URL: https://elfcosmetics.youshp.com/
Submission: On August 15 via api from US — Scanned from NL

Summary

This website contacted 36 IPs in 4 countries across 27 domains to perform 113 HTTP transactions. The main IP is 188.114.97.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is elfcosmetics.youshp.com.
TLS certificate: Issued by E5 on July 5th 2024. Valid for: 3 months.
This is the only time elfcosmetics.youshp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 188.114.97.9 13335 (CLOUDFLAR...)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
3 151.101.2.133 54113 (FASTLY)
22 2a02:26f0:310... 20940 (AKAMAI-ASN1)
6 35.194.25.57 396982 (GOOGLE-CL...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:275... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 104.26.12.205 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 216.58.206.36 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
2 4 185.89.210.46 29990 (ASN-APPNEX)
2 15.197.193.217 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
8 13.35.58.72 16509 (AMAZON-02)
1 204.2.133.135 393259 (YOTTAA-AS-1)
1 172.64.147.250 13335 (CLOUDFLAR...)
1 34.102.147.248 396982 (GOOGLE-CL...)
4 151.101.1.21 54113 (FASTLY)
1 23.197.142.200 16625 (AKAMAI-AS)
1 18.245.60.88 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.1.44 54113 (FASTLY)
1 18.244.18.53 16509 (AMAZON-02)
1 216.58.212.136 15169 (GOOGLE)
4 8 142.250.184.226 15169 (GOOGLE)
3 34.49.124.132 396982 (GOOGLE-CL...)
1 2a04:4e42:400... 54113 (FASTLY)
1 151.101.129.44 54113 (FASTLY)
1 151.101.129.21 54113 (FASTLY)
2 34.98.67.3 396982 (GOOGLE-CL...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 151.101.3.1 54113 (FASTLY)
2 2 35.244.174.68 15169 (GOOGLE)
4 141.226.228.48 200478 (TABOOLA-AS)
113 36
Apex Domain
Subdomains
Transfer
24 amplience.net
cdn.c1.amplience.net — Cisco Umbrella Rank: 43861
cdn.media.amplience.net — Cisco Umbrella Rank: 17159
694 KB
12 dynamicyield.com
cdn.dynamicyield.com — Cisco Umbrella Rank: 11274
st.dynamicyield.com — Cisco Umbrella Rank: 10445
async-px.dynamicyield.com — Cisco Umbrella Rank: 10756
262 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
287 KB
8 googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 370
2 KB
8 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1198
trc.taboola.com — Cisco Umbrella Rank: 1123
psb.taboola.com — Cisco Umbrella Rank: 9372
trc-events.taboola.com — Cisco Umbrella Rank: 3272
26 KB
6 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3677
t.paypal.com — Cisco Umbrella Rank: 4582
126 KB
6 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 3003
1 KB
6 adeptmind.ai
api.retail.adeptmind.ai
2 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
471 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
4 KB
4 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 35589 Failed
qoe-1.yottaa.net — Cisco Umbrella Rank: 13943
1 MB
3 elfcosmetics.com
sgtm.elfcosmetics.com — Cisco Umbrella Rank: 360708
552 B
3 youshp.com
elfcosmetics.youshp.com
250 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 689
836 B
2 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 12290
tags.rd.linksynergy.com — Cisco Umbrella Rank: 8300
699 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
13 KB
2 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 1486
297 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2512
249 B
1 cnnx.link
js.cnnx.link — Cisco Umbrella Rank: 13109
1 KB
1 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 4388
81 KB
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 7603
15 KB
1 ordergroove.com
static.ordergroove.com — Cisco Umbrella Rank: 42859
43 KB
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 9936
15 KB
1 curalate.com
edge.curalate.com — Cisco Umbrella Rank: 11817
20 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
65 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
24 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
304 B
113 27
Domain Requested by
22 cdn.media.amplience.net elfcosmetics.youshp.com
12 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
elfcosmetics.youshp.com
8 ade.googlesyndication.com 4 redirects
8 async-px.dynamicyield.com cdn.dynamicyield.com
6 sdk.iad-05.braze.com cdn-fsly.yottaa.net
6 api.retail.adeptmind.ai cdn-fsly.yottaa.net
5 www.paypal.com elfcosmetics.youshp.com
www.paypal.com
5 www.googletagmanager.com elfcosmetics.youshp.com
4 trc-events.taboola.com cdn.taboola.com
4 secure.adnxs.com 2 redirects elfcosmetics.youshp.com
3 sgtm.elfcosmetics.com www.googletagmanager.com
3 cdn.dynamicyield.com elfcosmetics.youshp.com
3 cdn-fsly.yottaa.net elfcosmetics.youshp.com
3 elfcosmetics.youshp.com cdn-fsly.yottaa.net
2 idsync.rlcdn.com 2 redirects
2 trc.taboola.com cdn.taboola.com
2 www.youtube.com elfcosmetics.youshp.com
2 insight.adsrvr.org elfcosmetics.youshp.com
2 api.ipify.org cdn-fsly.yottaa.net
2 cdn.c1.amplience.net elfcosmetics.youshp.com
1 tags.rd.linksynergy.com
1 t.paypal.com
1 js.cnnx.link elfcosmetics.youshp.com
1 ut.rd.linksynergy.com elfcosmetics.youshp.com
1 psb.taboola.com cdn.taboola.com
1 t.contentsquare.net elfcosmetics.youshp.com
1 cdn.taboola.com elfcosmetics.youshp.com
1 websdk.appsflyer.com elfcosmetics.youshp.com
1 static.ordergroove.com elfcosmetics.youshp.com
1 tag.rmp.rakuten.com elfcosmetics.youshp.com
1 edge.curalate.com elfcosmetics.youshp.com
1 qoe-1.yottaa.net elfcosmetics.youshp.com
1 st.dynamicyield.com elfcosmetics.youshp.com
1 googleads.g.doubleclick.net elfcosmetics.youshp.com
1 www.google.com 1 redirects
1 geolocation.onetrust.com cdn.cookielaw.org
113 36
Subject Issuer Validity Valid
youshp.com
E5
2024-07-05 -
2024-10-03
3 months crt.sh
c1.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-06 -
2024-10-23
a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018
2023-09-13 -
2024-10-14
a year crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-05 -
2025-08-14
a year crt.sh
api.retail.adeptmind.ai
R11
2024-07-29 -
2024-10-27
3 months crt.sh
cookielaw.org
WE1
2024-08-13 -
2024-11-11
3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M02
2023-09-03 -
2024-10-01
a year crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
ipify.org
WE1
2024-07-18 -
2024-10-16
3 months crt.sh
sdk.iad-05.braze.com
WE1
2024-08-15 -
2024-11-13
3 months crt.sh
geolocation.onetrust.com
WE1
2024-08-13 -
2024-11-11
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
edge.curalate.com
WE1
2024-07-25 -
2024-10-23
3 months crt.sh
tag.rmp.rakuten.com
WR3
2024-07-28 -
2024-10-26
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2024-02-08 -
2025-02-08
a year crt.sh
*.ordergroove.com
Go Daddy Secure Certificate Authority - G2
2024-08-09 -
2025-08-20
a year crt.sh
*.appsflyer.com
Amazon RSA 2048 M03
2024-02-04 -
2025-03-03
a year crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-30 -
2024-12-31
5 months crt.sh
t.contentsquare.net
Amazon RSA 2048 M03
2024-08-13 -
2025-09-10
a year crt.sh
sgtm.elfcosmetics.com
WR3
2024-07-09 -
2024-10-07
3 months crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA
2024-01-23 -
2025-01-22
a year crt.sh
js.cnnx.link
Amazon RSA 2048 M02
2024-06-09 -
2025-07-08
a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2024-06-21 -
2025-06-20
a year crt.sh

This page contains 2 frames:

Primary Page: https://elfcosmetics.youshp.com/
Frame ID: F313BDA66E38F8C198050BE2F72E0F83
Requests: 105 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.9&integrationType=SDK
Frame ID: 7A107149096C87819DA3FFBB738DF1FA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

e.l.f. Cosmetics: Affordable Makeup & Skincare | Clean Beauty Products | e.l.f. Cosmetics

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com

Page Statistics

113
Requests

91 %
HTTPS

30 %
IPv6

27
Domains

36
Subdomains

36
IPs

4
Countries

3464 kB
Transfer

11821 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=193100725.1723758333&url=https%3A%2F%2Felfcosmetics.youshp.com%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0n81WL3STMXv896608294za200&auid=888300928.1723758333&apve=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=193100725.1723758333&url=https%3A%2F%2Felfcosmetics.youshp.com%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0n81WL3STMXv896608294za200&auid=888300928.1723758333&apve=0
Request Chain 43
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Request Chain 45
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Request Chain 89
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=8896310968607;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKzz3Jn894cDFWLmOwIdXGILFQ;type=conte0;cat=homep0;ord=8896310968607;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com
Request Chain 91
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=1562015735237;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJH93Jn894cDFTnxOwIdwBIuPA;type=elf8j0;cat=glo_flhp;ord=1562015735237;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com
Request Chain 92
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=238707979440;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMT33Jn894cDFQjLOwIdgQoUsg;type=elf8j0;cat=glo_flap;ord=238707979440;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com
Request Chain 99
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=590141625701;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CPGU45n894cDFYHIOwIdXBA6pA;type=retarget;cat=globa0;ord=590141625701;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com
Request Chain 108
  • https://idsync.rlcdn.com/458359.gif?partner_uid=546a0854-b8b1-4dd5-8784-63e050f506f0 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDU0NmEwODU0LWI4YjEtNGRkNS04Nzg0LTYzZTA1MGY1MDZmMBAAGg0IgO75tQYSBQjoBxAAQgBKAA HTTP 307
  • https://tags.rd.linksynergy.com/cs?ns=lr&uid3=840a1293363a0ccc25cda35d9ed55c2fb9f091ac32d697e5cbf6554cc1efb02c6ac34734d8e453ee

113 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
elfcosmetics.youshp.com/
1 MB
245 KB
Document
General
Full URL
https://elfcosmetics.youshp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e85dd5e8cbaff106682392864d2e5b44bd52c62e02c07997badbcc29dceed8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
age
769, 769
alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8b3c5f3c3b369760-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 15 Aug 2024 21:45:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5%2BLvb6M6typ6NomlkwglLk28SHmBr6ETvipJBq3hQCFOhN2L3oxDvhAnUb9LxncpadEbXGizj9joBJKiej5O%2FBDZ5QZOFitONNVQ9i0kk3ifiE%2FUH8dP%2FaHWSG73sUPyh2HIbkA6k0y%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
x-amz-apigw-id
ckcO8HSmiYcEUoQ=
x-amz-cf-id
tb6IdIR2ELKC1q-9vMn9Pmoc2BMndiF4_7_RU_pTrtBleXoPQXeLng==
x-amz-cf-pop
FRA60-P6
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
1060114
x-amzn-remapped-date
Thu, 15 Aug 2024 21:32:42 GMT
x-amzn-requestid
b614a642-292a-425e-8cfb-107d99cdd141
x-amzn-trace-id
Root=1-66be73f8-7676ae3f3e2b223a251ff937;Parent=358463aaccc12b10;Sampled=0;lineage=2b75b0e9:0
x-cache
Hit from cloudfront
x-yottaa-metrics
36218cae0e45/[84,26,-] 36D18cae0e9c/[-,134.871]
x-yottaa-optimizations
ob/1000000100001000 si/36D18cae0e9c-1723581323-8023768938 tts/1722866558018 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-yottaa-os
200
/
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/
0
0

truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin
https://elfcosmetics.youshp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin
https://elfcosmetics.youshp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
locale-link-rewriter-0.0.2-min
cdn.c1.amplience.net/c/elfcosmetics/
553 B
679 B
Script
General
Full URL
https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.2-min
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2ae8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Aug 2024 21:45:31 GMT
cache-control
max-age=120, s-maxage=1800
accept-ranges
bytes
content-length
553
x-amp-srv
A
content-type
application/javascript; charset=utf-8
custom-slider-0.0.15.min
cdn.c1.amplience.net/c/elfcosmetics/
2 KB
2 KB
Script
General
Full URL
https://cdn.c1.amplience.net/c/elfcosmetics/custom-slider-0.0.15.min
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2ae8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f67eeb979f5676dccb2ec5eefcd365c69b9e03235b65c42397206264b9887c07

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Aug 2024 21:45:31 GMT
cache-control
max-age=120, s-maxage=1800
accept-ranges
bytes
content-length
1626
x-amp-srv
A
content-type
application/javascript; charset=utf-8
vendor.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/
2 MB
627 KB
Script
General
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/vendor.js?yocs=1u_1y_
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1c837b83e593f154428f1615709ad1146a51818f6973ad5ea0d24c2bb619670

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
701362
x-yottaa-optimizations
ob/1100 si/36118cae0e20-1721912066-206936915 tts/1722866558018 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Miss from cloudfront, HIT
x-amz-meta-deploy
829240
content-length
641170
x-amz-meta-bundle
11800
x-served-by
cache-mad22037-MAD
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1723758332.518945,VS0,VE1
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e3a/[14,-,1723056954869] 36118cae0e20/[-,146.023]
accept-ranges
bytes
x-amz-cf-id
qbfSAMOCHVsNs9Td7b24vjRf6YGxiyeMrvgX_7buy0ojGA-S4WLZ3Q==
x-cache-hits
0
main.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/
2 MB
501 KB
Script
General
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/main.js?yocs=1u_1y_
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a2e8fd4b96e51ccf6f83def36ea3fa300ffe936f638750d97246bb86fed479e

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
701362
x-yottaa-optimizations
ob/1100 si/36118cae0e20-1721912066-206936916 tts/1722866558018 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Miss from cloudfront, HIT
x-amz-meta-deploy
829240
content-length
512339
x-amz-meta-bundle
11800
x-served-by
cache-mad22037-MAD
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1723758332.519076,VS0,VE1
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e3b/[12,-,1723056954725] 36118cae0e20/[-,108.114]
accept-ranges
bytes
x-amz-cf-id
0sr73l8wQyxCPskGYSpL0nSQu9OFUSXXmrVUoBvwPSY_9jxmTlonEA==
x-cache-hits
0
pages-home.js
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/
5 KB
3 KB
Script
General
Full URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/pages-home.js?yocs=1u_1y_
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f29d83871737b8ceaf904ae1b3f0260b7fb03b1440a7a1db79642341ee0e2dc6

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
via
1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P6
age
275239
x-yottaa-optimizations
ob/1001 si/36118cae0e25-1721912200-1360353669 tts/1722866558018 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
829240
content-length
2336
x-amz-meta-bundle
11800
x-served-by
cache-mad22037-MAD
x-yottaa-forcecache
true, true
server
AmazonS3
x-timer
S1723758332.519096,VS0,VE1
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e42/[6,4,-] 36118cae0e25/[hit]
accept-ranges
bytes
x-amz-cf-id
2cWwJBMXYr9u4VVtqWPbXxdp9wv0n6OOWmFuUW_mkMNtLNFcDfIPFA==
x-cache-hits
0
brow-hptile-2024-8-BROW-1_D-min
cdn.media.amplience.net/i/elfcosmetics/
33 KB
33 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-BROW-1_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
642aa08533dc7f32ef9896e5821ae4242ab95c2207cd00e3abda3e970ed4445a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
8EoYOh3SJ,l4p5bDg2e,SxhsDDupx,WepA0szpz
x-req-id
v118pi9uh-
content-length
33753
x-xss-protection
1; mode=block
x-amp-source-height
600
server
Unknown
x-frame-options
DENY
x-amp-source-width
600
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 22 Jul 2024 23:15:46 GMT
brow-hptile-2024-8-BROW-2_D-min
cdn.media.amplience.net/i/elfcosmetics/
32 KB
32 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-BROW-2_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
012b819ae53cc859729637d2c15446173fa9b03c8a57ea966747af7425811543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
Dd4tPSwI8,l4p5bDg2e,tOCsxWvlA,WepA0szpz
x-req-id
fuO4kKLIhK
content-length
32775
x-xss-protection
1; mode=block
x-amp-source-height
600
server
Unknown
x-frame-options
DENY
x-amp-source-width
600
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 22 Jul 2024 23:15:46 GMT
brow-hptile-2024-8-BROW-3_D-min
cdn.media.amplience.net/i/elfcosmetics/
57 KB
57 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-BROW-3_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
0a9360d8a44d5336ae9d5214ac782d87ea70003204670cba410aa423aa26995f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
ldiEchviA,l4p5bDg2e,CzRXp4kUd,WepA0szpz
x-req-id
mCT8qeMR-J
content-length
57905
x-xss-protection
1; mode=block
x-amp-source-height
600
server
Unknown
x-frame-options
DENY
x-amp-source-width
600
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 22 Jul 2024 23:15:46 GMT
brow-hptile-2024-8-BROW-4_D-min
cdn.media.amplience.net/i/elfcosmetics/
24 KB
24 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-BROW-4_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
1e4653c9fbd5057570ffba66cdbc74c8956f77b964e633583cb28a6ff78cf0d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
_0om42c7b,l4p5bDg2e,tcB4zWIYA,WepA0szpz
x-req-id
fGsj5xATtg
content-length
24620
x-xss-protection
1; mode=block
x-amp-source-height
600
server
Unknown
x-frame-options
DENY
x-amp-source-width
600
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 22 Jul 2024 23:15:46 GMT
project-tas-2024-8-image-1_D-min
cdn.media.amplience.net/i/elfcosmetics/
22 KB
22 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-tas-2024-8-image-1_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
db9aab0c8a9a3aea7b6737acf13f8dfdc717c07f22928e993dc6a6784956b6ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
eAr54yIl9,l4p5bDg2e,7FuDG0H5k,WepA0szpz
x-req-id
bZI5ErzWZH
content-length
22490
x-xss-protection
1; mode=block
x-amp-source-height
1080
server
Unknown
x-frame-options
DENY
x-amp-source-width
1530
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 01 Aug 2024 22:18:05 GMT
project-tas-2024-8-image-2_D-min
cdn.media.amplience.net/i/elfcosmetics/
50 KB
50 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-tas-2024-8-image-2_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
556fda1442315041a8569fd61ed333b180e317c7fba97e9c5932aaec27e88f7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
UL-QSsD7x,l4p5bDg2e,YuqruAKhz,WepA0szpz
x-req-id
cb6TB4tfvN
content-length
51008
x-xss-protection
1; mode=block
x-amp-source-height
1080
server
Unknown
x-frame-options
DENY
x-amp-source-width
1530
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 01 Aug 2024 22:18:05 GMT
project-tas-2024-8-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/
39 KB
39 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-tas-2024-8-image-3_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
d85881db163df67fb513101954f3c9cc74647fcc916df672f710deb08566b218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
f3EI1DygQ,l4p5bDg2e,4ljYkjpuo,WepA0szpz
x-req-id
YsEWPhc6W8
content-length
39611
x-xss-protection
1; mode=block
x-amp-source-height
1080
server
Unknown
x-frame-options
DENY
x-amp-source-width
1530
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 01 Aug 2024 22:18:05 GMT
project-tas-2024-8-image-4_D-min
cdn.media.amplience.net/i/elfcosmetics/
29 KB
29 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-tas-2024-8-image-4_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
579d4212e7a9f0c0a86f949fc90c566e1002d31adb3e8c01d98ed7360f030274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
sYm7m2zI1,l4p5bDg2e,Zy7j8qNvh,WepA0szpz
x-req-id
YKPeYVqhrY
content-length
29661
x-xss-protection
1; mode=block
x-amp-source-height
1080
server
Unknown
x-frame-options
DENY
x-amp-source-width
1530
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 01 Aug 2024 22:18:05 GMT
project-tas-2024-8-background-B_D_FIXED
cdn.media.amplience.net/i/elfcosmetics/
356 B
673 B
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-tas-2024-8-background-B_D_FIXED?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
d8ce8a4e42c7cd0db6e1360a57901ecb9321edfe4b17205aa6a15f6700f2d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
92rvbCUFa,l4p5bDg2e,BpQp7M7fQ,WepA0szpz
x-req-id
GN4NhJCI3p
content-length
356
x-xss-protection
1; mode=block
x-amp-source-height
1080
server
Unknown
x-frame-options
DENY
x-amp-source-width
1350
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 01 Aug 2024 23:59:15 GMT
project-tas-2024-8-text_D
cdn.media.amplience.net/i/elfcosmetics/
4 KB
4 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-tas-2024-8-text_D?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
16374a463da07df782d25f7c6b8d1407c278bdcd263b42b9ab3a52df223ae524
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
m709fCCsd,l4p5bDg2e,Cn4PC5lrH,WepA0szpz
x-req-id
TI54P3FRel
content-length
3870
x-xss-protection
1; mode=block
x-amp-source-height
140
server
Unknown
x-frame-options
DENY
x-amp-source-width
370
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 01 Aug 2024 22:18:35 GMT
brow-hptile-2024-8-SLIDE-1_D-min
cdn.media.amplience.net/i/elfcosmetics/
50 KB
50 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-1_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-1_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-1_D-min?fmt=auto&w=2460%203x
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
1a661357e39de0a1236fae07b95a701b0aac13192a43cd52650e60e08d2db09d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
5t8f-6slU,l4p5bDg2e,3d9hQhe4B,WepA0szpz
x-req-id
uOyW0AeAb4
content-length
51345
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 07 Aug 2024 22:30:02 GMT
light-purple-background_D-min
cdn.media.amplience.net/i/elfcosmetics/
371 B
687 B
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/light-purple-background_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/light-purple-background_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/light-purple-background_D-min?fmt=auto&w=2460%203x
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
33f0b8b7a0cc7f86ae47dd0f212574a707b14ade79cfbc87fc5f21f234159f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
w1_v9fhP-,l4p5bDg2e,eiptVFGIl,WepA0szpz
x-req-id
u2lICGl27-
content-length
371
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 07 Aug 2024 22:30:02 GMT
brow-hptile-2024-8-HEADLINE_D-min
cdn.media.amplience.net/i/elfcosmetics/
7 KB
7 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-HEADLINE_D-min?fmt=auto&w=332%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-HEADLINE_D-min?fmt=auto&w=664%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-HEADLINE_D-min?fmt=auto&w=996%203x
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
44fe89bbbe6410e6c917c89fb8d8ce49aaa9858beda3a6262d4cebfbbb7e3029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
gw2hNUNkY,l4p5bDg2e,0wxexo1jl,WepA0szpz
x-req-id
M-JD9qhBv_
content-length
7315
x-xss-protection
1; mode=block
x-amp-source-height
227
server
Unknown
x-frame-options
DENY
x-amp-source-width
664
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 07 Aug 2024 22:30:02 GMT
2024-08-15_back-to-school_hp-tile_Hero_D
cdn.media.amplience.net/i/elfcosmetics/
33 KB
34 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/2024-08-15_back-to-school_hp-tile_Hero_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-08-15_back-to-school_hp-tile_Hero_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-08-15_back-to-school_hp-tile_Hero_D?fmt=auto&w=2460%203x
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
a1ca94992132a731279c00ecb76a068fb56274f5090a7d93041fb3d0bc92f68d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
8oi5yMS_W,l4p5bDg2e,krPhHzimY,WepA0szpz
x-req-id
bXpHqZ3Aay
content-length
34290
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 15 Aug 2024 07:00:03 GMT
2024-07-22_back-to-school_hp-tile_BG_D-min
cdn.media.amplience.net/i/elfcosmetics/
194 KB
194 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/2024-07-22_back-to-school_hp-tile_BG_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-07-22_back-to-school_hp-tile_BG_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-07-22_back-to-school_hp-tile_BG_D-min?fmt=auto&w=2460%203x
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
946e31729b00dbe6231c2edf841baf63fa7c1bef969fedeb93d121193682f781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
3lGLZ4oYL,l4p5bDg2e,zEB3gmPpk,WepA0szpz
x-req-id
wNrivYZK8_
content-length
198159
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 15 Aug 2024 07:00:02 GMT
ga4
api.retail.adeptmind.ai/sp/v1/tenants/elf/event/ Frame
0
0
Preflight
General
Full URL
https://api.retail.adeptmind.ai/sp/v1/tenants/elf/event/ga4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.194.25.57 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.25.194.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://elfcosmetics.youshp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
POST,HEAD,OPTIONS,GET,PATCH,PUT,DELETE
access-control-allow-origin
https://elfcosmetics.youshp.com
date
Thu, 15 Aug 2024 21:45:33 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin
server
envoy
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
x-frame-options
DENY
x-xss-protection
1; mode=block
ga4
api.retail.adeptmind.ai/sp/v1/tenants/elf/event/ Frame
0
0
Preflight
General
Full URL
https://api.retail.adeptmind.ai/sp/v1/tenants/elf/event/ga4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.194.25.57 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.25.194.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://elfcosmetics.youshp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
POST,HEAD,OPTIONS,GET,PATCH,PUT,DELETE
access-control-allow-origin
https://elfcosmetics.youshp.com
date
Thu, 15 Aug 2024 21:45:33 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin
server
envoy
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
x-frame-options
DENY
x-xss-protection
1; mode=block
ga4
api.retail.adeptmind.ai/sp/v1/tenants/elf/event/ Frame
0
0
Preflight
General
Full URL
https://api.retail.adeptmind.ai/sp/v1/tenants/elf/event/ga4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.194.25.57 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.25.194.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://elfcosmetics.youshp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
POST,HEAD,OPTIONS,GET,PATCH,PUT,DELETE
access-control-allow-origin
https://elfcosmetics.youshp.com
date
Thu, 15 Aug 2024 21:45:33 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin
server
envoy
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
DENY
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/main.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Wbr2pAeg61Hfi+2FuD0cYA==
age
50561
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Wed, 14 Aug 2024 17:05:09 GMT
server
cloudflare
etag
0x8DCBC834101D247
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
34e8136c-601e-00d0-2d7a-ee2f28000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b3c5f4c1f143643-FRA
expires
Fri, 16 Aug 2024 07:42:51 GMT
api_dynamic.js
cdn.dynamicyield.com/api/8772046/
600 KB
68 KB
Script
General
Full URL
https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:da00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
725b024bceba812f74680e8698952954a03cb8bab7afd496af3d09085ac1ff0c

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
content-encoding
gzip
via
1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
last-modified
Thu, 15 Aug 2024 20:34:48 GMT
server
DYCDN
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
etag
W/"75ba8067d93d67376187d4b27f802aa2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=30
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
CHN4BLqGJYCeDLyYpxUXH5-NBTQAxByCYIXFltt5WB3R6yVBwAjwvw==
api_static.js
cdn.dynamicyield.com/api/8772046/
389 KB
115 KB
Script
General
Full URL
https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:da00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
12fedf45d361e0dffa7f80e2b1fec3fe4aba25c7099cd444b0607851ca309ede

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 17:14:14 GMT
content-encoding
gzip
via
1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
last-modified
Wed, 14 Aug 2024 20:34:32 GMT
server
DYCDN
age
16466
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
etag
W/"3f754c7426dcf4059b5bf637e0f06fc4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=28800
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
u2lokVo1UwOwVRtPKfpQnZlQNiri6VbJttzmnHWkBLylAZwhhBwiyw==
gtm.js
www.googletagmanager.com/
522 KB
136 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8b206198540da8e398fe0f78983fcd1d20ec930e23acd969094107ce06956d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139250
x-xss-protection
0
last-modified
Thu, 15 Aug 2024 21:17:43 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Aug 2024 21:45:32 GMT
ga4
api.retail.adeptmind.ai/sp/v1/tenants/elf/event/
105 B
679 B
Fetch
General
Full URL
https://api.retail.adeptmind.ai/sp/v1/tenants/elf/event/ga4
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/main.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.194.25.57 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.25.194.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
1f5d5645463e43339cb7b894f6edd4ef7665bfe0fb145eda8534b22008a35da6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Aug 2024 21:45:33 GMT
strict-transport-security
max-age=15768000
referrer-policy
strict-origin
x-content-type-options
nosniff
server
envoy
x-frame-options
DENY
access-control-allow-methods
POST,HEAD,OPTIONS,GET,PATCH,PUT,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://elfcosmetics.youshp.com
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-envoy-upstream-service-time
23
access-control-allow-headers
*
content-length
105
x-xss-protection
1; mode=block
/
api.ipify.org/
20 B
153 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f5e8fe08aabf44bfc8601a89e05824a740df5258f70d883e6467e0624b148c

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
8b3c5f4c990339be-FRA
content-length
20
/
api.ipify.org/
20 B
96 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f5e8fe08aabf44bfc8601a89e05824a740df5258f70d883e6467e0624b148c

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
8b3c5f4d49e139be-FRA
content-length
20
ga4
api.retail.adeptmind.ai/sp/v1/tenants/elf/event/
105 B
678 B
Fetch
General
Full URL
https://api.retail.adeptmind.ai/sp/v1/tenants/elf/event/ga4
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/main.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.194.25.57 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.25.194.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
9769ce881bb04d3f051ba9b64a1149572ef31dc9dedf0630a5ee176fb0d06ebf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Aug 2024 21:45:33 GMT
strict-transport-security
max-age=15768000
referrer-policy
strict-origin
x-content-type-options
nosniff
server
envoy
x-frame-options
DENY
access-control-allow-methods
POST,HEAD,OPTIONS,GET,PATCH,PUT,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://elfcosmetics.youshp.com
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-envoy-upstream-service-time
0
access-control-allow-headers
*
content-length
105
x-xss-protection
1; mode=block
ga4
api.retail.adeptmind.ai/sp/v1/tenants/elf/event/
105 B
678 B
Fetch
General
Full URL
https://api.retail.adeptmind.ai/sp/v1/tenants/elf/event/ga4
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/main.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.194.25.57 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.25.194.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
57f8ab4a7fff5be85f9b3c59e5b388753a4c7ed970c2833dbc60ced627b994f3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Aug 2024 21:45:33 GMT
strict-transport-security
max-age=15768000
referrer-policy
strict-origin
x-content-type-options
nosniff
server
envoy
x-frame-options
DENY
access-control-allow-methods
POST,HEAD,OPTIONS,GET,PATCH,PUT,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://elfcosmetics.youshp.com
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-envoy-upstream-service-time
0
access-control-allow-headers
*
content-length
105
x-xss-protection
1; mode=block
authorize
elfcosmetics.youshp.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/
108 B
1 KB
Fetch
General
Full URL
https://elfcosmetics.youshp.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Felfcosmetics.youshp.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=pNLqL9VofZgqNsnkDDRJob73QPrch22AvHqlIme9mos
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/vendor.js?yocs=1u_1y_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b956148ff5bad88040d0e701e35b190a42da584f941db6adfe464e2cdf4031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

c_x-pwa-request
true
Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
content-encoding
gzip
via
1.1 41f78d12a2f737c8e7f8a05cb4262794.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-correlation-id
8b3c5f52df4b1c19
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-amz-cf-pop
FRA60-P6
x-yottaa-optimizations
ob/1000 si/36D18cae0e5f-1723581323-3859866809 tts/1722866234360 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
119
pragma
no-cache
x-ratelimit-1m-remaining
22964, 1959259
server
cloudflare
x-ratelimit-1m-reset
26044, 26044
vary
Accept-Encoding
x-ratelimit-1m-limit
24000, 2000000
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbUhoKyKHjRvQvmKUeYUUWZ9RzcZnTZFMdW4E8GBQCNR7BDfyKr%2FxUtOON2I9ttzyP0Fdq3YATDkJKQrUf%2B0Pv4py%2FOmGe13lbKtFrNmPqNgi4%2FYM6u%2FyuTAEHjewv8PYMnrpiBojt4V7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store
access-control-allow-credentials
true
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Felfcosmetics.youshp.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=pNLqL9VofZgqNsnkDDRJob73QPrch22AvHqlIme9mos
x-yottaa-metrics
36218cae0e2f/[146,144,-] 36D18cae0e5f/[-,147.757]
cf-ray
8b3c5f4d9b9c9f1b-FRA
x-amz-cf-id
5bcwEklyeJgg3B_u4A739AoejpuvD6ycyYfIxaid8nRoXTsFDLixzA==
x-yottaa-os
400
/
sdk.iad-05.braze.com/api/v3/data/
611 B
649 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:65a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e479ef02ef57f29c4749eed4b55cb041db228a2da706dd6539427f5bf52e3ee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
Referer
https://elfcosmetics.youshp.com/
X-Requested-With
XMLHttpRequest
X-Braze-Req-Attempt
1

Response headers

date
Thu, 15 Aug 2024 21:45:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
ac46bd04-c30e-4ae9-9a21-a0bcf8e2fda9
x-runtime
0.165119
server
cloudflare
etag
W/"e479ef02ef57f29c4749eed4b55cb041"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1723758336
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
8b3c5f4ecb931cb7-FRA
x-ratelimit-remaining
499.0
/
sdk.iad-05.braze.com/api/v3/data/ Frame
0
0
Preflight
General
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:65a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://elfcosmetics.youshp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8b3c5f4dda631cb7-FRA
content-encoding
gzip
date
Thu, 15 Aug 2024 21:45:33 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/
6 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf500a4c158d24ba238d521a5fa775e693d03c507fa3f882bffbbeaf9fedeb64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
aY7kJA0jlzEL9QWHODNZDw==
content-length
1832
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:25:14 GMT
server
cloudflare
etag
0x8DCA5D566A7B63C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a2d9735b-601e-0017-56d5-ec53e9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b3c5f4db93271be-FRA
expires
Fri, 16 Aug 2024 21:45:33 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
304 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33110d24cbb506c398f40acebf7e9b4314b3644bda60332a7c993637c957bef1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8b3c5f4ecfbd2bb6-FRA
access-control-allow-headers
Content-Type
project-tas-2024-8-image-4_D-min
cdn.media.amplience.net/i/elfcosmetics/
29 KB
0
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-tas-2024-8-image-4_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
579d4212e7a9f0c0a86f949fc90c566e1002d31adb3e8c01d98ed7360f030274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
sYm7m2zI1,l4p5bDg2e,Zy7j8qNvh,WepA0szpz
x-req-id
YKPeYVqhrY
content-length
29661
x-xss-protection
1; mode=block
x-amp-source-height
1080
server
Unknown
x-frame-options
DENY
x-amp-source-width
1530
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 01 Aug 2024 22:18:05 GMT
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=193100725.1723758333&url=https%3A%2F%2Felfcosmetics.youshp.com%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0n81WL3STMXv8966...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=193100725.1723758333&url=https%3A%2F%2Felfcosmetics.youshp.com%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0n8...
42 B
65 B
Ping
General
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=193100725.1723758333&url=https%3A%2F%2Felfcosmetics.youshp.com%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0n81WL3STMXv896608294za200&auid=888300928.1723758333&apve=0
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=193100725.1723758333&url=https%3A%2F%2Felfcosmetics.youshp.com%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He48e0n81WL3STMXv896608294za200&auid=888300928.1723758333&apve=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:33 GMT
an-x-request-uuid
25ede39f-c78d-4031-ac6d-670096c62b4c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.48.94.49; 37.48.94.49; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:33 GMT
an-x-request-uuid
c46d7aa5-6bff-419b-aa9d-65f510a9db7c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
37.48.94.49; 37.48.94.49; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/
70 B
149 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:33 GMT
an-x-request-uuid
0d05c6d5-880a-40a6-bbca-acb7512488da
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.48.94.49; 37.48.94.49; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:33 GMT
an-x-request-uuid
3cd757ce-9a79-47a9-98c8-2751b3f94401
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
37.48.94.49; 37.48.94.49; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/
70 B
148 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
project-tas-2024-8-image-1_D-min
cdn.media.amplience.net/i/elfcosmetics/
22 KB
0
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-tas-2024-8-image-1_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
db9aab0c8a9a3aea7b6737acf13f8dfdc717c07f22928e993dc6a6784956b6ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
eAr54yIl9,l4p5bDg2e,7FuDG0H5k,WepA0szpz
x-req-id
bZI5ErzWZH
content-length
22490
x-xss-protection
1; mode=block
x-amp-source-height
1080
server
Unknown
x-frame-options
DENY
x-amp-source-width
1530
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 01 Aug 2024 22:18:05 GMT
project-tas-2024-8-image-2_D-min
cdn.media.amplience.net/i/elfcosmetics/
50 KB
0
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-tas-2024-8-image-2_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
556fda1442315041a8569fd61ed333b180e317c7fba97e9c5932aaec27e88f7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
UL-QSsD7x,l4p5bDg2e,YuqruAKhz,WepA0szpz
x-req-id
cb6TB4tfvN
content-length
51008
x-xss-protection
1; mode=block
x-amp-source-height
1080
server
Unknown
x-frame-options
DENY
x-amp-source-width
1530
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 01 Aug 2024 22:18:05 GMT
project-tas-2024-8-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/
39 KB
0
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-tas-2024-8-image-3_D-min?fmt=auto
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
d85881db163df67fb513101954f3c9cc74647fcc916df672f710deb08566b218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:31 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
f3EI1DygQ,l4p5bDg2e,4ljYkjpuo,WepA0szpz
x-req-id
YsEWPhc6W8
content-length
39611
x-xss-protection
1; mode=block
x-amp-source-height
1080
server
Unknown
x-frame-options
DENY
x-amp-source-width
1530
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 01 Aug 2024 22:18:05 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202406.1.0/
451 KB
110 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7I5y/rp4ODu7ul89ty+epQ==
age
83934
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
112027
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:20:01 GMT
server
cloudflare
etag
0x8DCA5E56F667161
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c05e064f-501e-009c-79cf-d7e837000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b3c5f4f4b4b3643-FRA
st
st.dynamicyield.com/
154 KB
13 KB
Script
General
Full URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=dblc956pclp31n4mu9qezachfquhdlqv&ref=&scriptVersion=2.39.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8c00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e83b8cb002ba9dd95cbc5678a7abbe2d427c9b7e9397f832c4f9bccc36254e0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:33 GMT
content-encoding
gzip
via
1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-id
8A1vtT66ZgtqT0uGZGskU6YhvxQ4ckKZLV8CSYMaxdWb5C2nVO923A==
expires
Thu, 15 Aug 2024 21:45:32 GMT
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame
0
0
Preflight
General
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:65a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://elfcosmetics.youshp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8b3c5f50bdc31cb7-FRA
content-encoding
gzip
date
Thu, 15 Aug 2024 21:45:33 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/feature_flags/ Frame
0
0
Preflight
General
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:65a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://elfcosmetics.youshp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8b3c5f50bdc91cb7-FRA
content-encoding
gzip
date
Thu, 15 Aug 2024 21:45:33 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/content_cards/
85 B
228 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:65a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
273f824d58e0f9151b2f6732639c527b75163589ef36939e146c2f4e6812e0cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Req-Tokens-Remaining
29
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
BRAZE-SYNC-RETRY-COUNT
0
X-Requested-With
XMLHttpRequest
Referer
https://elfcosmetics.youshp.com/
X-Braze-Req-Attempt
1
X-Braze-ContentCardsRequest
true

Response headers

date
Thu, 15 Aug 2024 21:45:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
6f5e6503-3550-4df8-ad82-3764cbc92b10
x-runtime
0.061007
server
cloudflare
etag
W/"273f824d58e0f9151b2f6732639c527b"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1723758336
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
8b3c5f51aeb81cb7-FRA
x-ratelimit-remaining
494.0
sync
sdk.iad-05.braze.com/api/v3/feature_flags/
20 B
180 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11800/vendor.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:65a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Req-Tokens-Remaining
28
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
Referer
https://elfcosmetics.youshp.com/
X-Requested-With
XMLHttpRequest
X-Braze-FeatureFlagsRequest
true
X-Braze-Req-Attempt
1

Response headers

date
Thu, 15 Aug 2024 21:45:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
c4e7ca1a-f460-4251-a9d0-c3725805bd07
x-runtime
0.048042
server
cloudflare
etag
W/"e92f434a50c76d6e52d0d3cc91cdf185"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1723758336
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
8b3c5f519ea71cb7-FRA
x-ratelimit-remaining
496.0
en.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/01909eed-3bdc-7283-8d20-1f7cc7f672d6/
270 KB
47 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/01909eed-3bdc-7283-8d20-1f7cc7f672d6/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3e46bfe2e437ec88b337c4893c591c726abfaafe957984466738e317ec5478
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
O2WrPsqEzZtXQecUT5GJ8Q==
content-length
48426
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:25:19 GMT
server
cloudflare
etag
0x8DCA5D56988B2D3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
30fa19cc-e01e-0006-265c-ef64f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b3c5f50ccc571be-FRA
expires
Fri, 16 Aug 2024 21:45:33 GMT
iab2V2Data.json
cdn.cookielaw.org/vendorlist/
588 KB
76 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2V2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f832c764b6f453323743c976586ce9443740a911b12eca61cfa34fbff05c1262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
Drk6+4OEd5LcP5xXHZgIQw==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
77602
x-ms-lease-status
unlocked
last-modified
Thu, 15 Aug 2024 21:43:13 GMT
server
cloudflare
etag
0x8DCBD7343E87FBF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3de912dc-401e-00aa-595c-ef4565000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b3c5f50ccc971be-FRA
expires
Fri, 16 Aug 2024 21:45:33 GMT
otTCF.js
cdn.cookielaw.org/scripttemplates/202406.1.0/
60 KB
17 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/otTCF.js
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
w7rriz6IwW2xtS9bVJshOg==
age
47254
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
17104
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:19:59 GMT
server
cloudflare
etag
0x8DCA5E56E73A9D1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
768119cb-301e-00c3-1294-d81ac9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b3c5f50ccea3643-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
sHJXWIgDpMKY35PyRRy4zQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3003
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:19:54 GMT
server
cloudflare
etag
0x8DCA5E56B3084E2
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0feef43c-101e-00b9-6ebb-d87084000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b3c5f52bf6271be-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LtDYZmcfPNW39lMw/Yu0RQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12723
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:19:56 GMT
server
cloudflare
etag
0x8DCA5E56C7CC8BB
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f92fdb74-701e-00e6-30a7-ee827a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b3c5f52bf6571be-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/
24 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
HyPJ72TNHxdfOI82cqKVqA==
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:20:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4da3cd3b-101e-0090-793b-dc06c6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8b3c5f52bf6871be-FRA
dy-coll-min.js
cdn.dynamicyield.com/scripts/2.39.0/
196 KB
65 KB
Script
General
Full URL
https://cdn.dynamicyield.com/scripts/2.39.0/dy-coll-min.js
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:da00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
20b3acc9e787142bb21a4fc36db6dfbd830c7070ee8230b4160089db0a40b9bb

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 10:44:22 GMT
content-encoding
gzip
via
1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jul 2024 08:41:56 GMT
server
DYCDN
age
3322871
x-amz-cf-pop
FRA56-P11
etag
W/"f2613c90f73b8f53cd3a007227b7206e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
2qB8Vbyfv1iceuBW3c9yW9jYqLUTVsM58IFvYF57fwQLaEu2W8FjPA==
uia
async-px.dynamicyield.com/
0
384 B
XHR
General
Full URL
https://async-px.dynamicyield.com/uia?cnst=1&_=1723758334066
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.39.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
1TB5azdw9jnkhW3Gz4CytsQAUIM-cnnfmKHreMuI9JUKM_juaKz-bg==
expires
0
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
516 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Wed, 14 Aug 2024 17:05:11 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0ba723eb-601e-009f-4022-efeb30000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8b3c5f54899f71be-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/
4 KB
4 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
22206
content-length
4036
x-ms-lease-status
unlocked
last-modified
Wed, 14 Aug 2024 17:05:11 GMT
server
cloudflare
etag
0x8DCBC834243BDE9
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
10fe5da3-601e-0053-1780-ee8f85000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b3c5f5498ec3643-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Aug 2024 21:45:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
77167
x-ms-lease-status
unlocked
last-modified
Wed, 14 Aug 2024 17:05:12 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
705f206a-801e-007b-5b7d-eef83a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8b3c5f5498f03643-FRA
batch
async-px.dynamicyield.com/
0
384 B
Ping
General
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1723758334352_360765
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.39.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 f1b6636265d2ca44d8a0ca5488a5ec0c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
gO81xdTanV8OsS4mOMZc9ofSholummBrB0CUPhK-j46COHHJliqPpQ==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=882028&uid=-2756202734003783939&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=46e5bd41bb6eac032114bf4a42342b20&expSes=80581&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=261439440710188476&cgtgDecisionId=261439442568601645&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1723758333368&rri=523412
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.39.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-72.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
6lqg26ptTu--iSkNERiaKBbqa-3ZTUSv2CpoDWUOLz6qJ9I6DO1r6Q==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=89123&uid=-2756202734003783939&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=46e5bd41bb6eac032114bf4a42342b20&expSes=80581&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=261439441432433578&cgtgDecisionId=261439441004896841&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1723758333369&rri=929435
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.39.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-72.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
nh6h5PO12j_esLzRJVPT56l_-q3FEgsxaGCRVjckodWJK8xuELsW6w==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=4399&uid=-2756202734003783939&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=46e5bd41bb6eac032114bf4a42342b20&expSes=80581&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=261439440475128791&cgtgDecisionId=261439442377250345&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1723758333370&rri=9866224
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.39.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-72.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
pgS4M5gZ8wqSL4eAdtAe_QKW3W0l_riR-YWaPomUSwU-TrKANmIf4w==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=419519&uid=-2756202734003783939&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28207095%5D&ses=46e5bd41bb6eac032114bf4a42342b20&expSes=80581&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=261439443695267397&cgtgDecisionId=261439443550868625&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1723758333371&rri=4903658
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.39.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-72.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
iwMlSFBnzqNCsNML884Asgv3CmZykXBeTQ_Gf96s7okCuWQR6AtHSQ==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=99179&uid=-2756202734003783939&sec=8772046&t=ri&e=1750936&p=1&ve=13190838&va=%5B28818377%5D&ses=46e5bd41bb6eac032114bf4a42342b20&expSes=80581&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=261439441104566189&cgtgDecisionId=261439442948999421&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1723758333372&rri=5054849
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.39.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-72.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
0ar0XxqKvWwPGb8eViieWD1BOr7mSd7NlnG4Dsl5Tx-nU8vF31830A==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=901672&uid=-2756202734003783939&sec=8772046&t=ri&e=1750954&p=1&ve=13304536&va=%5B28973875%5D&ses=46e5bd41bb6eac032114bf4a42342b20&expSes=80581&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=261439443659511677&cgtgDecisionId=261439441206012210&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1723758333373&rri=3598039
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.39.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-72.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
Rsuut8_Gl-4iJTndlbghOp3OrVy7Cob7KDel7mJSGb_NBzebClESCQ==
expires
0
favicon.ico
elfcosmetics.youshp.com/
34 KB
4 KB
Other
General
Full URL
https://elfcosmetics.youshp.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 77ef56a61f9732eb861f48a4b6d8df92.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
x-amzn-remapped-content-length
34494
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
VIE50-P3
x-amzn-remapped-connection
close
x-amzn-requestid
dc39394b-3183-431b-9595-5ec78463b170
x-yottaa-optimizations
ob/100 si/36D18cae0e60-1723581323-9356003812 tts/1722866558018 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-apigw-id
cj0h2HZMiYcEUlQ=
last-modified
Thu, 15 Aug 2024 17:00:26 GMT
server
cloudflare
etag
W/"86be-19156fbc410"
x-amzn-trace-id
Root=1-66be3471-10f1284b09b4fe3d605999d6;Parent=68c2fda75f9d9647;Sampled=0;lineage=2b75b0e9:0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJIIl3l65rv4HhioQf%2FCXwG0OIs48GQfpJDvyS%2FFcL9eLgpB50wLFrVUVTKTLyyGEY9gf1OmzjueLO%2BtnvQ43juHHpGpdxv03QNgS9luO0YnGnC1VKitLGS14w5B7Qb86wCy9SQFUuaQeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
x-yottaa-metrics
36218cae0e36/[4,-,1723758317940] 36D18cae0e60/[-,5.035]
cf-ray
8b3c5f55ea489760-FRA
x-amz-cf-id
MascAj9e527ktG5xr1fj3OpzFIAxBeiWphrILmyoB7m1q22F0fdNzA==
x-amzn-remapped-date
Thu, 15 Aug 2024 17:01:38 GMT
event
qoe-1.yottaa.net/log-nt/
3 B
191 B
Ping
General
Full URL
https://qoe-1.yottaa.net/log-nt/event
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.2.133.135 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Aug 2024 21:45:35 GMT
access-control-expose-headers
X-Results-Data-Source
access-control-allow-credentials
true
cache-control
no-cache
timing-allow-origin
*
content-type
text/json
site.min.js
edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/
84 KB
20 KB
Script
General
Full URL
https://edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/site.min.js
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.147.250 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
x-amz-version-id
.qrNcRtRG6VmB5kbLKXtk4Otpa6s5GTr
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
RPXSJ13M5FXMKBRV
age
1668
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6cY9mAMu73SrD7POigB8vFDNHhpy0PMxrmHuYyUnVFLdAd3tw2zS6tzOVGrAiV3dD81fugC1Ni2QKW5l2LshL85b+yLfqRYYVEQTHQBzJhk=
last-modified
Fri, 07 Jun 2024 18:56:15 GMT
server
cloudflare
etag
W/"50d92f85574de50a7d4a214fa4131720"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800,s-maxage=1800
cf-ray
8b3c5f565800368c-FRA
110221.ct.js
tag.rmp.rakuten.com/
47 KB
15 KB
Script
General
Full URL
https://tag.rmp.rakuten.com/110221.ct.js
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
290f9c6084b46b94850626f1dbe6df20c7a805bed18c5aad6360bcc4da3bfae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Thu, 15 Aug 2024 21:45:34 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js
www.paypal.com/sdk/
425 KB
120 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1fd82462c3c27b653bec893b2395d3fc4d218c36ae16b4a2b8f8d99c8637cef0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ktw9hyKrNmbM92R7q7ci4+vtX6fGb6haROGz7m2rt1n0cqTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ktw9hyKrNmbM92R7q7ci4+vtX6fGb6haROGz7m2rt1n0cqTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ktw9hyKrNmbM92R7q7ci4+vtX6fGb6haROGz7m2rt1n0cqTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ktw9hyKrNmbM92R7q7ci4+vtX6fGb6haROGz7m2rt1n0cqTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 15 Aug 2024 21:45:34 GMT
age
8693
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, HIT, MISS
p3p
true
paypal-debug-id
f740276c5d9a5
server-timing
"traceparent;desc="00-0000000000000000000f740276c5d9a5-7392dc9e6ff688c5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
120841
x-xss-protection
1; mode=block
x-served-by
cache-lhr-egll1980086-LHR, cache-mad2200091-MAD, cache-mad2200091-MAD
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f740276c5d9a5-c9c7de478f6b9ca6-01
x-timer
S1723758335.539604,VS0,VE7
etag
W/"1d809-S19t561oDkoTvRojaKO49s0JixA"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
37, 0, 0
main.js
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/
146 KB
43 KB
Script
General
Full URL
https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.142.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-142-200.deploy.static.akamaitechnologies.com
Software
nginx / Express
Resource Hash
61fe827d03e287508447d5af2ecc3ff50310fb04ed5b5094bb38ab72f0b2f6e8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Date
Thu, 15 Aug 2024 21:45:34 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"dc28fdb8f88fe0b146dbaf222d1b4864869f515a-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, max-age=900
Connection
keep-alive
Content-Length
43478
Expires
Thu, 15 Aug 2024 22:00:34 GMT
/
websdk.appsflyer.com/
51 KB
15 KB
Script
General
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-88.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce6d7f008824d9f6af00150bf70a49369a24381165b5808efa74e68518e6d58d

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 20:58:52 GMT
content-encoding
gzip
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 06:58:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
2803
x-amz-server-side-encryption
AES256
etag
W/"ad6e8ace01357e7c84957fc6fc296d42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
PYtUMpgcaWPxfA2tIAQX-wGSfq0ECMs2u8mwM-oJCck9vfOMQiac0g==
js
www.googletagmanager.com/gtag/
299 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9154cb25389c74c95a7bc2a304a32e8c3b97bb947d0b6fa1182ce1e1f7ce5b70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102615
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Aug 2024 21:45:34 GMT
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7732d8ecb86efc4dd1cc25f5ec0bc4264b06f8c5eee066483fabfdb6bd8df988
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script'
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-7nUmKOES5H7DlaisB_8CwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 15 Aug 2024 21:45:34 GMT
destination
www.googletagmanager.com/gtag/
218 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
72d552b349ad83b585905296f399b76c34ac7d0da8b1b3189ccb8bb379a0fd94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79989
x-xss-protection
0
last-modified
Thu, 15 Aug 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Aug 2024 21:45:34 GMT
destination
www.googletagmanager.com/gtag/
218 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e6e5aac3aa38a753f5a580ac29f2729c843ce4310aec3281686820cd2b0716d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79988
x-xss-protection
0
last-modified
Thu, 15 Aug 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Aug 2024 21:45:34 GMT
brow-hptile-2024-8-SLIDE-2_D-min
cdn.media.amplience.net/i/elfcosmetics/
23 KB
23 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-2_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-2_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-2_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
96b4a46a6448af5c55fc907b77e86281baf3a34a205ffb6dd582e79c64c04a9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
OBR0obaCp,l4p5bDg2e,L34ZFlc7A,WepA0szpz
x-req-id
ZJGr8o-au7
content-length
23437
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 07 Aug 2024 22:30:02 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1691051/
82 KB
25 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
012e36d6b214f5612fb99341c6dc271e6aa7be3043949cefec03f21cb2b3c1e0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
5D5QDITPhXFbrS1qlOSfgjl4hW1zjlmS
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Aug 2024 21:45:34 GMT
x-amz-request-id
WT74ACZY4BRNBS41
age
159
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
25518
x-amz-id-2
2N2x7N05m9U6FnPABjArmj2VMZqziDgYpvj4KVF7KhyySU62jmdGnUA/6MyJcPov/XMGSX/8y/k=
x-served-by
cache-mad2200123-MAD
last-modified
Sun, 11 Aug 2024 11:23:07 GMT
server
AmazonS3
x-timer
S1723758335.562536,VS0,VE1
etag
"fd8105b5622f38fecafc982e5ee850a1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
51
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
1a8bfa042c9c5.js
t.contentsquare.net/uxa/
338 KB
81 KB
Script
General
Full URL
https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-53.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58a2123c5c4470286bd4a3401acfa54787293819f1b8cf8d2e8c89c94099fa10

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:10:35 GMT
content-encoding
br
via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
82628
last-modified
Wed, 14 Aug 2024 09:09:23 GMT
server
AmazonS3
etag
"ad79bf127cd7077e3cd723b63f78f40c"
vary
Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
cpEiD_bXd9-e-rQJ1aWRNXHg18zXEmalGQihEMfqblbqd9bl57TQjQ==
destination
www.googletagmanager.com/gtag/
218 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
55e21164d6ccf95c578b72c67a7d23a378fc680c5e40b981ebd0ad58e67f4201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79949
x-xss-protection
0
last-modified
Thu, 15 Aug 2024 21:17:43 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Aug 2024 21:45:34 GMT
src=10265292;dc_pre=CKzz3Jn894cDFWLmOwIdXGILFQ;type=conte0;cat=homep0;ord=8896310968607;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181787185z8896608294za20...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=8896310968607;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181787185z8...
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKzz3Jn894cDFWLmOwIdXGILFQ;type=conte0;cat=homep0;ord=8896310968607;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=deni...
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKzz3Jn894cDFWLmOwIdXGILFQ;type=conte0;cat=homep0;ord=8896310968607;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com?
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKzz3Jn894cDFWLmOwIdXGILFQ;type=conte0;cat=homep0;ord=8896310968607;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
experience.min.js
edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/
0
0

src=10742279;dc_pre=CJH93Jn894cDFTnxOwIdwBIuPA;type=elf8j0;cat=glo_flhp;ord=1562015735237;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denie...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=1562015735237;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJH93Jn894cDFTnxOwIdwBIuPA;type=elf8j0;cat=glo_flhp;ord=1562015735237;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;...
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJH93Jn894cDFTnxOwIdwBIuPA;type=elf8j0;cat=glo_flhp;ord=1562015735237;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com?
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJH93Jn894cDFTnxOwIdwBIuPA;type=elf8j0;cat=glo_flhp;ord=1562015735237;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=10742279;dc_pre=CMT33Jn894cDFQjLOwIdgQoUsg;type=elf8j0;cat=glo_flap;ord=238707979440;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=238707979440;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0...
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMT33Jn894cDFQjLOwIdgQoUsg;type=elf8j0;cat=glo_flap;ord=238707979440;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;u...
42 B
118 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMT33Jn894cDFQjLOwIdgQoUsg;type=elf8j0;cat=glo_flap;ord=238707979440;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com?
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMT33Jn894cDFQjLOwIdgQoUsg;type=elf8j0;cat=glo_flap;ord=238707979440;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
sgtm.elfcosmetics.com/g/
65 B
298 B
XHR
General
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je48e0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=0&cid=1516154756.1723758335&ecid=1115139801&ul=nl-nl&sr=1600x1200&_fplc=0&ur=SI&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=193100725.1723758333&sst.gse=1&sst.etld=google.si&sst.gcsub=region1&sst.adr=1&sst.ude=0&_s=1&sid=1723758334&sct=1&seg=0&dl=https%3A%2F%2Felfcosmetics.youshp.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4436&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://elfcosmetics.youshp.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
collect
sgtm.elfcosmetics.com/g/
65 B
127 B
XHR
General
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je48e0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=0&cid=1516154756.1723758335&ecid=1115139801&ul=nl-nl&sr=1600x1200&_fplc=0&ur=SI&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=193100725.1723758333&sst.gse=1&sst.etld=google.si&sst.gcsub=region1&sst.adr=1&sst.ude=0&_s=2&sid=1723758334&sct=1&seg=0&dl=https%3A%2F%2Felfcosmetics.youshp.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=pageview&ep.vendor_id=pinterest&ep.email=&ep.event_id=1723759079691_17237586882708&ep.external_id=&_et=5&tfd=4450&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:35 GMT
via
1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://elfcosmetics.youshp.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
www-widgetapi.js
www.youtube.com/s/player/53afa3ce/www-widgetapi.vflset/
31 KB
11 KB
Script
General
Full URL
https://www.youtube.com/s/player/53afa3ce/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1db2c0444aac40cc0d8cfc5cef921f9d8ef04c5e3b49dd0df39cf25a7132473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
1059
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10557
x-xss-protection
0
last-modified
Wed, 14 Aug 2024 04:19:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 15 Aug 2025 21:27:55 GMT
unip
trc.taboola.com/1691051/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc.taboola.com/1691051/log/3/unip?ce=ecomm&en=HOME_PAGE_VISIT&ref=null&item-url=https%253A%252F%252Felfcosmetics.youshp.com%252F&data=%257B%2522timestamp%2522%253A%252215-8-2024%2522%252C%2522eventType%2522%253A%2522HOME_PAGE_VISIT%2522%257D&cnxclid=undefined&tim=1723758334706&mrir=u&vi=1723758334691&cv=20240808-24-RELEASE&tos=11&ssd=1&scd=0&it=JS_PIXEL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://elfcosmetics.youshp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://elfcosmetics.youshp.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 15 Aug 2024 21:45:34 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-to-nlb-rtt
28746
x-served-by
cache-mad2200107-MAD
x-service-version
v1
x-timer
S1723758335.828450,VS0,VE30
x-vcl-time-ms
30
topics_api
psb.taboola.com/
65 B
279 B
Fetch
General
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1723758335.801174,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-served-by
cache-mad22030-MAD
unip
trc.taboola.com/1691051/log/3/
0
300 B
XHR
General
Full URL
https://trc.taboola.com/1691051/log/3/unip?ce=ecomm&en=HOME_PAGE_VISIT&ref=null&item-url=https%253A%252F%252Felfcosmetics.youshp.com%252F&data=%257B%2522timestamp%2522%253A%252215-8-2024%2522%252C%2522eventType%2522%253A%2522HOME_PAGE_VISIT%2522%257D&cnxclid=undefined&tim=1723758334706&mrir=u&vi=1723758334691&cv=20240808-24-RELEASE&tos=11&ssd=1&scd=0&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elfcosmetics.youshp.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
27
date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
25775
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mad2200123-MAD
pragma
no-cache
server
nginx
x-timer
S1723758335.903351,VS0,VE27
content-type
image/gif
access-control-allow-origin
https://elfcosmetics.youshp.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
src=9231397;dc_pre=CPGU45n894cDFYHIOwIdXBA6pA;type=retarget;cat=globa0;ord=590141625701;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=590141625701;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CPGU45n894cDFYHIOwIdXBA6pA;type=retarget;cat=globa0;ord=590141625701;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;ua...
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CPGU45n894cDFYHIOwIdXBA6pA;type=retarget;cat=globa0;ord=590141625701;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com?
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Aug 2024 21:45:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CPGU45n894cDFYHIOwIdXBA6pA;type=retarget;cat=globa0;ord=590141625701;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe48e0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
local
www.paypal.com/credit-presentment/experiments/ Frame 7A10
0
0
Document
General
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.9&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
67734
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1524
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Thu, 15 Aug 2024 21:45:34 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-YcaqdI/lveePUt7vfcQJ3RC1UEo"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f640563ec630d
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f640563ec630d-0ab3e7c1c67f6abb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f640563ec630d-2325961243bdf4db-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, MISS
x-cache-hits
24758, 2874, 0
x-served-by
cache-lhr-egll1980044-LHR, cache-mad22061-MAD, cache-mad22061-MAD
x-timer
S1723758335.949872,VS0,VE7
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/
12 KB
5 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=elfcosmetics.youshp.com&t=xo&v=5.0.455&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a997e04353e88f40e41584ecfea025d074f355f534874f9dbe04a3bb5a5ca4d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-O2UJWnn8HdzWcpc3GgRaOJrVMk7nIHNKnXJURSMEewbRfNd5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-O2UJWnn8HdzWcpc3GgRaOJrVMk7nIHNKnXJURSMEewbRfNd5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Aug 2024 21:45:35 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
MISS, MISS, MISS
paypal-debug-id
f19220640ccb3
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4336
x-xss-protection
1; mode=block
x-served-by
cache-lhr-egll1980053-LHR, cache-mad2200091-MAD, cache-mad2200091-MAD
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f19220640ccb3-b9ffd6dfd879490e-01
x-timer
S1723758335.859234,VS0,VE249
etag
W/"2fa1-jxsR74+mGy9/tfIPXuzhzw2WmKM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
logger
www.paypal.com/xoplatform/logger/api/
975 B
893 B
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6edb6d0ff33905718350ce93823f92a40dc790cfcab1bf9d2da530485c33d1af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Thu, 15 Aug 2024 21:45:35 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS, MISS
paypal-debug-id
f19220617aae9
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr-egll1980025-LHR, cache-mad2200132-MAD, cache-mad2200132-MAD
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f19220617aae9-c2db154a33e7991a-01
x-timer
S1723758335.242200,VS0,VE195
etag
W/"3cf-b4eVIlyIdNmv7RsiLoChArEOUIM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://elfcosmetics.youshp.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://elfcosmetics.youshp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://elfcosmetics.youshp.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Thu, 15 Aug 2024 21:45:35 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f1922066422dd
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f1922066422dd-917d8a4128f68000-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr-egll1980055-LHR, cache-mad2200132-MAD, cache-mad2200132-MAD
x-timer
S1723758335.012386,VS0,VE187
jsp
ut.rd.linksynergy.com/
148 B
405 B
Script
General
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e7769e57327a15cc210a53f2d33e960477599d7eb924519ef89c471002423df7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-samesite
secure
date
Thu, 15 Aug 2024 21:45:34 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
content-type
text/plain; charset=utf-8
cnxtag-min.js
js.cnnx.link/roi/
2 KB
1 KB
Script
General
Full URL
https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by
Host: elfcosmetics.youshp.com
URL: https://elfcosmetics.youshp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7800:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d5267085b5489f178aae1444e1367dbca2debc7c061d5ddd803a16711a19c93b

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:43:47 GMT
via
1.1 google, 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
age
108
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
max-age=600
x-amz-cf-id
Qho-oXDdaUS8qfo_fRBWmRd4aAlkjravrEN7CLOyDDprruqJ6I_2TQ==
ts
t.paypal.com/
42 B
633 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1723758335134&g=-120&completeurl=https%3A%2F%2Felfcosmetics.youshp.com%2F&ru=https%3A%2F%2Felfcosmetics.youshp.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Thu, 15 Aug 2024 21:45:35 GMT
date
Thu, 15 Aug 2024 21:45:35 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
0504bb4264369
server-timing
"traceparent;desc="00-00000000000000000000504bb4264369-8e995ae36280e1f5-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-lhr-egll1980055-LHR, cache-mad22081-MAD
pragma
no-cache
correlation-id
0504bb4264369
traceparent
00-00000000000000000000504bb4264369-9b12c0ddd8f17fa2-01
x-timer
S1723758335.276509,VS0,VE156
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
brow-hptile-2024-8-SLIDE-3_D-min
cdn.media.amplience.net/i/elfcosmetics/
50 KB
50 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-3_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-3_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-3_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
a4be3000b3180011a5b4396f17a1fe72aa3647fbc712f95b6493affab0cd2a81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:35 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
dsYeHxmgQ,l4p5bDg2e,RQN2EHbEN,WepA0szpz
x-req-id
yaMNNBfnL7
content-length
51327
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 15 Aug 2024 07:00:02 GMT
cs
tags.rd.linksynergy.com/
Redirect Chain
  • https://idsync.rlcdn.com/458359.gif?partner_uid=546a0854-b8b1-4dd5-8784-63e050f506f0
  • https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDU0NmEwODU0LWI4YjEtNGRkNS04Nzg0LTYzZTA1MGY1MDZmMBAAGg0IgO75tQYSBQjoBxAAQgBKAA
  • https://tags.rd.linksynergy.com/cs?ns=lr&uid3=840a1293363a0ccc25cda35d9ed55c2fb9f091ac32d697e5cbf6554cc1efb02c6ac34734d8e453ee
37 B
294 B
Image
General
Full URL
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=840a1293363a0ccc25cda35d9ed55c2fb9f091ac32d697e5cbf6554cc1efb02c6ac34734d8e453ee
Protocol
H2
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-samesite
secure
date
Thu, 15 Aug 2024 21:45:36 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
content-type
image/gif

Redirect headers

date
Thu, 15 Aug 2024 21:45:36 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=840a1293363a0ccc25cda35d9ed55c2fb9f091ac32d697e5cbf6554cc1efb02c6ac34734d8e453ee
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
unip
trc-events.taboola.com/1691051/log/3/
0
252 B
XHR
General
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=1650&scd=0&ssd=1&est=1723758334695&ver=36&isls=true&src=i&invt=1500&msa=3025&rv=1&tim=1723758336346&mrir=u&vi=1723758334691&ref=null&cv=20240808-24-RELEASE&item-url=https%3A%2F%2Felfcosmetics.youshp.com%2F&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elfcosmetics.youshp.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://elfcosmetics.youshp.com
pragma
no-cache
date
Thu, 15 Aug 2024 21:45:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1691051/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=1650&scd=0&ssd=1&est=1723758334695&ver=36&isls=true&src=i&invt=1500&msa=3025&rv=1&tim=1723758336346&mrir=u&vi=1723758334691&ref=null&cv=20240808-24-RELEASE&item-url=https%3A%2F%2Felfcosmetics.youshp.com%2F&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://elfcosmetics.youshp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://elfcosmetics.youshp.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 15 Aug 2024 21:45:36 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
brow-hptile-2024-8-SLIDE-4_D-min
cdn.media.amplience.net/i/elfcosmetics/
39 KB
39 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-4_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-4_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-hptile-2024-8-SLIDE-4_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
3f2f6b191dc232af23a665dc86db62476027dd43a1fa8c84dc39075a23a3599f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 21:45:37 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
R7qIhyBi_,l4p5bDg2e,tS9lwF50D,WepA0szpz
x-req-id
qzpSpfVTxh
content-length
40062
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 15 Aug 2024 07:00:02 GMT
unip
trc-events.taboola.com/1691051/log/3/
0
251 B
XHR
General
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=4658&scd=0&ssd=1&est=1723758334695&ver=36&isls=true&src=i&invt=3000&msa=3025&rv=1&tim=1723758339354&mrir=u&vi=1723758334691&ref=null&cv=20240808-24-RELEASE&item-url=https%3A%2F%2Felfcosmetics.youshp.com%2F&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elfcosmetics.youshp.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://elfcosmetics.youshp.com
pragma
no-cache
date
Thu, 15 Aug 2024 21:45:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1691051/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=4658&scd=0&ssd=1&est=1723758334695&ver=36&isls=true&src=i&invt=3000&msa=3025&rv=1&tim=1723758339354&mrir=u&vi=1723758334691&ref=null&cv=20240808-24-RELEASE&item-url=https%3A%2F%2Felfcosmetics.youshp.com%2F&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://elfcosmetics.youshp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://elfcosmetics.youshp.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 15 Aug 2024 21:45:39 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
collect
sgtm.elfcosmetics.com/g/
65 B
127 B
XHR
General
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je48e0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=0&cid=1516154756.1723758335&ecid=1115139801&ul=nl-nl&sr=1600x1200&_fplc=0&ur=SI&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=IA&sst.rnd=193100725.1723758333&sst.gse=1&sst.etld=google.si&sst.gcsub=region1&sst.adr=1&sst.ude=0&sid=1723758334&sct=1&seg=0&dl=https%3A%2F%2Felfcosmetics.youshp.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&_s=3&tfd=9453&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://elfcosmetics.youshp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Aug 2024 21:45:39 GMT
via
1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://elfcosmetics.youshp.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/
Domain
edge.curalate.com
URL
https://edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/experience.min.js

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host function| customSlider string| CRL8_SITENAME object| crl8 object| content object| __LOADABLE_LOADED_CHUNKS__ function| _ object| regeneratorRuntime function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive object| DataLayer object| dataLayer function| getDataLayerEvent object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otIsInitialized boolean| otBlockOptOutInitReload function| OptanonWrapper object| DYcustom string| AppsFlyerSdkObject function| AF object| DYO object| contextManager object| DYJSON object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data number| gtmPageLoadId object| __tfa_pixel_init object| _tfa object| _uxa string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData object| DYExps object| otIabModule object| Optanon object| OneTrust object| DYWork function| $dy object| DYCS boolean| otLastAcceptAllValue function| onYouTubeIframeAPIReady function| ___rmuid object| ___RMCMPW object| gaGlobal object| AF_cleanupMethods object| AF_SDK object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM object| _tecq function| cnxtag object| og object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions boolean| OG_OFFERS_TEST_MODE_ENABLE object| OG object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs object| CS_CONF function| csSetTimeout function| csQueueMicrotask function| csClearTimeout function| csSymbol object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| UXAnalytics object| CSCurrentScript object| paypalDDL object| cnxDataLayer object| cti110221

30 Cookies

Domain/Path Name / Value
elfcosmetics.youshp.com/ Name: initAuthComplete
Value: true
.youshp.com/ Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: g%3A5ee34743-a0a0-0098-cbcb-d86b0ad2ecc3%7Ce%3A1723760132814%7Cc%3A1723758332814%7Cl%3A1723758332814
.youshp.com/ Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: g%3A568ca12f-2385-76ff-35e4-3481f3b413cb%7Ce%3Aundefined%7Cc%3A1723758332816%7Cl%3A1723758332816
.youshp.com/ Name: _gcl_au
Value: 1.1.888300928.1723758333
.youshp.com/ Name: _dyjsession
Value: dblc956pclp31n4mu9qezachfquhdlqv
.youshp.com/ Name: dy_fs_page
Value: elfcosmetics.youshp.com
.youshp.com/ Name: _dy_csc_ses
Value: dblc956pclp31n4mu9qezachfquhdlqv
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2In=uC4%n!]tbP6j2F-XstGt!@EL1%<+?^
.adnxs.com/ Name: XANDR_PANID
Value: DeWrgMrZRkgAsItkb6jjbXY9ciSjUlRO5VeEtt-GqSWFpOgaDkJqvarfB1oObkhFvDyhJF-2JgZAZHb42ed2IHRbsyVj2anDyAfzNAq4u1U.
.adnxs.com/ Name: uuid2
Value: 5266976298301965235
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.dynamicyield.com/ Name: DYID
Value: -2756202734003783939
.youshp.com/ Name: _dycnst
Value: dg
.youshp.com/ Name: _dyid
Value: -2756202734003783939
.youshp.com/ Name: _dycst
Value: dk.l.c.ws.fst.
.youshp.com/ Name: _dy_geo
Value: NL.EU.NL_NH.NL_NH_Amsterdam
.youshp.com/ Name: _dy_df_geo
Value: Netherlands..Amsterdam
.youshp.com/ Name: _dy_toffset
Value: -1
.youshp.com/ Name: _dy_soct
Value: 647796.1248068.1723758334.dblc956pclp31n4mu9qezachfquhdlqv*836603.1652212.1723758334*837245.1654610.1723758334*861617.1750272.1723758334*926162.2078808.1723758334*960888.2078831.1723758334
.curalate.com/ Name: __cf_bm
Value: NAojM1.P7UBhkElCFMTyC8FjHaZmeO2Gt365U6tMhXQ-1723758334-1.0.1.1-6EVJMGpGGy8Wadi3QhjeiwzvLRXHipTO9_ura70zW2Qn7lS.dcm_8gwqr3FnapYDo33IA_NwYDS44bhJPXDIeQ
.youshp.com/ Name: rmStore
Value: dmid:9097
.youtube.com/ Name: YSC
Value: Wj-j3Z_KGMw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 1jYFpiMgQNs
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJTSRIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgGg%3D%3D
.youshp.com/ Name: crl8.fpcuid
Value: 2517bd6f-b016-4ca8-a4d6-2acca217334b
.linksynergy.com/ Name: rmuid
Value: 546a0854-b8b1-4dd5-8784-63e050f506f0
.rlcdn.com/ Name: rlas3
Value: xAnI/ns1uzIV+Vt0NCAhwG+1NAW9NSl01uHsUasQUg4=
.rlcdn.com/ Name: pxrc
Value: CIDu+bUGEgUI6AcQABIGCOTrARAA
.linksynergy.com/ Name: icts
Value: 2024-08-15T21:45:36Z

3 Console Messages

Source Level URL
Text
javascript error URL: https://elfcosmetics.youshp.com/
Message:
Access to image at 'https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_' from origin 'https://elfcosmetics.youshp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://elfcosmetics.youshp.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Felfcosmetics.youshp.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=pNLqL9VofZgqNsnkDDRJob73QPrch22AvHqlIme9mos
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
api.ipify.org
api.retail.adeptmind.ai
async-px.dynamicyield.com
cdn-fsly.yottaa.net
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
cdn.taboola.com
edge.curalate.com
elfcosmetics.youshp.com
geolocation.onetrust.com
googleads.g.doubleclick.net
idsync.rlcdn.com
insight.adsrvr.org
js.cnnx.link
psb.taboola.com
qoe-1.yottaa.net
sdk.iad-05.braze.com
secure.adnxs.com
sgtm.elfcosmetics.com
st.dynamicyield.com
static.ordergroove.com
t.contentsquare.net
t.paypal.com
tag.rmp.rakuten.com
tags.rd.linksynergy.com
trc-events.taboola.com
trc.taboola.com
ut.rd.linksynergy.com
websdk.appsflyer.com
www.google.com
www.googletagmanager.com
www.paypal.com
www.youtube.com
cdn-fsly.yottaa.net
edge.curalate.com
104.26.12.205
13.35.58.72
141.226.228.48
142.250.184.226
15.197.193.217
151.101.1.21
151.101.1.44
151.101.129.21
151.101.129.44
151.101.2.133
151.101.3.1
172.217.16.194
172.64.147.250
18.244.18.53
18.245.60.88
185.89.210.46
188.114.97.9
204.2.133.135
216.58.206.36
216.58.212.136
23.197.142.200
2600:9000:20eb:7800:11:85b0:d600:93a1
2600:9000:2250:8c00:15:ad21:c740:93a1
2600:9000:275d:da00:a:b89d:a6c0:93a1
2606:4700::6812:1d7f
2606:4700::6812:562a
2606:4700::6812:65a
2a00:1450:4001:801::2008
2a00:1450:4001:82b::200e
2a02:26f0:3100::1735:2ae8
2a02:26f0:3100::1735:2afa
2a04:4e42:400::300
34.102.147.248
34.49.124.132
34.98.67.3
35.194.25.57
35.244.174.68
012b819ae53cc859729637d2c15446173fa9b03c8a57ea966747af7425811543
012e36d6b214f5612fb99341c6dc271e6aa7be3043949cefec03f21cb2b3c1e0
08f5e8fe08aabf44bfc8601a89e05824a740df5258f70d883e6467e0624b148c
0a9360d8a44d5336ae9d5214ac782d87ea70003204670cba410aa423aa26995f
12fedf45d361e0dffa7f80e2b1fec3fe4aba25c7099cd444b0607851ca309ede
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
16374a463da07df782d25f7c6b8d1407c278bdcd263b42b9ab3a52df223ae524
1a661357e39de0a1236fae07b95a701b0aac13192a43cd52650e60e08d2db09d
1e3e46bfe2e437ec88b337c4893c591c726abfaafe957984466738e317ec5478
1e4653c9fbd5057570ffba66cdbc74c8956f77b964e633583cb28a6ff78cf0d4
1f5d5645463e43339cb7b894f6edd4ef7665bfe0fb145eda8534b22008a35da6
1fd82462c3c27b653bec893b2395d3fc4d218c36ae16b4a2b8f8d99c8637cef0
20b3acc9e787142bb21a4fc36db6dfbd830c7070ee8230b4160089db0a40b9bb
273f824d58e0f9151b2f6732639c527b75163589ef36939e146c2f4e6812e0cd
290f9c6084b46b94850626f1dbe6df20c7a805bed18c5aad6360bcc4da3bfae6
33110d24cbb506c398f40acebf7e9b4314b3644bda60332a7c993637c957bef1
33f0b8b7a0cc7f86ae47dd0f212574a707b14ade79cfbc87fc5f21f234159f9b
3a997e04353e88f40e41584ecfea025d074f355f534874f9dbe04a3bb5a5ca4d
3f2f6b191dc232af23a665dc86db62476027dd43a1fa8c84dc39075a23a3599f
44fe89bbbe6410e6c917c89fb8d8ce49aaa9858beda3a6262d4cebfbbb7e3029
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
4a2e8fd4b96e51ccf6f83def36ea3fa300ffe936f638750d97246bb86fed479e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e6e5aac3aa38a753f5a580ac29f2729c843ce4310aec3281686820cd2b0716d
4e83b8cb002ba9dd95cbc5678a7abbe2d427c9b7e9397f832c4f9bccc36254e0
556fda1442315041a8569fd61ed333b180e317c7fba97e9c5932aaec27e88f7a
55e21164d6ccf95c578b72c67a7d23a378fc680c5e40b981ebd0ad58e67f4201
579d4212e7a9f0c0a86f949fc90c566e1002d31adb3e8c01d98ed7360f030274
57f8ab4a7fff5be85f9b3c59e5b388753a4c7ed970c2833dbc60ced627b994f3
58a2123c5c4470286bd4a3401acfa54787293819f1b8cf8d2e8c89c94099fa10
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61fe827d03e287508447d5af2ecc3ff50310fb04ed5b5094bb38ab72f0b2f6e8
642aa08533dc7f32ef9896e5821ae4242ab95c2207cd00e3abda3e970ed4445a
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6edb6d0ff33905718350ce93823f92a40dc790cfcab1bf9d2da530485c33d1af
725b024bceba812f74680e8698952954a03cb8bab7afd496af3d09085ac1ff0c
72d552b349ad83b585905296f399b76c34ac7d0da8b1b3189ccb8bb379a0fd94
7732d8ecb86efc4dd1cc25f5ec0bc4264b06f8c5eee066483fabfdb6bd8df988
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9154cb25389c74c95a7bc2a304a32e8c3b97bb947d0b6fa1182ce1e1f7ce5b70
92e85dd5e8cbaff106682392864d2e5b44bd52c62e02c07997badbcc29dceed8
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
946e31729b00dbe6231c2edf841baf63fa7c1bef969fedeb93d121193682f781
96b4a46a6448af5c55fc907b77e86281baf3a34a205ffb6dd582e79c64c04a9e
9769ce881bb04d3f051ba9b64a1149572ef31dc9dedf0630a5ee176fb0d06ebf
a1ca94992132a731279c00ecb76a068fb56274f5090a7d93041fb3d0bc92f68d
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a4be3000b3180011a5b4396f17a1fe72aa3647fbc712f95b6493affab0cd2a81
b1db2c0444aac40cc0d8cfc5cef921f9d8ef04c5e3b49dd0df39cf25a7132473
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf500a4c158d24ba238d521a5fa775e693d03c507fa3f882bffbbeaf9fedeb64
c8b956148ff5bad88040d0e701e35b190a42da584f941db6adfe464e2cdf4031
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce6d7f008824d9f6af00150bf70a49369a24381165b5808efa74e68518e6d58d
d1c837b83e593f154428f1615709ad1146a51818f6973ad5ea0d24c2bb619670
d5267085b5489f178aae1444e1367dbca2debc7c061d5ddd803a16711a19c93b
d85881db163df67fb513101954f3c9cc74647fcc916df672f710deb08566b218
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
d8ce8a4e42c7cd0db6e1360a57901ecb9321edfe4b17205aa6a15f6700f2d61f
db9aab0c8a9a3aea7b6737acf13f8dfdc717c07f22928e993dc6a6784956b6ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7
e479ef02ef57f29c4749eed4b55cb041db228a2da706dd6539427f5bf52e3ee6
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e7769e57327a15cc210a53f2d33e960477599d7eb924519ef89c471002423df7
e8b206198540da8e398fe0f78983fcd1d20ec930e23acd969094107ce06956d3
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29d83871737b8ceaf904ae1b3f0260b7fb03b1440a7a1db79642341ee0e2dc6
f67eeb979f5676dccb2ec5eefcd365c69b9e03235b65c42397206264b9887c07
f832c764b6f453323743c976586ce9443740a911b12eca61cfa34fbff05c1262