd8 object| uetq object| _inside boolean| _insideLoaded function| _insideJQ function| _insideViewUpdate object| a object| m object| insideFrontInterface object| _insideGraph string| _insideProtocol string| _insideCluster string| _insideGraphUrl string| _insideSocialUrl string| _insideCDN string| _insideCDN2 string| _insideScriptVersion boolean| _insideLive boolean| _insideIsLive object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| recaptcha object| closure_lm_135758 object| tagConfig object| __post_robot_10_0_44__ object| PAYPAL object| cnxDataLayer object| webpackChunksmart_tag object| insideAPI object| insideStreamingCheck object| insideCreditCard string| imageurl string| offerurl object| fbQueue function| fbAsyncInit function| processFbQueue object| bxgraph function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie function| jQuery boolean| usingChatPanev2 object| cti110221 string| prevTabImage string| customImageUrl function| a0_0x3eec function| a0_0x20c7 object| sigScriptLoader object| SIG_SCRIPT_DEBUG object| threatmetrix function| tmx_post_session_params_fixed boolean| tmx_profiling_started function| tmx_run_page_fingerprinting string| td_6n

56 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ANOXeZzuCrlZweoliL_XZEu-9rW5o7I1sXRQkHvTufmG8qHGcDjriZprnD0x7Knnb3bm9TtnL2j3goxcLHeH4RM
www.elfcosmetics.com/ Name: initAuthComplete
Value: true
.elfcosmetics.com/ Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: g%3A3d987e6e-0c2c-5c4b-7cd2-fc9ae7fb332e%7Ce%3A1731339103616%7Cc%3A1731337303616%7Cl%3A1731337303616
.elfcosmetics.com/ Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: g%3A66974ffb-24f5-2d4b-3123-d8e604abadae%7Ce%3Aundefined%7Cc%3A1731337303617%7Cl%3A1731337303617
.elfcosmetics.com/ Name: _dyjsession
Value: kr8roqpib9xhc1jcbvydbqk6eyp1ablz
.elfcosmetics.com/ Name: dy_fs_page
Value: www.elfcosmetics.com
.elfcosmetics.com/ Name: _dy_csc_ses
Value: kr8roqpib9xhc1jcbvydbqk6eyp1ablz
.elfcosmetics.com/ Name: _gcl_au
Value: 1.1.587485049.1731337304
.dynamicyield.com/ Name: DYID
Value: -5219671725872898984
.elfcosmetics.com/ Name: _dycnst
Value: dg
.elfcosmetics.com/ Name: _dyid
Value: -5219671725872898984
.elfcosmetics.com/ Name: _dycst
Value: dk.l.c.ws.fst.
.elfcosmetics.com/ Name: _dy_geo
Value: DE.EU.DE_.DE__
.elfcosmetics.com/ Name: _dy_df_geo
Value: Germany..
.elfcosmetics.com/ Name: _dy_toffset
Value: 0
.elfcosmetics.com/ Name: _dy_soct
Value: 1731337304!1652212.0'1654610.0'1750272.0'2078808.0'2078831.0!kr8roqpib9xhc1jcbvydbqk6eyp1ablz~1248068.0
www.elfcosmetics.com/ Name: FPC
Value: 5bbc0383-2b78-47ee-990f-4f751eb784fd
.elfcosmetics.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Nov+11+2024+16%3A01%3A44+GMT%2B0100+(Mitteleurop%C3%A4ische+Normalzeit)&version=202406.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=116e73d4-fc2c-4b30-89fb-3de281021520&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2CV2STACK42%3A0
.curalate.com/ Name: __cf_bm
Value: X_s18XkYFR6h1idhay6S1a9unhtTbTfvNZQbgPjeqpA-1731337304-1.0.1.1-H2CPzcxGpd5dr3ST9ZONyrl88S77SOhANtR1qVQYIEqUcke_Sgx0Vq5zCrC6fz5VvkfmkYrFzr6dteIHRbLB_A
.elfcosmetics.com/ Name: crl8.fpcuid
Value: 796b67d8-caf6-41a0-85c7-d4cd876edc6c
.youtube.com/ Name: YSC
Value: TTiO5g5ik1Q
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: bYfz5lWSjK4
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgNA%3D%3D
.elfcosmetics.com/ Name: rmStore
Value: dmid:9097
.elfcosmetics.com/ Name: _rdt_uuid
Value: 1731337305103.0ba6c19e-a7d4-4869-a2e8-fa26ddd2f4d7
.elfcosmetics.com/ Name: _fbp
Value: fb.1.1731337305170.333120866256340580
.adnxs.com/ Name: XANDR_PANID
Value: IzuPZoK45oHYocZsqIHWpHUJFvz_54ycUSSajei11XFbccJgkefF1fIbXKqbSQDLzZulZe2DtAScSf_3CK6h_uAFDFxNmlyWXZ07Roo5QMo.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5522305582497717655
.tiktok.com/ Name: _ttp
Value: 2oi0tlmx9FwqceWP9ZEUwyjxSYC
.elfcosmetics.com/ Name: _uetsid
Value: de2bf8c0a03d11ef99a8fb9d029cece2
.elfcosmetics.com/ Name: _uetvid
Value: de2c05c0a03d11ef8ef87b25f3b0971e
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GVPo.TeD!]tbP6j2F-XstGt!@DmA$t!DB
.bing.com/ Name: MUID
Value: 0AE3D7C5334A6B2D2666C2F1324C6A8D
.elfcosmetics.com/ Name: _tt_enable_cookie
Value: 1
.elfcosmetics.com/ Name: _ttp
Value: RSiuejqX8QD5TOTVsQ1gRYOhNj2
.pinterest.com/ Name: ar_debug
Value: 1
.elfcosmetics.com/ Name: _pin_unauth
Value: dWlkPVpqUmpZelEyWWpBdFlqTmpNUzAwTURrNExUbGpNakl0TXpsbU1HSTROamxpWkdJeQ
.elfcosmetics.com/ Name: inside-eu8
Value: 15803478-adf2ea896af5afe621d62e15f47a6534b7d7f76650ea02aa324aa8bfb617d44c-0-0
.linksynergy.com/ Name: rmuid
Value: 7dc8a52b-3a58-4cc4-b20d-69378813a5f9
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZ3U0x6bVJaNXFQUC9yZGcyZndMa0p3aUYrcVpqUENiaHZVa1R5UmRnYmI3R1hPK0pmYzJQZVpNZGUyWFBYMjhYOVhRcWhjdlpCb2QzT3NRbi9uYWdhcGdZeHRmNjNPVUVPaEY2cXh6WGt2OD0mWUVSQTVZb1lIUERuR2VNTnhnaUd1Zk5tQmFrPQ=="
.elfcosmetics.com/ Name: _scid
Value: fc8a177d-91e4-4bb3-31e1-46236f9062f4
www.elfcosmetics.com/ Name: dwsid
Value: oPpychZjMtpSxb05faQsyVMUg8wPqO8Gku7bbmGsVbvh-7z6EmwqcZV4PjtFlZDkrhKLbNCNENm2KDOyNCaflQ==
www.elfcosmetics.com/ Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92
Value: abkHgYw0sXkHsRw0lGlWYYkKdG
www.elfcosmetics.com/ Name: esw.currency
Value: USD
www.elfcosmetics.com/ Name: sid
Value: ZlvUtZizEoKUJRkgCqKjzJW1JQuBeM9eVA4
www.elfcosmetics.com/ Name: _dyid_server
Value: -5219671725872898984
www.elfcosmetics.com/ Name: esw.InternationalUser
Value: ""
www.elfcosmetics.com/ Name: esw.location
Value: US
www.elfcosmetics.com/ Name: currentLocale
Value: en_US
www.elfcosmetics.com/ Name: esw.sessionid
Value: abkHgYw0sXkHsRw0lGlWYYkKdG
www.elfcosmetics.com/ Name: esw.LanguageIsoCode
Value: en_US
www.elfcosmetics.com/ Name: __cq_dnt
Value: 1
www.elfcosmetics.com/ Name: dw_dnt
Value: 1
imgs.signifyd.com/ Name: thx_guid
Value: dd3b54f6cce396fcea6952fdffe75f4d
imgs.signifyd.com/ Name: tmx_guid
Value: AAy2mBj6R0TLtjzPgNnK_m86bO1DERjuwlGKzO96pVgsIjo9hzv1qirGw-0QkJdOryeaM-WvZAtosGmhblouMu4Be3mRBA

8 Console Messages

Source Level URL
Text
security error URL: https://www.elfcosmetics.com/(Line 430)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/ from frame with URL https://www.elfcosmetics.com/. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.com/(Line 430)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/ from frame with URL https://www.elfcosmetics.com/. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.com/(Line 430)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.aa/ from frame with URL https://www.elfcosmetics.com/. Domains, protocols and ports must match.
network error URL: https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=5bbc0383-2b78-47ee-990f-4f751eb784fd&user_id=undefined&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1764431506
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://idsync.rlcdn.com/458359.gif?partner_uid=7dc8a52b-3a58-4cc4-b20d-69378813a5f9
Message:
Failed to load resource: the server responded with a status of 451 ()
rendering warning URL: https://www.elfcosmetics.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0307E00E4100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://www.elfcosmetics.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A060BF03E4100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://www.elfcosmetics.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0806508E4100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
alb.reddit.com
analytics.tiktok.com
api.ipify.org
assets.bounceexchange.com
async-px.dynamicyield.com
bat.bing.com
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
cdn.taboola.com
cdn8.eu.inside.chat
connect.facebook.net
ct.pinterest.com
edge.curalate.com
elfcosmetics.a.bigcontent.io
events.bouncex.net
external-api.jebbit.com
geolocation.onetrust.com
go.elfcosmetics.com
h.online-metrix.net
h64.online-metrix.net
idsync.rlcdn.com
imgs.signifyd.com
insight.adsrvr.org
js.cnnx.link
js.jebbit.com
pixel-config.reddit.com
pixel.pointmediatracker.com
psb.taboola.com
qoe-1.yottaa.net
rcom.dynamicyield.com
region1.google-analytics.com
s.pinimg.com
sdk.iad-05.braze.com
secure.adnxs.com
sgtm.elfcosmetics.com
st.dynamicyield.com
static.ordergroove.com
t.paypal.com
tag.rmp.rakuten.com
tag.wknd.ai
trc-events.taboola.com
trc.taboola.com
use.fontawesome.com
ut.rd.linksynergy.com
w2txo5aab7tohhxw5cemv34epf5zx23e6ieyqzjme6ab51a8800592bcam1.e.aa.online-metrix.net
websdk.appsflyer.com
www.elfcosmetics.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.redditstatic.com
www.youtube.com
www8.eu.inside.chat
cdn-fsly.yottaa.net
edge.curalate.com
pixel.pointmediatracker.com
104.18.11.236
104.18.38.107
104.18.8.17
104.18.9.17
104.26.13.205
104.96.154.123
13.35.58.129
141.226.228.48
142.250.184.200
142.250.185.99
151.101.1.140
151.101.1.21
151.101.1.44
151.101.129.140
151.101.65.44
151.101.66.133
157.240.253.1
172.217.16.196
172.64.145.183
172.64.155.35
18.245.60.28
18.66.122.117
192.229.221.25
2.16.96.190
2.21.20.2
2001:4860:4802:34::36
204.2.133.97
216.58.206.34
2600:9000:206f:b600:a:7914:b00:93a1
2600:9000:21f3:200:11:85b0:d600:93a1
2600:9000:2250:8c00:15:ad21:c740:93a1
2600:9000:2644:8600:1c:df99:ffc0:93a1
2600:9000:275d:5000:a:b89d:a6c0:93a1
2606:4700:3037::ac43:8ef5
2606:4700:4400::6812:20dd
2606:4700:4400::ac40:9994
2606:4700:4400::ac40:9b77
2606:4700::6812:572a
2606:4700::6812:911
2620:1ec:33:3::10
2620:f3:0:14:b401:8ee8:4321:ad82
2a00:1450:4001:806::200e
2a00:1450:4001:830::2008
2a02:26f0:3500:89b::1931
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::396
3.211.184.98
3.33.220.150
34.102.147.248
34.111.8.32
34.120.253.250
34.49.124.132
34.98.67.3
34.98.72.95
35.158.29.246
35.244.174.68
37.252.171.21
91.235.132.130
91.235.133.113
91.235.134.131
99.83.184.193
00f3ca21795a2054d69c5430519db2561d3b034af3a41dd113d49f43a1125ff4
02c458ae1d9727ae1882982bb0a9791a2782caa000c0a6b40812eef973b535d4
0525626e975fb6561640f3e8a4e1a8cd0cc7fd9ac389c319cc9776bffa105b34
064a1c99701eb18846c77782c2c146e2dc28471ab9305e802cbffbf280cc8f44
0745bb9b867a058bbc7c07277d21fb7e6a74375238097db61eb0a2711cc9791a
08e5f2fdc1f7a9d0de8db23174e037c1510a852b514811807b4e3f89307486d5
0991113e504350f6ede400492439ac05b18c62ee792f3b1d74eadff63c06006e
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925
0c22692fd69ca82d18566270bcbf1bd4c8b2f53fcc163cbd2dbffd6dfd0f8c5e
0c28a3b893740df4c1372e6321ce52981e0f77543c6fc8384af2deab941773c2
0c31c5763c861ee609a829be7d2e2bd13d9534b0c2c18096b52e981495df9dd9
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
16c9b20cc559c1c9146dcd9c4915775b66d6728e4bba2714f3bfbe45218402d3
174f4240edf8e867badf2f21c2555a35aa1e8fd1b9ef693d02cf920e8c2a96a6
17b3c384ec1b5ed6df85a810d4ae90a3b58461a35b415a9d20daa2a9bedf20d3
183ae143a7f66c133f3948bdf61a0a9f97eb326be7de5947c1f19b93f3b9db24
190c6575130c9f415bb48543b83643f1597a759614ee7b3b4b008e2bb2556da0
19576a00ececd1add5cecaa486d9f1f224597e55442a826c77d6ad17f8c11e07
1e3e46bfe2e437ec88b337c4893c591c726abfaafe957984466738e317ec5478
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
1fa8fc66d59a869f99eabaa163a55ed1c01c1259b805d739d3bb79e7a60f8e87
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
211712b7c1d41d38ce53d0e4f6523bb2fc6b57ce6ff83bc021542c7edffd6e6d
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
21d06125019344e2222ffeaf89f03c0978d7e9ef39399804b1a746d8e782e235
226049a96ceaa190e0dd45980c8fba9367127b7c2b19b635ee30bb7f4fa17e52
2436b6965ffae2c5d5dfac98e20fe71cf7b58e0641cdd407c32efda5aba8f457
25e01968137675b5d89773ef5575463c864d91805d5457031d80be7e8f17bd7d
28c4d0116e5af5e8d0abc39954fbc8a89bdc47e8e571330312b49f7b6bef75eb
290f9c6084b46b94850626f1dbe6df20c7a805bed18c5aad6360bcc4da3bfae6
2ec6c83ec1824898d15400462916551bf6761d2772bc3baec5b8fba523e03eb7
2fbcc29862c624620c1c135bfcbecc998b0978e655bd627bc3b8d3ae198f1765
2ff8813cef2b81266148e34b36cac1269a47d0e1f79bb9d7ec8c4c36fb17f657
30dab470a6ed89ca63d66367f62b3cc40b999c8852301c61f69fcd9892d530b4
31baf12ea3c0a1badca40fc2dee6d533d0cc30e6e798c3b6374e5279221f8420
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
34fe096b450602f45d9d5fc8776bc0bfb94b00c1d0527c5134f53cca3fa2befc
359722b660d0b4a5afb34561728a3918b96bdccf3a3cddc4291ee4cd15f65c3f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c1d43310803248bd6897349526592a20346276eb795b4e460052552829a9675
3fa7ded4aa8a4a3c65e534e33fe4acbc016443a1a58749fcf02f5dc2f60a011f
40780f31a9399252b5f948ced83fc2a4e79cde535e3ebb8e001b911a71729bdd
45a2e6c1e41df41dff8f422299d8d7afa9c0aa58d6663a3a57fa4024aa56fb93
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
488ba59de5ad368ce4b213719fb98467cb066affb1f885c12cec7f5bda16944a
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d8a4af48b936e1cc8243afdf8ecfbc76383b229ba9c9cb06d31be07e65bca8c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4ff0f02dd7d36d7a731923f52f01cf89d31c696618db36cfdf8085a5ad2e077a
54467f6ebdfd19a4e4046c1d250829b5da30764562ac841701850023c4bfd0a0
546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52
56aea4e78cf1538541603e3c8f14b15dfc9bfee27cadb946f8b3017ebe8abe3b
596a5f66de9abe6b62ac06d26d7459e293483bb940f66d3ade9e76db63138dc9
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
5b1ae1f3f317733df18447e7d06ca45740a82065056ae0ac3f8cd343dd0cbcae
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5c09c3af45168a88e439e23588e09c8d73c8de5ca11221ed3e6db5009e490f78
5ea801af4ef0b78763ef9d2798cbdb170f0d0f0f1778772886a1bcb40aa925e2
5ee3a192e4b1670dc7a493f5c64e3bac1dafdafe799182bc8a638367f4948f76
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
61cd5235c705defcd6ed8d137d31147e78278e41541d707a9c3cfa1e28763ca4
65269af2d960301de9becf9bd209ab5adb0323e3a898a64739f8e7ab0aa57eea
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69beb39687e8656561a843b13137c292498648b7f1ae665214eb292527cd436b
6ada904b348f3aec8423f2b8a1335f55aa68d2d8d636da40fb02a2ac7cd4b193
6b9bb2efbf915c3e24da70b76001ebcd9fd1a0d0f7b010d140492b75b2d34cc4
6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6
6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
6eb2a6022673c222415a30385c0768cdb2491a4d3036be801de5aeb21cb51597
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
7111d26e462934e0c78dffd8cea37a0150da548c49213c275bd48ab03ea819d2
72d3c7600e0d4e8aede9f364c6e7071a4c372fb59a5bdf28ceff84a090c4938d
72ff5a1f7f8d2a84d8976552d8a42bb69c9ff70656b0c902af9c57902de5b3c5
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
77b94e31b5ef79ae3fd451d350501ec8382f0fbeb9772adb46db4816175936d3
7890d1308d3c7835cb61d98064d10f7746601ce59d10d2d985613052eb564f5d
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7a506503adb523ec7fd71e1cd5b953922dea386950cf0ea6355d1037bd7c6d1c
7b6f4d3d5ef91a8dbc8cb7ab2ecca6c200c7520cb8bfcf88ac1fed6ea2f704d9
7cf38117a6b01a896f53d8ef2be6ee1c9ef86dce3fde76c16f37d357ad3817e8
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
7e4f943e0e0434bdd25e3f8bb0d938a6b52b749748319fc3ece23cd91c665eec
7f5996c22fc09bf3ef02e07473b5677fe8fcc436caffacd309cb9ce46224a9e4
838d6cdaa106f1e306e8ea83aebf6b21416140e090fa63f045ec02f1c1b9f623
8693c77187b09e84e1ed7560699662eb076c8f81df8c41c95e37df5300c97462
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df9e9875419d2c0d1bc8af23e63949a7e20b1ff5cd2f57c7958fc65a7be8b56
9006add35654719da9eba69404344dcee6ceff9d909796d9ca5f333dbb225a29
9036cf262606d52ef3163812a2d6c33f41e4e379006c7519f2784b28e22f03fe
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
94d8cfd31a822427f2192decb01f00a6f6d28be99c1a41b6c03d372c6df2274f
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
95ddc8d0849cd63f016bf6e739fef30f0fcbefa98f2232c2b455eba966bf1b79
96f710d5e2d5eeedf23b684873c8eb8929df1292cbd0627a1a937d2226c20522
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9bd5e06df832715784ae82949770417a52bedeb065667880c3dd0c9de69b18b6
9c4820ec2216ac89831cff9b45b95706b7fe618a48b2594675e017065a056667
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
a159ed2d66ea53c973024bd4672601417cbf8f31f4c70fdd30f7b7259965d879
a1758030f8b1d8e6181269be414212eb170de414123d5701ad34d6ca9834d9c2
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a3aefad8320bb991de8eafa41f44a90e72ab74e7c6d485120e9a3b3fd32495b2
a715320eb9ed7f814640a36c4ed56bd7912b4bafc599f84b681f107ddb649cd2
a782aaec748517fc03f175d15c0cbab70a76dc04d0832ae9f05cbb00fd4b3df0
a8b68b46f44aac34f59d2926e8db6bdae4bc3b7fe3aad60948e97f428b087531
aa565ae5b2d1b4a92a4a32119799e49f726a3596f5a81400ddcea8df8bb6c232
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ab729c30cf1f421e9f8d2f9d8a6f5981fc906e90da32d5a46c7cbbf251fe8af3
afba1772b30b03d23c507a9f745a3e82914cf7762ea17668cc1289ed84ef0f1e
b02a020f88f0cd42fad80078f958d9a87a2f83cee756d5fb426a40bc9823da92
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22
b27c6c4bfdd785ac0a86aa41d64ea5e6a2492258250deaa91ec4aab4723b714f
b50038ad6b0d87bfbfaa940f269aff36d438741d119d8aaf57fbf97712a5caa3
b644a5111051cef16d858b1930d5a46ba9dd9ec2abf027367bd4629ff31bc64e
b91c2f03f267048a67d950065653efcd117a6fffb313a61481d95188ca34de13
b9d17d0fbe60f4a6a6cd392945d1aaaa19efcf5fb0ae9181f76d0595f65e8445
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf055e03c860dd88d9d4017203050548dc930d6b78749b07320c9b08f3625071
bf500a4c158d24ba238d521a5fa775e693d03c507fa3f882bffbbeaf9fedeb64
c31826b9b61e051e0f0c582d9963e9f7835ec7249ed88cc651ce10b349496b8c
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdb5eab6da71d47766901499045fc4ba0134ac5e82580732b6c9e4db99cfb134
ce96a5e072a92643e09a6f22a824855c7abde5c2b8490f8aeee98e66c6bfcf79
d5267085b5489f178aae1444e1367dbca2debc7c061d5ddd803a16711a19c93b
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
daae00cdc537a324a902275e68556509bb363e0e4937073a98bf996bc99322cd
dcbe3223f3a05100b63f00ab4b3e9216a9f7ded14f5af3565daf812a8b0a6377
dd2d83db930d4156a701b5cccf16b237cfda61899513e46b0648730461bc1d4f
e1acc1403e61b9d772305b491744696b75a263a7f5c504d0ba1187e69f387b46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7
e510525512914182f11c0b1928d19bf4623a2cbd897694b007e0e31a93b7a605
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
e993a85e0bae0f02cdd64d447ab767fd02f05ef76d88658eace6e4590450cd2b
e99c41ccc991762cbfe42d0bdaf4798746eeec5c3aceaadfac1ba324904d8b45
ea90e8ff68723033451384af6790ce5b0c1c404d12b68db0625cdcdb06993e43
eaa2bab00e01cbdc0c926559c2803b90e56e7429235eef87cdbbc75e749c67e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f64d0203e17daf26941e5e62d90cc35490891d30caf349fd8ac399971a9b3426
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6
fc241faad0fa1d1bc2aa76bac73dd92d2b641e813e2258a9fee2c5b6cfa14af4
fc3baad02d19012fe8be2129d8b8e582c3d3733b3efe604be0079f4ffe7f6240
fc55425b0c93f793ce803a10a20cb49b844a82f847c0c3d09dccd0c5c8333a00
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a