urlscan.io logo urlscan.io
SecurityTrails logo

frca-development.elfcosmetics.com Open in urlscan Pro
34.224.42.164  Public Scan

Go To Rescan Add Verdict Report
URL: https://frca-development.elfcosmetics.com/
Submission: On May 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 4 countries across 22 domains to perform 123 HTTP transactions. The main IP is 34.224.42.164, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is frca-development.elfcosmetics.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time frca-development.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 34.224.42.164 14618 (AMAZON-AES)
2 2600:9000:20a... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
8 2606:4700:440... 13335 (CLOUDFLAR...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:20a... 16509 (AMAZON-02)
2 104.26.13.205 13335 (CLOUDFLAR...)
7 2606:4700:440... 13335 (CLOUDFLAR...)
13 3.215.165.81 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 185.89.210.212 29990 (ASN-APPNEX)
2 15.197.193.217 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:9000:237... 16509 (AMAZON-02)
1 1 142.250.186.68 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
10 54.230.228.72 16509 (AMAZON-02)
1 142.250.185.142 15169 (GOOGLE)
1 34.102.147.248 396982 (GOOGLE-CL...)
1 192.229.221.25 15133 (EDGECAST)
2 34.111.194.77 396982 (GOOGLE-CL...)
8 142.250.186.72 15169 (GOOGLE)
1 18.66.192.111 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 34.49.124.132 396982 (GOOGLE-CL...)
4 8 142.250.186.130 15169 (GOOGLE)
2 172.64.155.166 13335 (CLOUDFLAR...)
2 54.77.171.181 16509 (AMAZON-02)
1 34.98.67.3 396982 (GOOGLE-CL...)
2 34.252.198.165 ()
1 52.30.218.239 ()
1 151.101.131.1 ()
1 35.244.174.68 ()
123 34
14    34.224.42.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-42-164.compute-1.amazonaws.com
frca-development.elfcosmetics.com
2    2600:9000:20ae:d200:1b:8846:8500:93a1 (United States)

ASN16509 (AMAZON-02, US)
pinchjs-cdn.gdn.smartling.com
1    2606:4700:4400::ac40:9994 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.c1.amplience.net
8    2606:4700:4400::6812:205a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.media.amplience.net
12    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
4    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:9000:20ae:5600:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.dynamicyield.com
2    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
7    2606:4700:4400::6812:25a1 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
13    3.215.165.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-165-81.compute-1.amazonaws.com
pinchjs.gdn.smartling.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2600:9000:237d:6a00:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
st.dynamicyield.com
1    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads.g.doubleclick.net
10    54.230.228.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-72.muc50.r.cloudfront.net
async-px.dynamicyield.com
1    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
1    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
tag.rmp.rakuten.com
1    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypal.com
2    34.111.194.77 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 77.194.111.34.bc.googleusercontent.com
staging.static.ordergroove.com
8    142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com
1    18.66.192.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-111.muc50.r.cloudfront.net
t.contentsquare.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    34.49.124.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.124.49.34.bc.googleusercontent.com
sgtm.elfcosmetics.com
8    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
ade.googlesyndication.com
2    172.64.155.166 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.media.amplience.net
2    54.77.171.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-171-181.eu-west-1.compute.amazonaws.com
c.contentsquare.net
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
ut.rd.linksynergy.com
2    34.252.198.165 (None, )

ASN- ()
api.cquotient.com
1    52.30.218.239 (None, )

ASN- ()
srm.ba.contentsquare.net
1    151.101.131.1 (None, )

ASN- ()
www.sandbox.paypal.com
1    35.244.174.68 (None, )

ASN- ()
idsync.rlcdn.com
Apex Domain
Subdomains		 Transfer
16 elfcosmetics.com
frca-development.elfcosmetics.com
sgtm.elfcosmetics.com — Cisco Umbrella Rank: 175866
1 MB
15 smartling.com
pinchjs-cdn.gdn.smartling.com — Cisco Umbrella Rank: 811151
pinchjs.gdn.smartling.com — Cisco Umbrella Rank: 869427
2 MB
14 dynamicyield.com
cdn.dynamicyield.com — Cisco Umbrella Rank: 8814
st.dynamicyield.com — Cisco Umbrella Rank: 8494
async-px.dynamicyield.com — Cisco Umbrella Rank: 8693
246 KB
12 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
548 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 312
165 KB
11 amplience.net
cdn.c1.amplience.net — Cisco Umbrella Rank: 31539
cdn.media.amplience.net — Cisco Umbrella Rank: 14154
468 KB
8 googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 317
2 KB
7 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 2594
1 KB
4 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3447
c.contentsquare.net — Cisco Umbrella Rank: 4542
srm.ba.contentsquare.net
72 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 482
4 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
2 cquotient.com
api.cquotient.com
525 B
2 ordergroove.com
staging.static.ordergroove.com
58 KB
2 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2954
www.sandbox.paypal.com
117 KB
2 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 691
297 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2924
231 B
1 rlcdn.com
idsync.rlcdn.com
98 B
1 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 8843
413 B
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 7849
15 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
65 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
24 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 533
304 B
123 22
Domain Requested by
14 frca-development.elfcosmetics.com 1 redirects frca-development.elfcosmetics.com
13 pinchjs.gdn.smartling.com pinchjs-cdn.gdn.smartling.com
12 www.googletagmanager.com pinchjs-cdn.gdn.smartling.com
12 cdn.cookielaw.org frca-development.elfcosmetics.com
cdn.cookielaw.org
pinchjs-cdn.gdn.smartling.com
10 async-px.dynamicyield.com cdn.dynamicyield.com
10 cdn.media.amplience.net frca-development.elfcosmetics.com
8 ade.googlesyndication.com 4 redirects
7 sdk.iad-05.braze.com frca-development.elfcosmetics.com
4 secure.adnxs.com 2 redirects frca-development.elfcosmetics.com
3 www.google-analytics.com pinchjs-cdn.gdn.smartling.com
www.google-analytics.com
3 cdn.dynamicyield.com pinchjs-cdn.gdn.smartling.com
2 api.cquotient.com frca-development.elfcosmetics.com
2 c.contentsquare.net
2 sgtm.elfcosmetics.com www.googletagmanager.com
2 staging.static.ordergroove.com pinchjs-cdn.gdn.smartling.com
2 insight.adsrvr.org frca-development.elfcosmetics.com
2 api.ipify.org frca-development.elfcosmetics.com
2 pinchjs-cdn.gdn.smartling.com frca-development.elfcosmetics.com
1 idsync.rlcdn.com
1 www.sandbox.paypal.com www.paypal.com
1 srm.ba.contentsquare.net t.contentsquare.net
1 ut.rd.linksynergy.com pinchjs-cdn.gdn.smartling.com
1 region1.google-analytics.com www.googletagmanager.com
1 t.contentsquare.net pinchjs-cdn.gdn.smartling.com
1 www.paypal.com pinchjs-cdn.gdn.smartling.com
1 tag.rmp.rakuten.com pinchjs-cdn.gdn.smartling.com
1 googleads.g.doubleclick.net frca-development.elfcosmetics.com
1 www.google.com 1 redirects
1 st.dynamicyield.com pinchjs-cdn.gdn.smartling.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 cdn.c1.amplience.net frca-development.elfcosmetics.com
123 31
Subject Issuer Validity Valid
*.elfcosmetics.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-25 -
2024-10-25		 a year crt.sh
*.gdn.smartling.com
Amazon RSA 2048 M03		 2024-04-15 -
2025-05-13		 a year crt.sh
c1.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-10 -
2024-10-23		 a year crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-14		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M02		 2023-09-03 -
2024-10-01		 a year crt.sh
ipify.org
GTS CA 1P5		 2024-03-21 -
2024-06-19		 3 months crt.sh
sdk.iad-05.braze.com
E1		 2024-04-19 -
2024-07-18		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
tag.rmp.rakuten.com
GTS CA 1D4		 2024-03-31 -
2024-06-29		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-12 -
2024-10-31		 a year crt.sh
staging.static.ordergroove.com
GTS CA 1D4		 2024-04-19 -
2024-07-18		 3 months crt.sh
t.contentsquare.net
Amazon RSA 2048 M01		 2023-09-13 -
2024-10-11		 a year crt.sh
sgtm.elfcosmetics.com
GTS CA 1D4		 2024-03-17 -
2024-06-15		 3 months crt.sh
dep.ba.contentsquare.net
Amazon RSA 2048 M03		 2024-02-18 -
2025-03-19		 a year crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA		 2024-01-23 -
2025-01-22		 a year crt.sh
*.cquotient.com
Amazon RSA 2048 M02		 2024-03-05 -
2025-04-03		 a year crt.sh
srm.ba.contentsquare.net
Amazon RSA 2048 M02		 2023-11-07 -
2024-12-06		 a year crt.sh
www.sandbox.paypal.com
DigiCert EV RSA CA G2		 2024-02-05 -
2025-02-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://frca-development.elfcosmetics.com/
Frame ID: 00343F854FD8F159B75A285C87394EE4
Requests: 118 HTTP requests in this frame

Frame: https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRiU2pQenBpdWdMVWFtTGJ4anNMTnRuMVNWdllkMURaQUZsY3FlMHNfZGZjUURqZ09OME16eDlLMndWaEprQ0g4UUVNOVZMVGVBVF9vTXImaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1DQUQmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9ydXlueHN5YnZnc2llZGpreW1jdnZmemh0cHhyaHcifX0&env=sandbox&scriptUID=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&version=1.64.0&integrationType=SDK
Frame ID: B791D3517B5D9CEAD81749139B311985
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Produits de maquillage et soin à prix abordables de drugstore | e.l.f. Cosmetics

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com

Page Statistics

123
Requests

87 %
HTTPS

32 %
IPv6

22
Domains

31
Subdomains

34
IPs

4
Countries

4899 kB
Transfer

12780 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/authorize?redirect_uri=https%3A%2F%2Ffrca-development.elfcosmetics.com%2Fcallback&response_type=code&client_id=bc4b91c6-6960-4cb9-b44d-33cc7dfe679b&hint=guest&channel_id=elf-us&code_challenge=5pgxrwy8jqKy8_EAeITvyisQeZyer8fR2-bEuV7uzu4 HTTP 303
  • https://frca-development.elfcosmetics.com/callback?usid=313ff7ba-9ce7-41ac-b587-02d29967d99a&code=KODMJx4MLJzc8mL0XayPgdSSIFxNJMZO7YptldEnDns
Request Chain 25
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Request Chain 27
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Request Chain 31
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=1844097058.1715688981&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He45d0n81WL3STMXv896608294za200&auid=1108373458.1715688981 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=1844097058.1715688981&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He45d0n81WL3STMXv896608294za200&auid=1108373458.1715688981
Request Chain 85
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=6860964674439;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJebu8KPjYYDFU9iHgIdOrEPHQ;type=elf8j0;cat=glo_flhp;ord=6860964674439;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com
Request Chain 86
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=7019157979595;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CKidu8KPjYYDFT1MHgIdA4wP0w;type=elf8j0;cat=glo_flap;ord=7019157979595;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com
Request Chain 87
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=9999165150801;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181787185z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CIeovcKPjYYDFQloHgIdMocJ0g;type=conte0;cat=homep0;ord=9999165150801;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181787185z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com
Request Chain 94
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=4148324387590;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CO7jv8KPjYYDFVFoHgIdzpgETA;type=retarget;cat=globa0;ord=4148324387590;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com

123 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
frca-development.elfcosmetics.com/ 		843 KB
220 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
2d0966c764654a09bb93c41059ec5e3cac281d9477f4a199bbf669a81740e40b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
public, must-revalidate, s-maxage=900
content-encoding
gzip
content-language
fr-CA
content-type
text/html; charset=utf-8
date
Tue, 14 May 2024 12:16:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
via
1.1 547ed58ab09c3c811d28ab963755fcd8.cloudfront.net (CloudFront)
x-amz-apigw-id
XwpgcFddIAMErtQ=
x-amz-cf-id
qZFFCujK74ATmD0NhNtS8UOI9H-zYBIZ8qGikA4JCWpGsWIq-nxlOQ==
x-amz-cf-pop
JFK52-P3
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
745136
x-amzn-remapped-date
Tue, 14 May 2024 12:16:16 GMT
x-amzn-requestid
505f8844-e312-4db1-b208-fa237054ad92
x-amzn-trace-id
Root=1-66435601-4acd56ca123f21295a18feb8;Parent=22d7e886f4f1db24;Sampled=0;lineage=0483b39b:0
x-cache
Miss from cloudfront
x-server
Smartling
x-sl-norewrite
1
x-sl-notranslate
1
x-yottaa-metrics
3821cc023177/[15639,15521,-] 38D1cc023140/[-,15738.100]
x-yottaa-optimizations
ob/1000000000001000 si/38D1cc023140-1715630680-6861583317 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-yottaa-os
200
sl-tran-a8aa72de7-fr-CA.js
pinchjs-cdn.gdn.smartling.com/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinchjs-cdn.gdn.smartling.com/sl-tran-a8aa72de7-fr-CA.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:d200:1b:8846:8500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fa624048ff6a4e6864de316ec3760575a10ac60376972927ad46c156b2d4c4f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:19 GMT
x-amz-version-id
null
x-amz-meta-sl-checksum
2367391b-1467839323
last-modified
Tue, 14 May 2024 01:08:20 GMT
server
AmazonS3
content-encoding
gzip
x-amz-cf-pop
MUC50-P5
etag
W/"283e749feac282c450ffebd59107b29e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 c357e4a7404abfefc6d5fb1647246a74.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
LvsrBPJvrWrUWk1rVM_-64qSAB4-A99R8_QxF6fKp4WGLmkWqD_WIQ==
sl-init.js
pinchjs-cdn.gdn.smartling.com/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:d200:1b:8846:8500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d439af8282e870484b4e19d59380b11a1f0ef6058f1209ca1cf56befefcec1d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 c357e4a7404abfefc6d5fb1647246a74.cloudfront.net (CloudFront)
date
Tue, 14 May 2024 12:04:04 GMT
last-modified
Tue, 07 May 2024 13:54:00 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P5
age
745
x-amz-server-side-encryption
AES256
etag
W/"ead736045c2f9bc63f1c8b789dd10510"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
b_reQT3TrzLVs0Ibjiz_kJgPsfxp0owjPaBivhBQfBt3W3lHE9ptGQ==
locale-link-rewriter-0.0.2-min
cdn.c1.amplience.net/c/elfcosmetics/ 		553 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.2-min
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 May 2024 12:12:03 GMT
server
cloudflare
age
255
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
edge-control
max-age=1800
cache-control
s-maxage=1800, max-age=120
cf-ray
883ad1907cef372c-FRA
vendor.js
frca-development.elfcosmetics.com/mobify/bundle/11235/ 		2 MB
621 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
b2e0bde8a120edcd0e126c139ff4c62dc420e43a86bb9e22c92044fdda3fc3ef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:18 GMT
via
1.1 d2b8f634cf8ac5ec77dee366297223bc.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK52-P3
age
0
x-yottaa-optimizations
ob/1000 si/38D1cc023140-1715630680-6861583334 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Hit from cloudfront
x-sl-norewrite
1
x-amz-meta-deploy
752600
alt-svc
h3=":443"; ma=86400
x-amz-meta-bundle
11235
x-yottaa-forcecache
true
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31104000
x-yottaa-os
200
x-server
Smartling
x-yottaa-metrics
3821cc023188/[145,74,-] 38D1cc023140/[-,459.116]
x-sl-notranslate
1
x-amz-cf-id
cEfELD0N91OSISxIVO8xIXRr0s0of11WqnyBwQOIezqIq7rDlBEhRw==
main.js
frca-development.elfcosmetics.com/mobify/bundle/11235/ 		2 MB
488 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/mobify/bundle/11235/main.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
83231363e6c3a4479e192cb2169c1cf6732a8ac30c81c5ef118fd6e6b79f60db

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:19 GMT
via
1.1 38d213e81ab517fd857234c4eccd4632.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK52-P3
age
0
x-yottaa-optimizations
ob/1000 si/38D1cc023140-1715630680-6861583335 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Hit from cloudfront
x-sl-norewrite
1
x-amz-meta-deploy
752600
alt-svc
h3=":443"; ma=86400
x-amz-meta-bundle
11235
x-yottaa-forcecache
true
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31104000
x-yottaa-os
200
x-server
Smartling
x-yottaa-metrics
3821cc023189/[118,68,-] 38D1cc023140/[-,343.562]
x-sl-notranslate
1
x-amz-cf-id
kqkDroXnoQXDmYRMw2kVr1Y4srwTX4-AjhDUca7V-i2MUXwouJualQ==
pages-home.js
frca-development.elfcosmetics.com/mobify/bundle/11235/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/mobify/bundle/11235/pages-home.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
e2719add3a6d6e8d76615ef6e4e221fdfe6075829578559adf1ca76bca25db43

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:19 GMT
via
1.1 3d33f952c2b7fe5b0308385e96c9263c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
SFO20-C1
age
0
x-yottaa-optimizations
ob/1000 si/25D1cc0285ed-1715630680-5510809223 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Hit from cloudfront
x-sl-norewrite
1
x-amz-meta-deploy
752600
alt-svc
h3=":443"; ma=86400
x-amz-meta-bundle
11235
x-yottaa-forcecache
true
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31104000
x-yottaa-os
200
x-server
Smartling
x-yottaa-metrics
2521cc02854b/[49,22,-] 25D1cc0285ed/[-,50.423]
x-sl-notranslate
1
x-amz-cf-id
A9nY6XZHhYYx577mZp45atyQBrFyXpPLyJSMXf4hSI9e_VztHglGlA==
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
beauty-squad-early-access_MARGIN-BOTTOM-1
cdn.media.amplience.net/i/elfcosmetics/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/beauty-squad-early-access_MARGIN-BOTTOM-1?%24Desktop%24=&fmt=auto&w=864
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065c9fc01c85b8b839669ee8d41d68d7bfab510a7bfbcaef8a4b0f268659e4ff
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:19 GMT
cf-cache-status
EXPIRED
x-amp-srv
CF
edge-cache-tag
gPN_XhY8I,l4p5bDg2e,mF-g78ke7,GZwI-7Kph,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
z9ub_fMGYI
alt-svc
h3=":443"; ma=86400
content-length
6635
x-xss-protection
1; mode=block
x-amp-source-height
98
last-modified
Sat, 11 May 2024 16:50:40 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
332
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
883ad196ebcc5c32-FRA
x-amp-published
Fri, 10 May 2024 21:12:04 GMT
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin
https://frca-development.elfcosmetics.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin
https://frca-development.elfcosmetics.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
halo-glow-repromote-2024-05-IMAGE-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-repromote-2024-05-IMAGE-1_D-min?fmt=auto
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556439ae99de9152826ea7a09b6a485315e1a783563542df48051122040576ac
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:19 GMT
cf-cache-status
HIT
age
67460
x-amp-srv
CF
edge-cache-tag
riCJiEIYt,l4p5bDg2e,xAmoEKQeQ,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
h0jHeZj2MZ
alt-svc
h3=":443"; ma=86400
content-length
56154
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Mon, 13 May 2024 17:31:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
883ad196ebcf5c32-FRA
x-amp-published
Tue, 23 Apr 2024 21:32:39 GMT
halo-glow-repromote-2024-05-IMAGE-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-repromote-2024-05-IMAGE-2_D-min?fmt=auto
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4040c70033d1b909ef1133deddc8d454e05467be6975afa26ac324e1fadea7
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:19 GMT
cf-cache-status
HIT
age
67460
x-amp-srv
CF
edge-cache-tag
XPQaUsC57,l4p5bDg2e,7a1WfdFKy,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
xSZCK6Gui8
alt-svc
h3=":443"; ma=86400
content-length
24182
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Mon, 13 May 2024 17:31:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
883ad196ebcd5c32-FRA
x-amp-published
Tue, 23 Apr 2024 21:32:39 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Dw6K+rTuf8kOuPIEBw1QQA==
age
56204
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6881
x-ms-lease-status
unlocked
last-modified
Mon, 13 May 2024 02:04:03 GMT
server
cloudflare
etag
0x8DC72F0F65BBA2A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6c5db382-601e-0039-604f-a501cd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
883ad19edd6065de-FRA
gtm.js
www.googletagmanager.com/ 		500 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be2914a5fe61e874c4c5a59bf458a194392223d67a5a0917a2896500bd19faa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137557
x-xss-protection
0
last-modified
Tue, 14 May 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 May 2024 12:16:20 GMT
api_dynamic.js
cdn.dynamicyield.com/api/8772046/ 		495 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:5600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
284bd2b9306e1a99c9500a51090b7aadda10b48b8d96fea993e1cb97b7d13f32

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:20 GMT
content-encoding
gzip
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
last-modified
Mon, 13 May 2024 21:57:26 GMT
server
DYCDN
age
16
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
etag
W/"ad3c34f4b99fa83f059c324874968b9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=30
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
m0PdKkItQc78f1CvksEIrVEvMjIVf96hK34JzNtY8krKWELpB94ZjA==
api_static.js
cdn.dynamicyield.com/api/8772046/ 		388 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:5600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 23:13:15 GMT
content-encoding
gzip
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
last-modified
Mon, 13 May 2024 21:57:26 GMT
server
DYCDN
age
46986
x-amz-cf-pop
MUC50-P5
etag
W/"64e0187feba0c97d38f8aabb6e6d66cd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
0nl7VWPnHOvPrsnb8JckmaTgYrns9X22iVbEtzKoe3U9OCZzZT0Dsw==
/
api.ipify.org/ 		23 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1999206051534c886e13fb23a24980bf7e3cfd83a388f4cf2c81e3e7d7c03ad

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
883ad19ef8f19951-FRA
content-length
23
/
api.ipify.org/ 		23 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1999206051534c886e13fb23a24980bf7e3cfd83a388f4cf2c81e3e7d7c03ad

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
883ad1a02a429951-FRA
content-length
23
/
sdk.iad-05.braze.com/api/v3/data/ 		489 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4360c49882c710de197b50fbfd52068ce9f5f3132d44b58a067179580044607c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
23316cb7-f57f-4f14-a7d3-8bed8ca921f5
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
34325697-a444-4363-a2e3-1408eabb24d0
x-runtime
0.188545
server
cloudflare
etag
W/"4360c49882c710de197b50fbfd52068c"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1715688984
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
883ad1a12add30c9-FRA
x-ratelimit-remaining
499.0
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
883ad19f988830c9-FRA
content-encoding
gzip
date
Tue, 14 May 2024 12:16:20 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
callback
frca-development.elfcosmetics.com/
Redirect Chain
  • https://frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/authorize?redirect_uri=https%3A%2F%2Ffrca-development.elfcosmetics.com%2Fcallback&res...
  • https://frca-development.elfcosmetics.com/callback?usid=313ff7ba-9ce7-41ac-b587-02d29967d99a&code=KODMJx4MLJzc8mL0XayPgdSSIFxNJMZO7YptldEnDns
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/callback?usid=313ff7ba-9ce7-41ac-b587-02d29967d99a&code=KODMJx4MLJzc8mL0XayPgdSSIFxNJMZO7YptldEnDns
Protocol
H2
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 14 May 2024 12:16:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 547ed58ab09c3c811d28ab963755fcd8.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
content-encoding
gzip
x-amz-cf-pop
JFK52-P3
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
18fc74d7-74f6-4877-9d83-60e44c8ded9d
x-yottaa-optimizations
ob/1000 si/38D1cc02313e-1715630680-959510976 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Miss from cloudfront
x-sl-norewrite
1
x-amz-apigw-id
XwpjdGf8IAMERnQ=
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-66435615-408c1d5f60cd6dcf7ca076bb;Parent=29a2927e25092803;Sampled=0;lineage=0483b39b:0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public, max-age=604800
x-yottaa-os
200
x-server
Smartling
x-yottaa-metrics
3821cc023177/[553,550,-] 38D1cc02313e/[-,555.963]
x-sl-notranslate
1
x-amzn-remapped-date
Tue, 14 May 2024 12:16:21 GMT
x-amz-cf-id
Pt9E7RW6L100kFzifakHp3uEt5a3qGUofUTuHmJZffXKkrSS0CKnPw==

Redirect headers

date
Tue, 14 May 2024 12:16:21 GMT
x-correlation-id
883ad1a40ca620ca
via
1.1 def26d054ec95b961e8352e3cd4fae7e.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
JFK52-P3
age
0
x-yottaa-optimizations
ob/0 si/38D1cc023140-1715630680-6861583336 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Miss from cloudfront
x-sl-norewrite
1
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-ratelimit-1m-remaining
491, 1979312
x-ratelimit-1m-reset
38837, 38836
x-ratelimit-1m-limit
500, 2000000
vary
Accept-Encoding
location
https://frca-development.elfcosmetics.com/callback?usid=313ff7ba-9ce7-41ac-b587-02d29967d99a&code=KODMJx4MLJzc8mL0XayPgdSSIFxNJMZO7YptldEnDns
cache-control
no-store
x-yottaa-os
303
x-server
Smartling
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/authorize?redirect_uri=https%3A%2F%2Ffrca-development.elfcosmetics.com%2Fcallback&response_type=code&client_id=bc4b91c6-6960-4cb9-b44d-33cc7dfe679b&hint=guest&channel_id=elf-us&code_challenge=5pgxrwy8jqKy8_EAeITvyisQeZyer8fR2-bEuV7uzu4
x-yottaa-metrics
3821cc02318a/[528,513,-] 38D1cc023140/[-,529.383]
cf-ray
883ad1a40ca620ca-IAD
x-amz-cf-id
7_FsPGFTX7rZQ1APEHUYarbovDUtYspC3T28xQs0tt9Bb-paBH0RmA==
x-sl-notranslate
1
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash
be989ee157b0fe40e842bcb4153adbf1230445f788203e717911ac8061a8c115

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-SL-PJS-Version
0.271
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
2770
apigw-requestid
XwpjThy4oAMEJUg=
content-type
application/json
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sl-pjs-locale,x-sl-pjs-uid,x-sl-pjs-version
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
apigw-requestid
XwpjSgX7oAMEJeg=
content-length
2
content-type
application/json
date
Tue, 14 May 2024 12:16:20 GMT
018ea565-c262-7057-a505-a2012f1cf327.json
cdn.cookielaw.org/consent/018ea565-c262-7057-a505-a2012f1cf327/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/018ea565-c262-7057-a505-a2012f1cf327/018ea565-c262-7057-a505-a2012f1cf327.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b366a6f21573c6e05b3891f356296c2b8821742959738c22c5fda9f83263b4c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
Byd8BrEcjlGHo1ZtHmonHQ==
content-length
1798
x-ms-lease-status
unlocked
last-modified
Fri, 05 Apr 2024 16:50:17 GMT
server
cloudflare
etag
0x8DC559078EE43C1
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b00e1102-f01e-0096-46d8-a4235d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
883ad19fe92e696f-FRA
expires
Wed, 15 May 2024 12:16:20 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 May 2024 11:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2117
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 14 May 2024 13:41:03 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:20 GMT
an-x-request-uuid
ded031e5-a5dd-4c4d-b0a2-36ead401119a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.19; 217.114.218.19; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:20 GMT
an-x-request-uuid
3fcb6c54-4cc1-4083-b554-860efe03b114
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.19; 217.114.218.19; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:20 GMT
server
Kestrel
content-length
70
content-type
image/gif
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:20 GMT
an-x-request-uuid
c232ed32-ab22-4690-8123-4d7488e62752
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.19; 217.114.218.19; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:20 GMT
an-x-request-uuid
f139e082-3e07-4727-bb00-0b36853a2ee2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.19; 217.114.218.19; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:20 GMT
server
Kestrel
content-length
70
content-type
image/gif
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept
application/json
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
883ad1a1588b9152-FRA
access-control-allow-headers
Content-Type
st
st.dynamicyield.com/ 		118 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=km7k1jrsb2tj1wgn7fyg5xu7b8bt6nlf&ref=&scriptVersion=2.32.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22fr-CA%22%2C%22data%22%3A%5B%5D%7D
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:6a00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
070d6bf62d41dea12709388b586e581aa4243beb4f8faf92f3123d9dcf8290f5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:20 GMT
content-encoding
gzip
via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control
no-cache
x-amz-cf-id
OY5YLKJBJusp68VWRMWjvYyKM5vV3oOsB_MuvfTqSIUtqNqZPfFVEA==
expires
Tue, 14 May 2024 12:16:19 GMT
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=1844097058.1715688981&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He45d0n81WL3STMXv8966...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=1844097058.1715688981&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He45d0n8...
42 B
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=1844097058.1715688981&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He45d0n81WL3STMXv896608294za200&auid=1108373458.1715688981
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=1844097058.1715688981&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He45d0n81WL3STMXv896608294za200&auid=1108373458.1715688981
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sl-pjs-locale,x-sl-pjs-uid,x-sl-pjs-version
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
apigw-requestid
XwpjTj7FIAMEJQg=
content-length
2
content-type
application/json
date
Tue, 14 May 2024 12:16:20 GMT
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash
f13ed4b683778000389e529516aabc1f247ea09664baddf9b242d36da202f575

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-SL-PJS-Version
0.271
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
2770
apigw-requestid
XwpjVg_OoAMEJnA=
content-type
application/json
collect
www.google-analytics.com/j/ 		3 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=922930066&t=pageview&_s=1&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Produits%20de%20maquillage%20et%20soin%20%C3%A0%20prix%20abordables%20de%20drugstore%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=788272158&gjid=1293969321&cid=1818411430.1715688981&tid=UA-432816-1&_gid=307753472.1715688981&_r=1&_slc=1&gtm=45He45d0n81WL3STMXv896608294za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&z=2018645535
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://frca-development.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202403.2.0/ 		447 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e90effe2c4b60df553e50c5e65bcf113ad7a2ddf3d5e7a594f2b8a9ccfd4523
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
NaqcG2ILVJmSrG/q1ZpJ7w==
age
9957
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
110887
x-ms-lease-status
unlocked
last-modified
Mon, 22 Apr 2024 06:06:18 GMT
server
cloudflare
etag
0x8DC62925356D668
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c839b996-c01e-001f-188e-948a87000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
883ad1a25ad565de-FRA
en.json
cdn.cookielaw.org/consent/018ea565-c262-7057-a505-a2012f1cf327/b3580e16-19d9-4554-ba1a-ac19abea14a3/ 		70 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/018ea565-c262-7057-a505-a2012f1cf327/b3580e16-19d9-4554-ba1a-ac19abea14a3/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d66777a49d31907570473a21ca434807cd7b57f4be3f81a8d2570c04d8a2ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
+XXLk9hAKfT5IRFIHHIC9g==
content-length
17963
x-ms-lease-status
unlocked
last-modified
Fri, 05 Apr 2024 16:50:31 GMT
server
cloudflare
etag
0x8DC559081AAF732
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8208ea59-201e-0058-61f8-a14512000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
883ad1a2bca9696f-FRA
expires
Wed, 15 May 2024 12:16:20 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
wV78mAWw6KBtzfNUzHQTew==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3041
x-ms-lease-status
unlocked
last-modified
Mon, 22 Apr 2024 06:06:11 GMT
server
cloudflare
etag
0x8DC62924F52ADA5
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6e6edd07-b01e-0083-0fb0-9427e1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
883ad1a3adbd696f-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3acd5c9271c2cd33f5135df43ae4c574e4d524282e5322137b77cdb4a5524bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
AuGdfk9YQiHTOXC6nprZgA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12755
x-ms-lease-status
unlocked
last-modified
Mon, 22 Apr 2024 06:06:13 GMT
server
cloudflare
etag
0x8DC629250A45095
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b7f8548b-c01e-0095-4dd8-a4205a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
883ad1a3adbf696f-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
itF4BEv6QGTJMVC/PCYKDA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1738
x-ms-lease-status
unlocked
last-modified
Mon, 22 Apr 2024 06:06:13 GMT
server
cloudflare
etag
0x8DC6292505EED4D
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b6a9a0b7-d01e-004d-4f02-a5878b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
883ad1a3adc2696f-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
gzip
content-md5
4ErYmXXFNbMLrnc9DrDTsg==
x-ms-lease-status
unlocked
last-modified
Mon, 22 Apr 2024 06:06:21 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
8de54516-501e-0022-76b0-94fc9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
883ad1a3adc3696f-FRA
dy-coll-min.js
cdn.dynamicyield.com/scripts/2.32.0/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:5600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 16:18:54 GMT
content-encoding
gzip
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
last-modified
Tue, 02 Apr 2024 09:13:12 GMT
server
DYCDN
age
1367848
x-amz-cf-pop
MUC50-P5
etag
W/"65b3e284856fb8d657d1f6a3423618c7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
OF2I-k71mfd-00mattanG9iswGP_6kowlnewrzg-azhW7Kijuk5fzg==
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc6f77fc7fa4444526db2e41b0e17dbd820e80f478ac7000635719e5e2cbe30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
23316cb7-f57f-4f14-a7d3-8bed8ca921f5
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://frca-development.elfcosmetics.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
8cadd498-3a0c-4837-b1ae-9bf6a93c1c06
x-runtime
0.090891
server
cloudflare
etag
W/"5dc6f77fc7fa4444526db2e41b0e17db"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1715688984
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
883ad1a5ba4330c9-FRA
x-ratelimit-remaining
499.0
sync
sdk.iad-05.braze.com/api/v3/feature_flags/ 		20 B
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
23316cb7-f57f-4f14-a7d3-8bed8ca921f5
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
X-Braze-FeatureFlagsRequest
true
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
f216bae0-0701-481d-b4a0-c10bf76f28b8
x-runtime
0.049298
server
cloudflare
etag
W/"e92f434a50c76d6e52d0d3cc91cdf185"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1715688984
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
883ad1a579f830c9-FRA
x-ratelimit-remaining
499.0
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
883ad1a41fe230c9-FRA
content-encoding
gzip
date
Tue, 14 May 2024 12:16:21 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/feature_flags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
883ad1a42fe630c9-FRA
content-encoding
gzip
date
Tue, 14 May 2024 12:16:21 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
6bbfe54a-34aa-48a9-b9cb-07355ce392ca
https://frca-development.elfcosmetics.com/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://frca-development.elfcosmetics.com/6bbfe54a-34aa-48a9-b9cb-07355ce392ca
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
538aeb10714cb09238f3258bbb4ef128c333abc7ba29b75431646868a642b891

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
2462
Content-Type
uia
async-px.dynamicyield.com/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/uia?cnst=1&_=1715688981216
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-72.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
jGPJuYVBqFpy__ABC__tkaNvdoeDRrpvZ1_7DG22sQWYmszsruAgeg==
expires
0
sl-placeholder-values
pinchjs.gdn.smartling.com/sl-api/ 		2 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/sl-placeholder-values
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-SL-PJS-Version
0.271
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 12:16:21 GMT
access-control-allow-headers
*
content-length
2
apigw-requestid
XwpjZi1toAMEcDQ=
content-type
application/json
sl-placeholder-values
pinchjs.gdn.smartling.com/sl-api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/sl-placeholder-values
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sl-pjs-locale,x-sl-pjs-uid,x-sl-pjs-version
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
apigw-requestid
XwpjXgZEoAMEJeg=
content-length
2
content-type
application/json
date
Tue, 14 May 2024 12:16:21 GMT
project-juicy-products-beauty-squad-with-vault-2024-05-IMAGE-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-with-vault-2024-05-IMAGE-1_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-with-vault-2024-05-IMAGE-1_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-with-vault-2024-05-IMAGE-1_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ec0ccbf42195241c43b8f0e29775ee14480d9492d1867ab03a7ed6dea7617a
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
cf-cache-status
HIT
age
12143
x-amp-srv
CF
edge-cache-tag
2uiKASg7-,l4p5bDg2e,QleaYG0qT,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
sRGBqHmXar
alt-svc
h3=":443"; ma=86400
content-length
26954
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Tue, 14 May 2024 08:53:58 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
883ad1a4fc9d5c32-FRA
x-amp-published
Fri, 10 May 2024 21:12:04 GMT
project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		254 KB
255 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60bcf01d04394617737446dc979e69c27ed9d8707decce34b5986d9be29a2d7d
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
cf-cache-status
HIT
age
68261
x-amp-srv
CF
edge-cache-tag
bAkoUIp98,l4p5bDg2e,mQqckZV-k,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
5Nwpu9f4vq
alt-svc
h3=":443"; ma=86400
content-length
260184
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Mon, 13 May 2024 17:18:40 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
883ad1a4fca35c32-FRA
x-amp-published
Sun, 12 May 2024 07:00:04 GMT
beauty-squad-early-access_MARGIN-BOTTOM-1
cdn.media.amplience.net/i/elfcosmetics/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/beauty-squad-early-access_MARGIN-BOTTOM-1?%24Desktop%24=&fmt=auto&w=864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065c9fc01c85b8b839669ee8d41d68d7bfab510a7bfbcaef8a4b0f268659e4ff
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:19 GMT
cf-cache-status
EXPIRED
x-amp-srv
CF
edge-cache-tag
gPN_XhY8I,l4p5bDg2e,mF-g78ke7,GZwI-7Kph,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
z9ub_fMGYI
alt-svc
h3=":443"; ma=86400
content-length
6635
x-xss-protection
1; mode=block
x-amp-source-height
98
last-modified
Sat, 11 May 2024 16:50:40 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
332
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
883ad196ebcc5c32-FRA
x-amp-published
Fri, 10 May 2024 21:12:04 GMT
halo-glow-repromote-2024-05-IMAGE-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		55 KB
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-repromote-2024-05-IMAGE-1_D-min?fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556439ae99de9152826ea7a09b6a485315e1a783563542df48051122040576ac
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
cf-cache-status
HIT
age
67462
x-amp-srv
CF
edge-cache-tag
riCJiEIYt,l4p5bDg2e,xAmoEKQeQ,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
h0jHeZj2MZ
alt-svc
h3=":443"; ma=86400
content-length
56154
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Mon, 13 May 2024 17:31:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
883ad1a4fca45c32-FRA
x-amp-published
Tue, 23 Apr 2024 21:32:39 GMT
halo-glow-repromote-2024-05-IMAGE-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		24 KB
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-repromote-2024-05-IMAGE-2_D-min?fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4040c70033d1b909ef1133deddc8d454e05467be6975afa26ac324e1fadea7
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
cf-cache-status
HIT
age
67462
x-amp-srv
CF
edge-cache-tag
XPQaUsC57,l4p5bDg2e,7a1WfdFKy,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
xSZCK6Gui8
alt-svc
h3=":443"; ma=86400
content-length
24182
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Mon, 13 May 2024 17:31:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
883ad1a4fca75c32-FRA
x-amp-published
Tue, 23 Apr 2024 21:32:39 GMT
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash
f13ed4b683778000389e529516aabc1f247ea09664baddf9b242d36da202f575

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-SL-PJS-Version
0.271
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
2770
apigw-requestid
XwpjYjNbIAMEcfA=
content-type
application/json
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=579153&uid=-5228678920848321004&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=2ca0d40fba17305764a10733994230eb&expSes=16322&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9138980597599445181&cgtgDecisionId=9138980597637493452&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715688980273&rri=8414229
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-72.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
eWw7_RRuU_otdzzKEk-yDSq-effWEanis8KoNyHqDBH19Pw1jpTbNg==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=526009&uid=-5228678920848321004&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=2ca0d40fba17305764a10733994230eb&expSes=16322&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9138980596700056020&cgtgDecisionId=9138980598053233959&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715688980274&rri=7423854
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-72.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
IW6XU5qtmcKoPZIvhdocVOCtl5Kbe-mdR4DgDQDoX5ECQzTKcJ4u_w==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=525746&uid=-5228678920848321004&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=2ca0d40fba17305764a10733994230eb&expSes=16322&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9138980596336907533&cgtgDecisionId=9138980596257784599&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715688980275&rri=8145201
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-72.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
B3g3B706rEZs-M5cGO3VFu-h0VP971N-qUom51L37u0NojUiandgOw==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=95651&uid=-5228678920848321004&sec=8772046&t=ri&e=1708014&p=1&ve=13018622&va=%5B28672636%5D&ses=2ca0d40fba17305764a10733994230eb&expSes=16322&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9138980595812431802&cgtgDecisionId=9138980597945736984&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715688980276&rri=2517246
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-72.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
JFO0fw5p3dfRfz8PM7p43KRxFY-Jl_Szm7Sx06ll3qsfb2BznjxBwg==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=946196&uid=-5228678920848321004&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28646951%5D&ses=2ca0d40fba17305764a10733994230eb&expSes=16322&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9138980595973184669&cgtgDecisionId=9138980595374225326&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715688980276&rri=2601718
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-72.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
cyJAk61fDNx-7-EJ21v3ZlsTr9ncDKMCqcfFQT8_aQ8KQR_6WXsw8w==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=846875&uid=-5228678920848321004&sec=8772046&t=ri&e=1750936&p=1&ve=13190838&va=%5B28818377%5D&ses=2ca0d40fba17305764a10733994230eb&expSes=16322&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9138980594524751708&cgtgDecisionId=9138980594795462800&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715688980277&rri=7411324
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-72.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
My4Xkw1U6xzFNHgOx0nxo6h1fvwS79DRixghT8WYy4NCQGr2JtytLA==
expires
0
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=722882&uid=-5228678920848321004&sec=8772046&t=ri&e=1750954&p=1&ve=13190844&va=%5B28818429%5D&ses=2ca0d40fba17305764a10733994230eb&expSes=16322&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9138980594107533688&cgtgDecisionId=9138980594525257291&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1715688980277&rri=8355074
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-72.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
WSc5BsNsZzYb9XMdU-hYHBLwREEcprbhSVS6_Gm4yFNJucKKdYri4A==
expires
0
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
74547
x-ms-lease-status
unlocked
last-modified
Mon, 13 May 2024 02:04:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a4099f5b-101e-005b-76e5-a44615000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
883ad1a51f3d65de-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Tue, 14 May 2024 02:14:24 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
310c9af6-e01e-0028-46f8-a536d6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
883ad1a53f90696f-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
74547
content-length
4036
x-ms-lease-status
unlocked
last-modified
Mon, 13 May 2024 02:04:05 GMT
server
cloudflare
etag
0x8DC72F0F78986B5
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
611bb8ca-c01e-0016-36e5-a480f7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
883ad1a55f9365de-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 May 2024 12:16:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
43107
x-ms-lease-status
unlocked
last-modified
Mon, 13 May 2024 02:04:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
2767d4df-001e-004f-2e68-a58571000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
883ad1a55f9565de-FRA
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=922930066&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Produits%20de%20maquillage%20et%20soin%20%C3%A0%20prix%20abordables%20de%20drugstore%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=aEBAAEABAAAAACgAIkC~&cid=1556148466.1715688981&tid=UA-432816-1&_gid=312190148.1715688981&gtm=45He45d0n81WL3STMXv896608294za200&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=homepage&cd19=&cd21=CA&gcs=G100&gcd=13u3u3u2u5&dma_cps=-&dma=1&npa=1&z=134160561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 22:42:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.ico
frca-development.elfcosmetics.com/ 		34 KB
35 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:22 GMT
via
1.1 c0309604e5168dca084e5bc1df88239c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
34494
x-amz-cf-pop
SFO20-C1
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
be592a5b-d613-4360-9957-5708f4963503
x-yottaa-optimizations
ob/0 si/25D1cc028a6b-1715630680-5200828896 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
RefreshHit from cloudfront
x-sl-norewrite
1
x-amz-apigw-id
Xug7DG8XoAMEmRg=
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
last-modified
Mon, 13 May 2024 20:36:12 GMT
x-amzn-trace-id
Root=1-66427b79-17b562f37a8d181c10cd6491;Parent=6fb819a893e40c3d;Sampled=0;lineage=0483b39b:0
etag
W/"86be-18f73ab8660"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=600, s-maxage=600
x-yottaa-os
200
x-server
Smartling
x-yottaa-metrics
2521cc028523/[627,621,-] 25D1cc028a6b/[-,627.858]
x-sl-notranslate
1
x-amzn-remapped-date
Mon, 13 May 2024 20:43:37 GMT
x-amz-cf-id
kH7tTqsX6S7KJGaYwMSLzotF5GNEMU3zLvxo7TvINLOnPTPQQx2q3g==
batch
async-px.dynamicyield.com/ 		0
385 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1715688981349_593063
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-72.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 38f46facdae93530546676e451869f4c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
kDefJAwtVQ7IvTFXjLAMHiwXRuSqsqEKlAzSa2VVMbCqioC_sVcEqw==
expires
0
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash
2b07a42f848a068bce9ccc46e67eac5574ee052866c7daef9525b92d852dbd94

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-SL-PJS-Version
0.271
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
5080
apigw-requestid
XwpjZitzIAMEcgw=
content-type
application/json
110221.ct.js
tag.rmp.rakuten.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.rmp.rakuten.com/110221.ct.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
1267584d601283c592440191bbaab0f6ee5423bb1b267a4f6ea0fea28c353648
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Tue, 14 May 2024 12:16:21 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js
www.paypal.com/sdk/ 		420 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AdbSjPzpiugLUamLbxjsLNtn1SVvYd1DZAFlcqe0s_dfcQDjgON0Mzx9K2wVhJkCH8QEM9VLTeAT_oMr&intent=authorize&currency=CAD&vault=true&components=buttons,messages
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35D6) /
Resource Hash
9f332b260e15170b6e40dfd13468a87f2ca2d51e2e1bad8c909365661fe8c5dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-qc2ckRtfe1G7Q9O415TnFqeSyXEW8F8aKWyVeXaV0rb6ytdW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qc2ckRtfe1G7Q9O415TnFqeSyXEW8F8aKWyVeXaV0rb6ytdW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-qc2ckRtfe1G7Q9O415TnFqeSyXEW8F8aKWyVeXaV0rb6ytdW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qc2ckRtfe1G7Q9O415TnFqeSyXEW8F8aKWyVeXaV0rb6ytdW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 May 2024 12:16:22 GMT
disable-set-cookie
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
true
paypal-debug-id
085083513a351
server-timing
traceparent;desc="00-0000000000000000000085083513a351-ee950fa9a54acdb9-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
118462
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (lhd/35D6)
traceparent
00-0000000000000000000085083513a351-1b3eeedf69883319-01
etag
W/"1cebe-GGvBRWLma5RYByoPwy0Y2ydk38E"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
main.js
staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 		260 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.194.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
77.194.111.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
c48476ffd21ed753a90b11db277894d1c3f1bf60a2cc735abfbe1db237cdafe0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip
last-modified
Mon, 10 Apr 2023 21:09:34 GMT
server
Apache
via
1.1 google
etag
"145ba75-41083-5f901caaa5f80-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54128
js
www.googletagmanager.com/gtag/ 		247 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YLVE8V69LW&l=dataLayer&cx=c
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d8febe8d844663e6523ba44d78e90030bbcc1b9f409da2bdfa912c42038353c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89332
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 12:16:21 GMT
js
www.googletagmanager.com/gtag/ 		307 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9b03d2e6a8d914712af7077c3dc0c7bd41d1c435caee83c66e0359b949fa5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103456
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 12:16:21 GMT
batch
async-px.dynamicyield.com/ 		0
382 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1715688981456_886964
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-72.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 38f46facdae93530546676e451869f4c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
-zNF2xOeSjCqSCaZf4t_gm2Iofqj6HafTR1UMsihfrf-s9DfB4xd0g==
expires
0
destination
www.googletagmanager.com/gtag/ 		208 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f204dbd299e4a84bb993ae24d5445a025e96eb11b8164291784ea9e4905c736c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76675
x-xss-protection
0
last-modified
Tue, 14 May 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 May 2024 12:16:21 GMT
destination
www.googletagmanager.com/gtag/ 		208 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f3c766b6d37ed4ae002055cb857fbd79bcaacedf60bdc03285ae5a29e0a7ffc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76685
x-xss-protection
0
last-modified
Tue, 14 May 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 May 2024 12:16:21 GMT
sl-placeholder-values
pinchjs.gdn.smartling.com/sl-api/ 		2 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/sl-placeholder-values
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-SL-PJS-Version
0.271
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 12:16:21 GMT
access-control-allow-headers
*
content-length
2
apigw-requestid
Xwpjbi3aIAMEJLA=
content-type
application/json
1a8bfa042c9c5.js
t.contentsquare.net/uxa/ 		295 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-111.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc9ea760e99c7aeb29b3da195ff38ecb90d6699e6e437ba9fb6ba5c8a2912b01

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 23:09:24 GMT
content-encoding
br
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
72162
last-modified
Mon, 06 May 2024 14:12:04 GMT
server
AmazonS3
etag
"66d6e9575960179e8cacdf4ecc4b23e8"
vary
Accept-Encoding, Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
XTUzY12_sECDE8vp5oL_wRE3O_O9Iqd5Y-9uJ8PJLOvKUWdkV9DnDw==
destination
www.googletagmanager.com/gtag/ 		208 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
875c3bdb82d136936a13b6b1792677ecdf8304ab3b18bb6d4dd5378cba15f819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76651
x-xss-protection
0
last-modified
Tue, 14 May 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 May 2024 12:16:21 GMT
collect
region1.google-analytics.com/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YLVE8V69LW&gtm=45je45d0v9106080885z8896608294za200&gcs=G100&gcd=13u3uPu2u5&npa=1&dma_cps=-&dma=1&cid=2145125364.1715688982&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_s=1&sid=1715688981&sct=1&seg=0&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dt=Produits%20de%20maquillage%20et%20soin%20%C3%A0%20prix%20abordables%20de%20drugstore%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=20600
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YLVE8V69LW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://frca-development.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
sgtm.elfcosmetics.com/g/ 		65 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je45d0v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=115235724.1715688982&ecid=2009571782&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-HE&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_eu=EA&sst.rnd=1844097058.1715688981&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=1&sid=1715688981&sct=1&seg=0&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dt=Produits%20de%20maquillage%20et%20soin%20%C3%A0%20prix%20abordables%20de%20drugstore%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=20651&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://frca-development.elfcosmetics.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
collect
sgtm.elfcosmetics.com/g/ 		65 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je45d0v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=115235724.1715688982&ecid=2009571782&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-HE&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_eu=EA&sst.rnd=1844097058.1715688981&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=2&sid=1715688981&sct=1&seg=0&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dt=Produits%20de%20maquillage%20et%20soin%20%C3%A0%20prix%20abordables%20de%20drugstore%20%7C%20e.l.f.%20Cosmetics&en=pageview&ep.vendor_id=pinterest&ep.email=&ep.event_id=1715689233659_17156895204593&_et=10&tfd=20685&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://frca-development.elfcosmetics.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
src=10742279;dc_pre=CJebu8KPjYYDFU9iHgIdOrEPHQ;type=elf8j0;cat=glo_flhp;ord=6860964674439;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=6860964674439;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B12...
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJebu8KPjYYDFU9iHgIdOrEPHQ;type=elf8j0;cat=glo_flhp;ord=6860964674439;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJebu8KPjYYDFU9iHgIdOrEPHQ;type=elf8j0;cat=glo_flhp;ord=6860964674439;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJebu8KPjYYDFU9iHgIdOrEPHQ;type=elf8j0;cat=glo_flhp;ord=6860964674439;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=10742279;dc_pre=CKidu8KPjYYDFT1MHgIdA4wP0w;type=elf8j0;cat=glo_flap;ord=7019157979595;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=7019157979595;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B12...
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CKidu8KPjYYDFT1MHgIdA4wP0w;type=elf8j0;cat=glo_flap;ord=7019157979595;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CKidu8KPjYYDFT1MHgIdA4wP0w;type=elf8j0;cat=glo_flap;ord=7019157979595;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CKidu8KPjYYDFT1MHgIdA4wP0w;type=elf8j0;cat=glo_flap;ord=7019157979595;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=10265292;dc_pre=CIeovcKPjYYDFQloHgIdMocJ0g;type=conte0;cat=homep0;ord=9999165150801;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99....
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=9999165150801;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-...
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CIeovcKPjYYDFQloHgIdMocJ0g;type=conte0;cat=homep0;ord=9999165150801;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CIeovcKPjYYDFQloHgIdMocJ0g;type=conte0;cat=homep0;ord=9999165150801;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181787185z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CIeovcKPjYYDFQloHgIdMocJ0g;type=conte0;cat=homep0;ord=9999165150801;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181787185z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=DC-9231397&v=3&t=t&pid=220257071&cv=2&rv=45d0&tc=3&es=1&e=gtm.init_consent&eid=-1&u=AAAAAIAC&h=Ag&tr=1ogtdma&ti=2ogtdma&mtd=__e-1&mec=__e3&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=DC-9231397&v=3&t=t&pid=220257071&dl=frca-development.elfcosmetics.com%2F&tdp=DC-9231397;181619921;1;7;1&frm=0&rtg=96608294&rlo=10&slo=7&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=DC-9231397&v=3&t=t&pid=220257071&cv=2&rv=45d0&tc=3&es=1&e=gtm.init&eid=0&u=AAAAAIAC&h=Ag&tr=3ogt1pdatav2&ti=2ogt1pdatav2&mec=__e6&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=DC-9231397&v=3&t=t&pid=220257071&cv=2&rv=45d0&tc=3&es=1&e=gtag.config&eid=1&u=AAAAAIAC&h=Ag&tr=1rep&ti=1rep&mec=__e9&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=DC-9231397&v=3&t=t&pid=220257071&cv=2&rv=45d0&tc=3&es=1&e=*&eid=3&u=AAAAAIAK&h=Ag&mec=__e12&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=DC-9231397&v=3&t=t&pid=220257071&cv=2&rv=45d0&tc=3&es=1&e=*&eid=4&u=AAAAAIAK&h=Ag&mec=__e15&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
src=9231397;dc_pre=CO7jv8KPjYYDFVFoHgIdzpgETA;type=retarget;cat=globa0;ord=4148324387590;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%25...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=4148324387590;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.20...
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CO7jv8KPjYYDFVFoHgIdzpgETA;type=retarget;cat=globa0;ord=4148324387590;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CO7jv8KPjYYDFVFoHgIdzpgETA;type=retarget;cat=globa0;ord=4148324387590;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CO7jv8KPjYYDFVFoHgIdzpgETA;type=retarget;cat=globa0;ord=4148324387590;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45d0v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.166 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d790874f1dd7070e825fb030f5184d25df09ce717cae40f228cbc8a474899269
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:21 GMT
cf-cache-status
HIT
age
12111
x-amp-srv
CF
edge-cache-tag
7FICom0ky,l4p5bDg2e,1jSdAz_q5,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
HGTEe9tNGQ
alt-svc
h3=":443"; ma=86400
content-length
64250
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Tue, 14 May 2024 01:23:50 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
883ad1a8ea90aca4-TXL
x-amp-published
Sun, 12 May 2024 07:00:04 GMT
en-us.js
staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/ 		53 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/en-us.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.194.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
77.194.111.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
8156e978b8f902bb27d56d9baeb9f76f37fc4dbbc718f8d95a2bf9936d07b361
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:22 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip
last-modified
Mon, 10 Apr 2023 21:09:34 GMT
server
Apache
via
1.1 google
etag
"1a114a5-d3e6-5f901caaa5f80-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5096
pageview
c.contentsquare.net/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.contentsquare.net/pageview?ex=&dt=246&pvt=n&cvars=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&cvarp=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&la=de-DE&uc=0&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dr=&dw=1600&dh=3556&ww=1600&wh=1200&sw=1600&sh=1200&uu=3a857fe8-e3b6-a0c5-e9eb-cfae25bc9316&sn=1&hd=1715688981&v=14.10.0&pid=1926&pn=1&r=094692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.171.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-171-181.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:22 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash
718415f95b4b6509530b326a9e59ccd02561bdac66ac6a5364335775fd3896ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-SL-PJS-Version
0.271
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 12:16:22 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
5080
apigw-requestid
XwpjfioaIAMEJtg=
content-type
application/json
7a888d01-9cc5-4adc-ba68-78c4054028dd
https://frca-development.elfcosmetics.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://frca-development.elfcosmetics.com/7a888d01-9cc5-4adc-ba68-78c4054028dd
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b6bc1aaf438e1b7ca4df626c3ccbba4d73ac05b8ad1a31bb2b556da0bfaa0a7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
7329
Content-Type
application/javascript
dvar
c.contentsquare.net/ 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.contentsquare.net/dvar?v=14.10.0&pid=1926&pn=1&sn=1&uu=3a857fe8-e3b6-a0c5-e9eb-cfae25bc9316&dv=H4sIAAAAAAAAA6tWcnSKd4mMd8%2FJT0rMUXDOzyspys9RCEktLlGyUnKpzEvMzUxWiMxMzUlRcK0oSC3KTM1LTi1W0oHqQ4gpGAI1hCUWZSaWZObnAXkwJT755QqeeSWpeSATA%2FILSnOAikoqlWoB8S1cunwAAAA%3D&ct=2&r=768608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.171.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-171-181.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:16:22 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
token
frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/token
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
6889830be17ade7a481930c172f8f5bd65863aa83f4e8fc2534ee3ef2b8183f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
c_x-pwa-request
true
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-correlation-id
883ad1ab4ff5576a
cf-cache-status
DYNAMIC
via
1.1 90707ba4ec932f1b72abfb5c4f1add2e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P3
age
0
x-yottaa-optimizations
ob/1000 si/38D1cc02313e-1715630680-959510978 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
x-sl-norewrite
1
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-ratelimit-1m-remaining
490, 1978158
x-ratelimit-1m-reset
37679, 37678
vary
Accept-Encoding, Accept-Encoding, User-Agent
x-ratelimit-1m-limit
500, 2000000
content-type
application/json; charset=utf-8
cache-control
no-store
x-yottaa-os
200
x-server
Smartling
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/token
x-yottaa-metrics
3821cc023179/[158,152,-] 38D1cc02313e/[-,160.189]
cf-ray
883ad1ab4ff5576a-IAD
x-amz-cf-id
IzjxhddOwoeJ2L6IsPexkSJ-lCAVQDmjiMSbXkO7kp4D8kV5ytKPZw==
x-sl-notranslate
1
jsp
ut.rd.linksynergy.com/ 		148 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
2e624f5cfcff5eefd8b83737139b6906407b283066825c3167b85a62e17f6ed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/plain; charset=utf-8
date
Tue, 14 May 2024 12:16:22 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-samesite
secure
sessions
frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19kZXYiLCJraWQiOiIxZDE4YzhmZC02MzA1LTRhMDMtYTIxNy03ZTQzNTk3ZjI2NTEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnRhX2V4dF9vbl9iZWhhbGZfb2Ygc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5ydyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnBheW1lbnRpbnN0cnVtZW50cyBzZmNjLnNob3BwZXItY3VzdG9tZXJzLmxvZ2luIHNmY2Muc2hvcHBlci1jb250ZXh0LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQub3JkZXJzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMucmVnaXN0ZXIgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucHJvZHVjdGxpc3RzLnJ3IHNmY2Muc2hvcHBlci1wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLXByb21vdGlvbnMgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzLnJ3IHNmY2Muc2hvcHBlci1naWZ0LWNlcnRpZmljYXRlcyBzZmNjLnNob3BwZXItcHJvZHVjdC1zZWFyY2ggc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLWNhdGVnb3JpZXMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudCIsInN1YiI6ImNjLXNsYXM6OmJieGNfZGV2OjpzY2lkOmJjNGI5MWM2LTY5NjAtNGNiOS1iNDRkLTMzY2M3ZGZlNjc5Yjo6dXNpZDozMTNmZjdiYS05Y2U3LTQxYWMtYjU4Ny0wMmQyOTk2N2Q5OWEiLCJjdHgiOiJzbGFzIiwiaXNzIjoic2xhcy9wcm9kL2JieGNfZGV2IiwiaXN0IjoxLCJkbnQiOiIwIiwiYXVkIjoiY29tbWVyY2VjbG91ZC9wcm9kL2JieGNfZGV2IiwibmJmIjoxNzE1Njg4OTUyLCJzdHkiOiJVc2VyIiwiaXNiIjoidWlkbzpzbGFzOjp1cG46R3Vlc3Q6OnVpZG46R3Vlc3QgVXNlcjo6Z2NpZDphYmtYY1h4S3cxd0tjUm11bEpsV1lZa3VkSDo6Y2hpZDogIiwiZXhwIjoxNzE1NjkwNzgyLCJpYXQiOjE3MTU2ODg5ODIsImp0aSI6IkMyQzE5NTE2NDkyNjkwLTQyNDY0OTgyMDQ4MjU2MjY3ODA4MTY0NCJ9._4IS4ai7E9qvGqcLA3DBa-tbJEO-71fFnhyXkovqKapw43cdcvs1oQ02Ow1BnSJwnz10uQB-n1953q9qUMiNOw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:23 GMT
via
1.1 c6dab4618ec5edc614f4088bd297ab68.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-yottaa-metrics
2621cc023042/[568,523,-] 26D1cc8d585f/[-,571.039]
x-amz-cf-pop
ORD52-C2
age
0
x-yottaa-optimizations
ob/0 si/26D1cc8d585f-1715630680-8669826325 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
x-sl-norewrite
1
alt-svc
h3=":443"; ma=86400
pragma
no-cache
allow
OPTIONS,POST
access-control-allow-origin
https://frca-development.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-server
Smartling
x-proxy-request-url
https://cc-elf-us-dev.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions
x-sl-notranslate
1
cf-ray
883ad1afedfc22fa-ORD
x-dw-request-base-id
G3FdbhdWQ2YBAAB_
x-amz-cf-id
brTOPH6Hjg4LibmlVdR8BR0mOTfxaEQz9EqKKdlWDUKaDi3t22sipQ==
x-yottaa-os
204
expires
Thu, 01 Dec 1994 16:00:00 GMT
shoppercontext
frca-development.elfcosmetics.com/api/v1/ 		0
0
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b48ecc481926bb36d2740ea400758c7550015d5c79f1ffb40d1e71701e7214f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
23316cb7-f57f-4f14-a7d3-8bed8ca921f5
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://frca-development.elfcosmetics.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
232309cc-8376-4a14-8964-e41211858759
x-runtime
0.151057
server
cloudflare
etag
W/"b48ecc481926bb36d2740ea400758c75"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1715688984
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
883ad1ac5d1d30c9-FRA
x-ratelimit-remaining
498.0
(82680,81641,85400,81517,300229,82846)
frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/products/ 		0
0
geo-ip
frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.19
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://frca-development.elfcosmetics.com/
x-dw-client-id
bc4b91c6-6960-4cb9-b44d-33cc7dfe679b
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:23 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 9d75edcf5a40394118428c99809b7ff6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P3
age
0
x-yottaa-optimizations
ob/1000 si/38D1cc023140-1715630680-6861583341 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
content-encoding
gzip
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
x-sl-norewrite
1
alt-svc
h3=":443"; ma=86400
vary
Accept-Encoding
allow
GET,HEAD,OPTIONS
content-type
application/json; charset=utf-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-server
Smartling
x-proxy-request-url
https://cc-elf-us-dev.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.19
x-yottaa-metrics
3821cc02318f/[321,314,-] 38D1cc023140/[-,322.690]
cf-ray
883ad1aeaef40851-IAD
x-dw-request-base-id
G3FabhZWQ2YBAAB_
x-amz-cf-id
QWvi7j71EzQcpyuM35Q1LQ8ytQ-0f7x3VZLWHG455qS6j3GklqiRpQ==
x-sl-notranslate
1
geo-ip
frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.19
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://frca-development.elfcosmetics.com/
x-dw-client-id
bc4b91c6-6960-4cb9-b44d-33cc7dfe679b
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:23 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 c21d87dcbf77ef771bcc5c31c28adeae.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW56-P2
age
0
x-yottaa-optimizations
ob/1000 si/32D1a5fec6d2-1715630680-8307147134 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
content-encoding
gzip
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
x-sl-norewrite
1
alt-svc
h3=":443"; ma=86400
vary
Accept-Encoding
allow
GET,HEAD,OPTIONS
content-type
application/json; charset=utf-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-server
Smartling
x-proxy-request-url
https://cc-elf-us-dev.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.19
x-yottaa-metrics
3221a5fec60d/[411,404,-] 32D1a5fec6d2/[-,412.754]
cf-ray
883ad1b27a3810af-ORD
x-dw-request-base-id
G3FgbhdWQ2YBAAB_
x-amz-cf-id
Hw4oN8gOJWTMXeJPk8uY9lqK04N_9OqOpzsGFzjGvN71-jSRO3t5fw==
x-sl-notranslate
1
baskets
frca-development.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_dev/customers/abkXcXxKw1wKcRmulJlWYYkudH/ 		11 B
915 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_dev/customers/abkXcXxKw1wKcRmulJlWYYkudH/baskets?siteId=elf-us
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19kZXYiLCJraWQiOiIxZDE4YzhmZC02MzA1LTRhMDMtYTIxNy03ZTQzNTk3ZjI2NTEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnRhX2V4dF9vbl9iZWhhbGZfb2Ygc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5ydyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnBheW1lbnRpbnN0cnVtZW50cyBzZmNjLnNob3BwZXItY3VzdG9tZXJzLmxvZ2luIHNmY2Muc2hvcHBlci1jb250ZXh0LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQub3JkZXJzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMucmVnaXN0ZXIgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucHJvZHVjdGxpc3RzLnJ3IHNmY2Muc2hvcHBlci1wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLXByb21vdGlvbnMgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzLnJ3IHNmY2Muc2hvcHBlci1naWZ0LWNlcnRpZmljYXRlcyBzZmNjLnNob3BwZXItcHJvZHVjdC1zZWFyY2ggc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLWNhdGVnb3JpZXMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudCIsInN1YiI6ImNjLXNsYXM6OmJieGNfZGV2OjpzY2lkOmJjNGI5MWM2LTY5NjAtNGNiOS1iNDRkLTMzY2M3ZGZlNjc5Yjo6dXNpZDozMTNmZjdiYS05Y2U3LTQxYWMtYjU4Ny0wMmQyOTk2N2Q5OWEiLCJjdHgiOiJzbGFzIiwiaXNzIjoic2xhcy9wcm9kL2JieGNfZGV2IiwiaXN0IjoxLCJkbnQiOiIwIiwiYXVkIjoiY29tbWVyY2VjbG91ZC9wcm9kL2JieGNfZGV2IiwibmJmIjoxNzE1Njg4OTUyLCJzdHkiOiJVc2VyIiwiaXNiIjoidWlkbzpzbGFzOjp1cG46R3Vlc3Q6OnVpZG46R3Vlc3QgVXNlcjo6Z2NpZDphYmtYY1h4S3cxd0tjUm11bEpsV1lZa3VkSDo6Y2hpZDogIiwiZXhwIjoxNzE1NjkwNzgyLCJpYXQiOjE3MTU2ODg5ODIsImp0aSI6IkMyQzE5NTE2NDkyNjkwLTQyNDY0OTgyMDQ4MjU2MjY3ODA4MTY0NCJ9._4IS4ai7E9qvGqcLA3DBa-tbJEO-71fFnhyXkovqKapw43cdcvs1oQ02Ow1BnSJwnz10uQB-n1953q9qUMiNOw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:23 GMT
sfdc_customization
HOOK
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
883ad1b179102336
x-content-type-options
nosniff
via
1.1 4a131d14342c4d4b1feadf6574ec0876.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW56-P2
x-yottaa-optimizations
ob/1000 si/32D1a5fec6d2-1715630680-8307147133 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
age
0
x-sl-norewrite
1
alt-svc
h3=":443"; ma=86400
vary
Accept-Encoding, Accept-Encoding
allow
GET,HEAD,OPTIONS
content-type
application/json; charset=utf-8
x-ratelimit-remaining
999
cache-control
max-age=0,no-cache,no-store
x-yottaa-os
200
x-server
Smartling
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_dev/customers/abkXcXxKw1wKcRmulJlWYYkudH/baskets?siteId=elf-us
x-ratelimit-limit
99999
x-yottaa-metrics
3221a5fec618/[647,639,-] 32D1a5fec6d2/[-,649.415]
cf-ray
883ad1b179102336-ORD
x-amz-cf-id
BqhyMEUoWPacaQmiWhXuCWaiYByz95ax_qSU3Vd3Ie27G-h4ILd3Xg==
x-sl-notranslate
1
viewPage
api.cquotient.com/v3/activities/bbxc-elf-us/ 		98 B
525 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.198.165 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
4de273c1ffdac62ed7f3473a4c009d2442b67831e1a8ab47feb0f60cf3e67aed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-cq-client-id
bc4b91c6-6960-4cb9-b44d-33cc7dfe679b
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:22 GMT
strict-transport-security
max-age=15552000; includeSubdomains
server
envoy
etag
W/"62-3eQltDh2DrP7oQPxjxUuQLfvUp8"
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://frca-development.elfcosmetics.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
98
exist
srm.ba.contentsquare.net/ 		2 B
94 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srm.ba.contentsquare.net/exist?v=14.10.0&pid=1926&pn=1&sn=1&uu=3a857fe8-e3b6-a0c5-e9eb-cfae25bc9316
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.218.239 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 12:16:22 GMT
content-length
2
content-type
application/json
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash
25759be8390ddb00e6b05d166d11e360ecca09091f5d2718e6634fef29be319e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-SL-PJS-Version
0.271
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 12:16:22 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
5080
apigw-requestid
Xwpjmj0FIAMEJFA=
content-type
application/json
viewPage
api.cquotient.com/v3/activities/bbxc-elf-us/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.198.165 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cq-client-id
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type, x-cq-tenant, x-cq-client-id
access-control-allow-methods
POST
access-control-allow-origin
https://frca-development.elfcosmetics.com
content-length
0
date
Tue, 14 May 2024 12:16:22 GMT
server
envoy
strict-transport-security
max-age=15552000; includeSubdomains
x-envoy-upstream-service-time
1
local
www.sandbox.paypal.com/credit-presentment/experiments/ Frame B791 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRiU2pQenBpdWdMVWFtTGJ4anNMTnRuMVNWdllkMURaQUZsY3FlMHNfZGZjUURqZ09OME16eDlLMndWaEprQ0g4UUVNOVZMVGVBVF9vTXImaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1DQUQmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9ydXlueHN5YnZnc2llZGpreW1jdnZmemh0cHhyaHcifX0&env=sandbox&scriptUID=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&version=1.64.0&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdbSjPzpiugLUamLbxjsLNtn1SVvYd1DZAFlcqe0s_dfcQDjgON0Mzx9K2wVhJkCH8QEM9VLTeAT_oMr&intent=authorize&currency=CAD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
54897
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1526
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Tue, 14 May 2024 12:16:22 GMT
edge-cache-tag
up-treatments-zoid
etag
W/"1479-HTXPdvDO0C2bvbapNS/CrFWS4hI"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f7885864a9a6c
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc=gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS, HIT
x-cache-hits
0, 636
x-served-by
cache-fra-eddf8230046-FRA, cache-fra-etou8220099-FRA
x-timer
S1715688983.878256,VS0,VE1
x-xss-protection
1; mode=block
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash
25759be8390ddb00e6b05d166d11e360ecca09091f5d2718e6634fef29be319e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-SL-PJS-Version
0.271
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 12:16:23 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
5080
apigw-requestid
XwpjpiBLIAMEcZg=
content-type
application/json
ca.svg
frca-development.elfcosmetics.com/mobify/bundle/11235/static/img/flag-icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://frca-development.elfcosmetics.com/mobify/bundle/11235/static/img/flag-icons/ca.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
1ecca6335ccb02d4c40f0790869ae2ba8778357a116bbbcf20b1a140423f992d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:23 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
PHL51-P1
age
0
x-yottaa-optimizations
ob/1000 si/23D1cc8d5973-1715630680-1044726076 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Hit from cloudfront
x-sl-norewrite
1
x-amz-meta-deploy
752600
alt-svc
h3=":443"; ma=86400
x-amz-meta-bundle
11235
x-yottaa-forcecache
true, true
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-server
Smartling
x-yottaa-metrics
2321cc8d59e7/[104,53,-] 23D1cc8d5973/[-,111.399]
x-sl-notranslate
1
x-amz-cf-id
1pRN_Svneyt6db6Cfv1VkqPM6RPktS5iqQrPsyP2heHByiIlfWOZHw==
project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-4_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		0
0
project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.166 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3112e5c63e9d51b903fd0531e92020dcbe8a03ffe1fdadeb77627fe4868771fc
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:23 GMT
cf-cache-status
HIT
age
12111
x-amp-srv
CF
edge-cache-tag
hoHgFBAOl,l4p5bDg2e,oYd3ZsbSY,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
z01JVZzxA0
alt-svc
h3=":443"; ma=86400
content-length
37925
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Tue, 14 May 2024 06:49:02 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
883ad1b19e5caca4-TXL
x-amp-published
Sun, 12 May 2024 07:00:04 GMT
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.215.165.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-165-81.compute-1.amazonaws.com
Software
/
Resource Hash
dfedddc6a5fe46079a395652b570ccbe64341cdb9c5e6e5e4e4fc900663623c7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-SL-PJS-Version
0.271
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 12:16:23 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
5187
apigw-requestid
XwpjsikkIAMEJtQ=
content-type
application/json
baskets
frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11235/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.224.42.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-42-164.compute-1.amazonaws.com
Software
/
Resource Hash
196b291a5ed6407d9189aa6d8309ffc28d62efc4c49939fffce8bfade12d2f16
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19kZXYiLCJraWQiOiIxZDE4YzhmZC02MzA1LTRhMDMtYTIxNy03ZTQzNTk3ZjI2NTEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnRhX2V4dF9vbl9iZWhhbGZfb2Ygc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5ydyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnBheW1lbnRpbnN0cnVtZW50cyBzZmNjLnNob3BwZXItY3VzdG9tZXJzLmxvZ2luIHNmY2Muc2hvcHBlci1jb250ZXh0LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQub3JkZXJzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMucmVnaXN0ZXIgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucHJvZHVjdGxpc3RzLnJ3IHNmY2Muc2hvcHBlci1wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLXByb21vdGlvbnMgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzLnJ3IHNmY2Muc2hvcHBlci1naWZ0LWNlcnRpZmljYXRlcyBzZmNjLnNob3BwZXItcHJvZHVjdC1zZWFyY2ggc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLWNhdGVnb3JpZXMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudCIsInN1YiI6ImNjLXNsYXM6OmJieGNfZGV2OjpzY2lkOmJjNGI5MWM2LTY5NjAtNGNiOS1iNDRkLTMzY2M3ZGZlNjc5Yjo6dXNpZDozMTNmZjdiYS05Y2U3LTQxYWMtYjU4Ny0wMmQyOTk2N2Q5OWEiLCJjdHgiOiJzbGFzIiwiaXNzIjoic2xhcy9wcm9kL2JieGNfZGV2IiwiaXN0IjoxLCJkbnQiOiIwIiwiYXVkIjoiY29tbWVyY2VjbG91ZC9wcm9kL2JieGNfZGV2IiwibmJmIjoxNzE1Njg4OTUyLCJzdHkiOiJVc2VyIiwiaXNiIjoidWlkbzpzbGFzOjp1cG46R3Vlc3Q6OnVpZG46R3Vlc3QgVXNlcjo6Z2NpZDphYmtYY1h4S3cxd0tjUm11bEpsV1lZa3VkSDo6Y2hpZDogIiwiZXhwIjoxNzE1NjkwNzgyLCJpYXQiOjE3MTU2ODg5ODIsImp0aSI6IkMyQzE5NTE2NDkyNjkwLTQyNDY0OTgyMDQ4MjU2MjY3ODA4MTY0NCJ9._4IS4ai7E9qvGqcLA3DBa-tbJEO-71fFnhyXkovqKapw43cdcvs1oQ02Ow1BnSJwnz10uQB-n1953q9qUMiNOw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://frca-development.elfcosmetics.com/
x-dw-client-id
bc4b91c6-6960-4cb9-b44d-33cc7dfe679b
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
age
0
x-dw-version-status
obsolete
pragma
no-cache
etag
d21b392c6869684387b6dd9a1a8f4c2d1304b0432f13579db326da45e359c6bd-timestamp-1715688983-last_modified-0-uid-7850497
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-dw-resource-state
d21b392c6869684387b6dd9a1a8f4c2d1304b0432f13579db326da45e359c6bd
access-control-allow-origin
https://frca-development.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
cache-control
no-cache, no-store, must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-dev.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets
x-sl-notranslate
1
x-yottaa-metrics
23214047a112/[309,297,-] 23D1cc8d5973/[-,312.762]
expires
Thu, 01 Dec 1994 16:00:00 GMT
date
Tue, 14 May 2024 12:16:23 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 f9247b65ce15be5e9abf969e43362ca8.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
x-yottaa-optimizations
ob/1000 si/23D1cc8d5973-1715630680-1044726085 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Miss from cloudfront
x-sl-norewrite
1
alt-svc
h3=":443"; ma=86400
allow
OPTIONS,POST
access-control-allow-credentials
true
x-server
Smartling
cf-ray
883ad1b47bcd0a89-IAD
x-dw-request-base-id
G3FnbhdWQ2YBAAB_
x-amz-cf-id
IY0FHhDOVRiqb3e8SrniSPIOLFoX2FdrPVjfqAALvW47eE7jRBQCgA==
458359.gif
idsync.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458359.gif?partner_uid=d1e977be-fd6f-429b-aedf-ee1111d7055e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:16:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ 		0
0
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ 		0
0
PWA-UpdateSession
frca-development.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/fr_CA/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
frca-development.elfcosmetics.com
URL
https://frca-development.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Domain
frca-development.elfcosmetics.com
URL
https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/products/(82680,81641,85400,81517,300229,82846)?siteId=elf-us&locale=fr-CA&currency=CAD&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
Domain
cdn.media.amplience.net
URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-4_D-min?%24Desktop%24=&fmt=auto&w=1200
Domain
pinchjs.gdn.smartling.com
URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Domain
pinchjs.gdn.smartling.com
URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Domain
frca-development.elfcosmetics.com
URL
https://frca-development.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/fr_CA/PWA-UpdateSession

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| slPatternMasksInit object| slEncryptedTranslations object| slApiConfig boolean| __slInitialized object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host object| __LOADABLE_LOADED_CHUNKS__ function| _ object| regeneratorRuntime function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive boolean| __HYDRATING__ object| dataLayer function| getDataLayerEvent boolean| rakutenDataLayer object| DataLayer object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otSPAPathChange boolean| otIsInitialized boolean| otBlockOptOutInitReload function| OptanonWrapper object| DYcustom object| OneTrustStub object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| DYO function| DYID object| contextManager object| DYJSON string| GoogleAnalyticsObject function| ga number| gtmPageLoadId object| _uxa function| onYouTubeIframeAPIReady object| DYExps object| gaplugins object| gaGlobal object| gaData string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust object| DYWork function| $dy object| DYCS object| content boolean| otLastAcceptAllValue function| ___rmuid object| ___RMCMPW object| CS_CONF function| csSymbol object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| CSCurrentScript object| UXAnalytics object| ogJsonpFunction object| OG object| __post_robot_11_0_0___uid_ruynxsybvgsiedjkymcvvfzhtpxrhw object| paypal object| __zoid_10_3_3___uid_ruynxsybvgsiedjkymcvvfzhtpxrhw

32 Cookies

Domain/Path Name / Value
frca-development.elfcosmetics.com/ Name: initAuthComplete
Value: true
.elfcosmetics.com/ Name: ab.storage.sessionId.23316cb7-f57f-4f14-a7d3-8bed8ca921f5
Value: %7B%22g%22%3A%2215243fda-9712-2d09-e87c-88d4a32aebb8%22%2C%22e%22%3A1715690780260%2C%22c%22%3A1715688980260%2C%22l%22%3A1715688980260%7D
.elfcosmetics.com/ Name: ab.storage.deviceId.23316cb7-f57f-4f14-a7d3-8bed8ca921f5
Value: %7B%22g%22%3A%221120cab4-6431-dfac-9655-9dc6c91e8276%22%2C%22c%22%3A1715688980261%2C%22l%22%3A1715688980261%7D
.elfcosmetics.com/ Name: _dyjsession
Value: km7k1jrsb2tj1wgn7fyg5xu7b8bt6nlf
.elfcosmetics.com/ Name: dy_fs_page
Value: frca-development.elfcosmetics.com
.elfcosmetics.com/ Name: _dy_csc_ses
Value: km7k1jrsb2tj1wgn7fyg5xu7b8bt6nlf
.elfcosmetics.com/ Name: _dy_c_exps
Value:
.elfcosmetics.com/ Name: _gcl_au
Value: 1.1.1108373458.1715688981
.elfcosmetics.com/ Name: _ga
Value: GA1.2.1818411430.1715688981
.elfcosmetics.com/ Name: _gid
Value: GA1.2.307753472.1715688981
.elfcosmetics.com/ Name: _gat_UA-432816-1
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GVIenPSQ!]tbP6j2F-XstGt!@D^P$kLbG
.adnxs.com/ Name: XANDR_PANID
Value: ww8OwoP0XHA5NWKOKb4m_pYG-NC6iL0wM9UTFNVHd-_9Y6PnryqJ7ZWNR_ymenE7Ldz3NOnVu7evnPfL4N2_8yjEpq6tzw4voPMGGtpcnhY.
.adnxs.com/ Name: uuid2
Value: 7975317544289318338
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.dynamicyield.com/ Name: DYID
Value: -5228678920848321004
.elfcosmetics.com/ Name: _dycnst
Value: dg
.elfcosmetics.com/ Name: _dyid
Value: -5228678920848321004
.elfcosmetics.com/ Name: _dycst
Value: dk.w.c.ws.fst.
.elfcosmetics.com/ Name: _dy_geo
Value: DE.EU.DE_.DE__
.elfcosmetics.com/ Name: _dy_df_geo
Value: Germany..
.elfcosmetics.com/ Name: _dy_toffset
Value: -1
.elfcosmetics.com/ Name: _dy_soct
Value: 647796.1248068.1715688981.km7k1jrsb2tj1wgn7fyg5xu7b8bt6nlf*836603.1652212.1715688981*837245.1654610.1715688981*861617.1750272.1715688981*926162.2078808.1715688981*928890.1982571.1715688981*960888.2078831.1715688981
.frca-development.elfcosmetics.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+May+14+2024+14%3A16%3A21+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202403.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c8eafeb5-7f43-4b2e-8c45-7c92c6ec2a3a&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
.elfcosmetics.com/ Name: rmStore
Value: dmid:9097
.elfcosmetics.com/ Name: og_session_id
Value: 1e72a9589c4f11e9a62ebc764e10b970.428415.1715688982
.elfcosmetics.com/ Name: _cs_c
Value: 0
.elfcosmetics.com/ Name: _cs_id
Value: 3a857fe8-e3b6-a0c5-e9eb-cfae25bc9316.1715688981.1.1715688981.1715688981.1558384338.1749852981988.1
.linksynergy.com/ Name: rmuid
Value: d1e977be-fd6f-429b-aedf-ee1111d7055e
.elfcosmetics.com/ Name: _cs_s
Value: 1.5.0.1715690782337
frca-development.elfcosmetics.com/ Name: scapi
Value: dev:313ff7ba-9ce7-41ac-b587-02d29967d99a:eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19kZXYiLCJraWQiOiIxZDE4YzhmZC02MzA1LTRhMDMtYTIxNy03ZTQzNTk3ZjI2NTEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnRhX2V4dF9vbl9iZWhhbGZfb2Ygc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5ydyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnBheW1lbnRpbnN0cnVtZW50cyBzZmNjLnNob3BwZXItY3VzdG9tZXJzLmxvZ2luIHNmY2Muc2hvcHBlci1jb250ZXh0LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQub3JkZXJzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMucmVnaXN0ZXIgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucHJvZHVjdGxpc3RzLnJ3IHNmY2Muc2hvcHBlci1wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLXByb21vdGlvbnMgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzLnJ3IHNmY2Muc2hvcHBlci1naWZ0LWNlcnRpZmljYXRlcyBzZmNjLnNob3BwZXItcHJvZHVjdC1zZWFyY2ggc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLWNhdGVnb3JpZXMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudCIsInN1YiI6ImNjLXNsYXM6OmJieGNfZGV2OjpzY2lkOmJjNGI5MWM2LTY5NjAtNGNiOS1iNDRkLTMzY2M3ZGZlNjc5Yjo6dXNpZDozMTNmZjdiYS05Y2U3LTQxYWMtYjU4Ny0wMmQyOTk2N2Q5OWEiLCJjdHgiOiJzbGFzIiwiaXNzIjoic2xhcy9wcm9kL2JieGNfZGV2IiwiaXN0IjoxLCJkbnQiOiIwIiwiYXVkIjoiY29tbWVyY2VjbG91ZC9wcm9kL2JieGNfZGV2IiwibmJmIjoxNzE1Njg4OTUyLCJzdHkiOiJVc2VyIiwiaXNiIjoidWlkbzpzbGFzOjp1cG46R3Vlc3Q6OnVpZG46R3Vlc3QgVXNlcjo6Z2NpZDphYmtYY1h4S3cxd0tjUm11bEpsV1lZa3VkSDo6Y2hpZDogIiwiZXhwIjoxNzE1NjkwNzgyLCJpYXQiOjE3MTU2ODg5ODIsImp0aSI6IkMyQzE5NTE2NDkyNjkwLTQyNDY0OTgyMDQ4MjU2MjY3ODA4MTY0NCJ9._4IS4ai7E9qvGqcLA3DBa-tbJEO-71fFnhyXkovqKapw43cdcvs1oQ02Ow1BnSJwnz10uQB-n1953q9qUMiNOw

15 Console Messages

Source Level URL
Text
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://frca-development.elfcosmetics.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://idsync.rlcdn.com/458359.gif?partner_uid=d1e977be-fd6f-429b-aedf-ee1111d7055e
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
api.cquotient.com
api.ipify.org
async-px.dynamicyield.com
c.contentsquare.net
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
frca-development.elfcosmetics.com
geolocation.onetrust.com
googleads.g.doubleclick.net
idsync.rlcdn.com
insight.adsrvr.org
pinchjs-cdn.gdn.smartling.com
pinchjs.gdn.smartling.com
region1.google-analytics.com
sdk.iad-05.braze.com
secure.adnxs.com
sgtm.elfcosmetics.com
srm.ba.contentsquare.net
st.dynamicyield.com
staging.static.ordergroove.com
t.contentsquare.net
tag.rmp.rakuten.com
ut.rd.linksynergy.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.paypal.com
www.sandbox.paypal.com
cdn.media.amplience.net
frca-development.elfcosmetics.com
pinchjs.gdn.smartling.com
104.26.13.205
142.250.185.142
142.250.186.130
142.250.186.34
142.250.186.68
142.250.186.72
15.197.193.217
151.101.131.1
172.64.155.166
18.66.192.111
185.89.210.212
192.229.221.25
2001:4860:4802:34::36
2600:9000:20ae:5600:a:b89d:a6c0:93a1
2600:9000:20ae:d200:1b:8846:8500:93a1
2600:9000:237d:6a00:15:ad21:c740:93a1
2606:4700:4400::6812:205a
2606:4700:4400::6812:25a1
2606:4700:4400::ac40:9994
2606:4700:4400::ac40:9b77
2606:4700::6813:b134
2a00:1450:4001:810::200e
2a00:1450:4001:82b::2008
3.215.165.81
34.102.147.248
34.111.194.77
34.224.42.164
34.252.198.165
34.49.124.132
34.98.67.3
35.244.174.68
52.30.218.239
54.230.228.72
54.77.171.181
065c9fc01c85b8b839669ee8d41d68d7bfab510a7bfbcaef8a4b0f268659e4ff
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
070d6bf62d41dea12709388b586e581aa4243beb4f8faf92f3123d9dcf8290f5
1267584d601283c592440191bbaab0f6ee5423bb1b267a4f6ea0fea28c353648
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
196b291a5ed6407d9189aa6d8309ffc28d62efc4c49939fffce8bfade12d2f16
1b6bc1aaf438e1b7ca4df626c3ccbba4d73ac05b8ad1a31bb2b556da0bfaa0a7
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ecca6335ccb02d4c40f0790869ae2ba8778357a116bbbcf20b1a140423f992d
1fa624048ff6a4e6864de316ec3760575a10ac60376972927ad46c156b2d4c4f
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
25759be8390ddb00e6b05d166d11e360ecca09091f5d2718e6634fef29be319e
284bd2b9306e1a99c9500a51090b7aadda10b48b8d96fea993e1cb97b7d13f32
2b07a42f848a068bce9ccc46e67eac5574ee052866c7daef9525b92d852dbd94
2d0966c764654a09bb93c41059ec5e3cac281d9477f4a199bbf669a81740e40b
2e624f5cfcff5eefd8b83737139b6906407b283066825c3167b85a62e17f6ed8
3112e5c63e9d51b903fd0531e92020dcbe8a03ffe1fdadeb77627fe4868771fc
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
38d66777a49d31907570473a21ca434807cd7b57f4be3f81a8d2570c04d8a2ba
3acd5c9271c2cd33f5135df43ae4c574e4d524282e5322137b77cdb4a5524bb4
42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58
4360c49882c710de197b50fbfd52068ce9f5f3132d44b58a067179580044607c
498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4de273c1ffdac62ed7f3473a4c009d2442b67831e1a8ab47feb0f60cf3e67aed
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
538aeb10714cb09238f3258bbb4ef128c333abc7ba29b75431646868a642b891
556439ae99de9152826ea7a09b6a485315e1a783563542df48051122040576ac
5dc6f77fc7fa4444526db2e41b0e17dbd820e80f478ac7000635719e5e2cbe30
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
60bcf01d04394617737446dc979e69c27ed9d8707decce34b5986d9be29a2d7d
6889830be17ade7a481930c172f8f5bd65863aa83f4e8fc2534ee3ef2b8183f7
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
6d4040c70033d1b909ef1133deddc8d454e05467be6975afa26ac324e1fadea7
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
718415f95b4b6509530b326a9e59ccd02561bdac66ac6a5364335775fd3896ec
7e90effe2c4b60df553e50c5e65bcf113ad7a2ddf3d5e7a594f2b8a9ccfd4523
8156e978b8f902bb27d56d9baeb9f76f37fc4dbbc718f8d95a2bf9936d07b361
83231363e6c3a4479e192cb2169c1cf6732a8ac30c81c5ef118fd6e6b79f60db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
875c3bdb82d136936a13b6b1792677ecdf8304ab3b18bb6d4dd5378cba15f819
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
9d439af8282e870484b4e19d59380b11a1f0ef6058f1209ca1cf56befefcec1d
9d8febe8d844663e6523ba44d78e90030bbcc1b9f409da2bdfa912c42038353c
9f332b260e15170b6e40dfd13468a87f2ca2d51e2e1bad8c909365661fe8c5dd
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
b2e0bde8a120edcd0e126c139ff4c62dc420e43a86bb9e22c92044fdda3fc3ef
b366a6f21573c6e05b3891f356296c2b8821742959738c22c5fda9f83263b4c6
b48ecc481926bb36d2740ea400758c7550015d5c79f1ffb40d1e71701e7214f6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be2914a5fe61e874c4c5a59bf458a194392223d67a5a0917a2896500bd19faa2
be989ee157b0fe40e842bcb4153adbf1230445f788203e717911ac8061a8c115
c48476ffd21ed753a90b11db277894d1c3f1bf60a2cc735abfbe1db237cdafe0
cc9ea760e99c7aeb29b3da195ff38ecb90d6699e6e437ba9fb6ba5c8a2912b01
d790874f1dd7070e825fb030f5184d25df09ce717cae40f228cbc8a474899269
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfedddc6a5fe46079a395652b570ccbe64341cdb9c5e6e5e4e4fc900663623c7
e2719add3a6d6e8d76615ef6e4e221fdfe6075829578559adf1ca76bca25db43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
e9b03d2e6a8d914712af7077c3dc0c7bd41d1c435caee83c66e0359b949fa5ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13ed4b683778000389e529516aabc1f247ea09664baddf9b242d36da202f575
f1999206051534c886e13fb23a24980bf7e3cfd83a388f4cf2c81e3e7d7c03ad
f204dbd299e4a84bb993ae24d5445a025e96eb11b8164291784ea9e4905c736c
f2ec0ccbf42195241c43b8f0e29775ee14480d9492d1867ab03a7ed6dea7617a
f3c766b6d37ed4ae002055cb857fbd79bcaacedf60bdc03285ae5a29e0a7ffc3
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112