URL: https://frca-development.elfcosmetics.com/
Submission: On June 26 via api from US — Scanned from DE

Summary

This website contacted 35 IPs in 4 countries across 23 domains to perform 116 HTTP transactions. The main IP is 52.45.200.122, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is frca-development.elfcosmetics.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time frca-development.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 52.45.200.122 14618 (AMAZON-AES)
3 2600:9000:211... 16509 (AMAZON-02)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
12 2a02:26f0:310... 20940 (AKAMAI-ASN1)
7 2606:4700:440... 13335 (CLOUDFLAR...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:275... 16509 (AMAZON-02)
2 104.26.13.205 13335 (CLOUDFLAR...)
10 18.213.135.225 14618 (AMAZON-AES)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 37.252.171.149 29990 (ASN-APPNEX)
2 35.71.131.137 16509 (AMAZON-02)
1 1 172.217.16.132 15169 (GOOGLE)
1 216.58.212.162 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
9 13.35.58.125 16509 (AMAZON-02)
1 142.250.186.78 15169 (GOOGLE)
1 34.102.147.248 396982 (GOOGLE-CL...)
1 151.101.1.21 54113 (FASTLY)
2 34.111.194.77 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.244.18.112 16509 (AMAZON-02)
1 142.250.184.200 15169 (GOOGLE)
2 52.212.62.146 16509 (AMAZON-02)
4 8 172.217.16.130 15169 (GOOGLE)
3 34.49.124.132 396982 (GOOGLE-CL...)
1 2001:4860:480... 15169 (GOOGLE)
1 34.98.67.3 396982 (GOOGLE-CL...)
1 151.101.195.1 54113 (FASTLY)
1 63.32.84.62 16509 (AMAZON-02)
2 151.101.3.1 ()
2 54.171.23.152 ()
1 35.244.174.68 ()
116 35
Apex Domain
Subdomains
Transfer
13 dynamicyield.com
cdn.dynamicyield.com — Cisco Umbrella Rank: 9513
st.dynamicyield.com — Cisco Umbrella Rank: 8959
async-px.dynamicyield.com — Cisco Umbrella Rank: 9234
265 KB
13 amplience.net
cdn.c1.amplience.net — Cisco Umbrella Rank: 33022
cdn.media.amplience.net — Cisco Umbrella Rank: 15878
558 KB
13 smartling.com
pinchjs-cdn.gdn.smartling.com — Cisco Umbrella Rank: 612008
pinchjs.gdn.smartling.com — Cisco Umbrella Rank: 770671
2 MB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 378
158 KB
12 elfcosmetics.com
frca-development.elfcosmetics.com
sgtm.elfcosmetics.com — Cisco Umbrella Rank: 250639
1 MB
8 googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 335
2 KB
7 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 2837
1 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
574 KB
4 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3715
c.contentsquare.net — Cisco Umbrella Rank: 4692
srm.ba.contentsquare.net — Cisco Umbrella Rank: 21163
81 KB
4 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3110
www.sandbox.paypal.com — Cisco Umbrella Rank: 57739
119 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 527
4 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
region1.google-analytics.com — Cisco Umbrella Rank: 2355
21 KB
2 cquotient.com
api.cquotient.com
526 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
12 KB
2 ordergroove.com
staging.static.ordergroove.com
58 KB
2 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 1062
297 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2418
233 B
1 rlcdn.com
idsync.rlcdn.com
98 B
1 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 9655
413 B
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 8585
15 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
65 B
1 google.com
www.google.com — Cisco Umbrella Rank: 5
24 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 653
303 B
116 23
Domain Requested by
12 cdn.cookielaw.org frca-development.elfcosmetics.com
cdn.cookielaw.org
pinchjs-cdn.gdn.smartling.com
12 cdn.media.amplience.net frca-development.elfcosmetics.com
10 pinchjs.gdn.smartling.com pinchjs-cdn.gdn.smartling.com
9 async-px.dynamicyield.com cdn.dynamicyield.com
9 frca-development.elfcosmetics.com 1 redirects frca-development.elfcosmetics.com
t.contentsquare.net
8 ade.googlesyndication.com 4 redirects
7 sdk.iad-05.braze.com frca-development.elfcosmetics.com
t.contentsquare.net
6 www.googletagmanager.com pinchjs-cdn.gdn.smartling.com
4 secure.adnxs.com 2 redirects frca-development.elfcosmetics.com
3 www.sandbox.paypal.com www.paypal.com
t.contentsquare.net
3 sgtm.elfcosmetics.com www.googletagmanager.com
t.contentsquare.net
3 www.google-analytics.com pinchjs-cdn.gdn.smartling.com
www.google-analytics.com
3 cdn.dynamicyield.com pinchjs-cdn.gdn.smartling.com
3 pinchjs-cdn.gdn.smartling.com frca-development.elfcosmetics.com
2 api.cquotient.com t.contentsquare.net
2 c.contentsquare.net
2 www.youtube.com pinchjs-cdn.gdn.smartling.com
2 staging.static.ordergroove.com pinchjs-cdn.gdn.smartling.com
2 insight.adsrvr.org frca-development.elfcosmetics.com
2 api.ipify.org frca-development.elfcosmetics.com
1 idsync.rlcdn.com
1 srm.ba.contentsquare.net t.contentsquare.net
1 ut.rd.linksynergy.com pinchjs-cdn.gdn.smartling.com
1 region1.google-analytics.com www.googletagmanager.com
1 t.contentsquare.net pinchjs-cdn.gdn.smartling.com
1 www.paypal.com pinchjs-cdn.gdn.smartling.com
1 tag.rmp.rakuten.com pinchjs-cdn.gdn.smartling.com
1 st.dynamicyield.com pinchjs-cdn.gdn.smartling.com
1 googleads.g.doubleclick.net frca-development.elfcosmetics.com
1 www.google.com 1 redirects
1 geolocation.onetrust.com cdn.cookielaw.org
1 cdn.c1.amplience.net frca-development.elfcosmetics.com
116 32
Subject Issuer Validity Valid
*.elfcosmetics.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-25 -
2024-10-25
a year crt.sh
*.gdn.smartling.com
Amazon RSA 2048 M03
2024-04-15 -
2025-05-13
a year crt.sh
c1.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-06 -
2024-10-23
a year crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-20 -
2024-08-14
a year crt.sh
sdk.iad-05.braze.com
WE1
2024-06-17 -
2024-09-15
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2024-03-01 -
2024-12-31
10 months crt.sh
*.google-analytics.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M02
2023-09-03 -
2024-10-01
a year crt.sh
ipify.org
GTS CA 1P5
2024-05-19 -
2024-08-17
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
tag.rmp.rakuten.com
WR3
2024-05-29 -
2024-08-27
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2024-02-08 -
2025-02-08
a year crt.sh
staging.static.ordergroove.com
WR3
2024-06-15 -
2024-09-13
3 months crt.sh
*.google.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
t.contentsquare.net
Amazon RSA 2048 M01
2023-09-13 -
2024-10-11
a year crt.sh
dep.ba.contentsquare.net
Amazon RSA 2048 M03
2024-02-18 -
2025-03-19
a year crt.sh
sgtm.elfcosmetics.com
WR3
2024-05-14 -
2024-08-13
3 months crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA
2024-01-23 -
2025-01-22
a year crt.sh
www.sandbox.paypal.com
DigiCert EV RSA CA G2
2024-02-05 -
2025-02-04
a year crt.sh
srm.ba.contentsquare.net
Amazon RSA 2048 M02
2023-11-07 -
2024-12-06
a year crt.sh
*.cquotient.com
Amazon RSA 2048 M02
2024-03-05 -
2025-04-03
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-06 -
2025-03-05
a year crt.sh

This page contains 2 frames:

Primary Page: https://frca-development.elfcosmetics.com/
Frame ID: B82F8C5F333FBDC5B549BF8B97978E5F
Requests: 110 HTTP requests in this frame

Frame: https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRiU2pQenBpdWdMVWFtTGJ4anNMTnRuMVNWdllkMURaQUZsY3FlMHNfZGZjUURqZ09OME16eDlLMndWaEprQ0g4UUVNOVZMVGVBVF9vTXImaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1DQUQmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9ydXlueHN5YnZnc2llZGpreW1jdnZmemh0cHhyaHcifX0&env=sandbox&scriptUID=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&version=1.64.6&integrationType=SDK
Frame ID: 2F78D587550FA0B9730E24D8643A8525
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Produits de maquillage et soin à prix abordables de drugstore | e.l.f. Cosmetics

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com

Page Statistics

116
Requests

86 %
HTTPS

34 %
IPv6

23
Domains

32
Subdomains

35
IPs

4
Countries

5609 kB
Transfer

14100 kB
Size

33
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/authorize?redirect_uri=https%3A%2F%2Ffrca-development.elfcosmetics.com%2Fcallback&response_type=code&client_id=bc4b91c6-6960-4cb9-b44d-33cc7dfe679b&hint=guest&channel_id=elf-us&code_challenge=-Yb9d6hpAMsrPs6-F2nQ4ETOTAVdVeh_dfIVe6GSdu0 HTTP 303
  • https://frca-development.elfcosmetics.com/callback?usid=f0777040-880c-4ad2-8575-e14323307fa1&code=GtF71DOWxNMoVcmLPINgH4HPweFWr0OHso7HClYYVIU
Request Chain 26
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Request Chain 28
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Request Chain 30
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1794215606.1719361259&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46o1n81WL3STMXv896608294za200&auid=1483333547.1719361259 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1794215606.1719361259&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46o1n81WL3STMXv896608294za200&auid=1483333547.1719361259
Request Chain 84
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=6196242257875;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPusjOn_94YDFfvMOwIdn6cB5g;type=elf8j0;cat=glo_flhp;ord=6196242257875;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com
Request Chain 85
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=5850134585539;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CO2rjOn_94YDFSfJOwIdMZQHcw;type=elf8j0;cat=glo_flap;ord=5850134585539;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com
Request Chain 86
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=1192870450262;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CLCojOn_94YDFc70OwIdiNIKLA;type=conte0;cat=homep0;ord=1192870450262;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com
Request Chain 94
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=3365155414307;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CN3DkOn_94YDFebJOwIdCDsKsA;type=retarget;cat=globa0;ord=3365155414307;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com

116 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
frca-development.elfcosmetics.com/
849 KB
221 KB
Document
General
Full URL
https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.45.200.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-200-122.compute-1.amazonaws.com
Software
/
Resource Hash
34a6ee4e88a6e7fc683dcc91a87ef959578de03d8e4002a8d50e647ad06d18f3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
public, must-revalidate, s-maxage=900
content-encoding
gzip
content-language
fr-CA
content-type
text/html; charset=utf-8
date
Wed, 26 Jun 2024 00:20:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
via
1.1 0ed6c0a840134dc973c096b8d8152e62.cloudfront.net (CloudFront)
x-amz-apigw-id
Z8vBIHMhIAMEeDQ=
x-amz-cf-id
iSMQHUdPrmtgeAWkvASmM19sH0Ly3Qb9Y185boEzDDzDA8CCAu1OrA==
x-amz-cf-pop
BOS50-P4
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
749619
x-amzn-remapped-date
Wed, 26 Jun 2024 00:20:54 GMT
x-amzn-requestid
845dba0f-07e5-42cd-bc7e-5820c565f3a1
x-amzn-trace-id
Root=1-667b5ed2-5ff9387421cc0f435203ef1c;Parent=5fa6651f21473584;Sampled=0;lineage=0483b39b:0
x-cache
Miss from cloudfront
x-server
Smartling
x-sl-norewrite
1
x-sl-notranslate
1
x-yottaa-metrics
2621cc8d587d/[20054,19886,-] 26D1cc8d584a/[-,20176.078]
x-yottaa-optimizations
ob/1000000000001000 si/26D1cc8d584a-1719340556-5276571783 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-yottaa-os
200
sl-notr-a8aa72de7.js
pinchjs-cdn.gdn.smartling.com/
444 B
857 B
Script
General
Full URL
https://pinchjs-cdn.gdn.smartling.com/sl-notr-a8aa72de7.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:1b:8846:8500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18ba19e3b20996ceaec26cb04ccf96a0409efdaed19b5712dd2689bdbd227800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Wed, 26 Jun 2024 00:20:56 GMT
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 08:41:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"2e98bc5bae105815ceca8ccbf6cd2e5b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
444
x-amz-cf-id
t9CEjqqjwzyqZXT9lqTHBoigYVhogIuCune82wlVsMGsmsRsx8shsw==
sl-tran-a8aa72de7-fr-CA.js
pinchjs-cdn.gdn.smartling.com/
3 MB
2 MB
Script
General
Full URL
https://pinchjs-cdn.gdn.smartling.com/sl-tran-a8aa72de7-fr-CA.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:1b:8846:8500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
962c3325defd7f502b51391c9e86cf7712e2a54cd472a8fd5de96e2c0e01b716

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:56 GMT
x-amz-version-id
null
x-amz-meta-sl-checksum
3132089b-2666284627
last-modified
Tue, 25 Jun 2024 21:11:27 GMT
server
AmazonS3
content-encoding
gzip
x-amz-cf-pop
FRA56-C2
etag
W/"f750c2d74a82380707644587fbd437c0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
_ROXslJ1fz-VaQsesKL19f6BwvuhN6cVBs7F4LCJ00DFMUk5pR0VGQ==
sl-init.js
pinchjs-cdn.gdn.smartling.com/
117 KB
31 KB
Script
General
Full URL
https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:1b:8846:8500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f5dee40752ba2e5049c8e4e6e34090739d480f8b663308eeb2d4f6468fb1cf5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
date
Wed, 26 Jun 2024 00:11:51 GMT
last-modified
Thu, 20 Jun 2024 10:49:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
568
x-amz-server-side-encryption
AES256
etag
W/"0d75f2259f8cf0fe2e6a99ad99306cc2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1N2siUqHLmVfTXN-qSpz9YQpY55KkkPK0EjLV3uH_l7Vai3sIHsFGA==
locale-link-rewriter-0.0.2-min
cdn.c1.amplience.net/c/elfcosmetics/
553 B
679 B
Script
General
Full URL
https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.2-min
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 00:20:56 GMT
cache-control
max-age=120, s-maxage=1800
accept-ranges
bytes
content-length
553
x-amp-srv
A
content-type
application/javascript; charset=utf-8
vendor.js
frca-development.elfcosmetics.com/mobify/bundle/11472/
2 MB
627 KB
Script
General
Full URL
https://frca-development.elfcosmetics.com/mobify/bundle/11472/vendor.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.45.200.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-200-122.compute-1.amazonaws.com
Software
/
Resource Hash
12aef701f9abbb77ad769e835f981ab2c6b7dd1f7f19ffb59261b23084fbed98

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:56 GMT
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
PHL50-C1
age
70277
x-yottaa-optimizations
ob/1001 si/23D1cc8d5973-1719231543-4487744584 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Hit from cloudfront
x-sl-norewrite
1
x-amz-meta-deploy
786257
alt-svc
h3=":443"; ma=86400
x-amz-meta-bundle
11472
x-yottaa-forcecache
true
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31104000
x-yottaa-os
200
x-server
Smartling
x-yottaa-metrics
23214047a164/[207,71,-] 23D1cc8d5973/[hit]
x-sl-notranslate
1
x-amz-cf-id
xtiUTpGR-0RMRG7UMdBYO_pjlf3ETUyJaVhA6AxZ0Gpnq70B4QnwFA==
main.js
frca-development.elfcosmetics.com/mobify/bundle/11472/
2 MB
496 KB
Script
General
Full URL
https://frca-development.elfcosmetics.com/mobify/bundle/11472/main.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.45.200.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-200-122.compute-1.amazonaws.com
Software
/
Resource Hash
6f6f95f8cd39b9625e7c23ce8435d8e7e6bdd896a87f52437261376df381f792

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:57 GMT
via
1.1 52024f34763d4eab9553defd68a51a20.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DFW56-P2
age
74035
x-yottaa-optimizations
ob/1001 si/32D1a5fec6e1-1719231543-5403454966 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Miss from cloudfront
x-sl-norewrite
1
x-amz-meta-deploy
786257
alt-svc
h3=":443"; ma=86400
x-amz-meta-bundle
11472
x-yottaa-forcecache
true
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31104000
x-yottaa-os
200
x-server
Smartling
x-yottaa-metrics
3221a5fec63e/[436,373,-] 32D1a5fec6e1/[hit]
x-sl-notranslate
1
x-amz-cf-id
Nnd49U8w16AHgdvwl9Zjm4luJ-ngI5zZ9XVsNO2ABxY0MGoKFSoVVQ==
pages-home.js
frca-development.elfcosmetics.com/mobify/bundle/11472/
5 KB
3 KB
Script
General
Full URL
https://frca-development.elfcosmetics.com/mobify/bundle/11472/pages-home.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.45.200.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-200-122.compute-1.amazonaws.com
Software
/
Resource Hash
97996c9985c6b958fe1325fc72f641b0118c639d32f7b78f3d3245d83a588e43

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:57 GMT
via
1.1 5a91d22afb829e71a40227a558dc412c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DFW56-P2
age
0
x-yottaa-optimizations
ob/1000 si/32D1a5fec6d2-1719340557-8570418416 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Hit from cloudfront
x-sl-norewrite
1
x-amz-meta-deploy
786257
alt-svc
h3=":443"; ma=86400
x-amz-meta-bundle
11472
x-yottaa-forcecache
true
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31104000
x-yottaa-os
200
x-server
Smartling
x-yottaa-metrics
3221a5fec6f5/[124,114,-] 32D1a5fec6d2/[-,128.020]
x-sl-notranslate
1
x-amz-cf-id
Wbm3CKxTiNLbSpaHKICYT_J7UUZXT3gMQtu1KEIX6cRwwTSqqv4BmA==
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin
https://frca-development.elfcosmetics.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin
https://frca-development.elfcosmetics.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
halo-glow-repromote-2024-05-IMAGE-1_D-min
cdn.media.amplience.net/i/elfcosmetics/
55 KB
55 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-repromote-2024-05-IMAGE-1_D-min?fmt=auto
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
556439ae99de9152826ea7a09b6a485315e1a783563542df48051122040576ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:56 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
L3thqhIUf,l4p5bDg2e,xAmoEKQeQ,WepA0szpz
x-req-id
vnRlyt9JN0
content-length
56154
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Tue, 23 Apr 2024 21:32:39 GMT
halo-glow-repromote-2024-05-IMAGE-2_D-min
cdn.media.amplience.net/i/elfcosmetics/
24 KB
24 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-repromote-2024-05-IMAGE-2_D-min?fmt=auto
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
6d4040c70033d1b909ef1133deddc8d454e05467be6975afa26ac324e1fadea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:56 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
nkpBQYJJ_,l4p5bDg2e,7a1WfdFKy,WepA0szpz
x-req-id
3CUtd9CQcx
content-length
24182
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Tue, 23 Apr 2024 21:32:39 GMT
/
sdk.iad-05.braze.com/api/v3/data/ Frame
0
0
Preflight
General
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
899908da9cc74d2b-FRA
content-encoding
gzip
date
Wed, 26 Jun 2024 00:20:58 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11472/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ceCldLDyZN6bSQL6yyKLMg==
age
13239
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Tue, 25 Jun 2024 02:35:41 GMT
server
cloudflare
etag
0x8DC94BF8198F6A8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
27c9e704-601e-00db-1f1a-c7375c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899908d9ddd337e6-FRA
expires
Wed, 26 Jun 2024 20:40:19 GMT
gtm.js
www.googletagmanager.com/
528 KB
140 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f12a8b5b11f2d6de29c54ef1cc7abcaae17f77c7f7af855e9bb6e489ecc2f089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142890
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jun 2024 00:20:58 GMT
api_dynamic.js
cdn.dynamicyield.com/api/8772046/
763 KB
72 KB
Script
General
Full URL
https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:f800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
c97c9953abec796c4b0bd74a315a62e21947e66246a8f19ac91f0650325a405d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
via
1.1 5034084c037ff19008ba7c2c0b849a4c.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jun 2024 20:47:57 GMT
server
DYCDN
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
etag
W/"cd874acad5a947bac2fd5b6e73facc5b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=30
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
psEWGo6KfilVWSk1PkNju2xMRNSBAYqHra6pEBdPy09TNyMr_8QNSQ==
api_static.js
cdn.dynamicyield.com/api/8772046/
388 KB
114 KB
Script
General
Full URL
https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:f800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 15:02:57 GMT
content-encoding
gzip
via
1.1 5034084c037ff19008ba7c2c0b849a4c.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jun 2024 15:02:50 GMT
server
DYCDN
age
33482
x-amz-cf-pop
FRA56-P11
etag
W/"64e0187feba0c97d38f8aabb6e6d66cd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
vXINrHbLhY6epLqruechgsa0OZP0c9Dmu3NTXRkSIRgkW6wtt-rJ4g==
/
api.ipify.org/
24 B
157 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11472/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2987599d351aa7fa2878bf9af44c0fb46d1da1aa9d5c374a391678bff551f06d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
899908da1df91c22-FRA
content-length
24
/
api.ipify.org/
24 B
76 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11472/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2987599d351aa7fa2878bf9af44c0fb46d1da1aa9d5c374a391678bff551f06d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
899908dadea91c22-FRA
content-length
24
/
sdk.iad-05.braze.com/api/v3/data/
616 B
682 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11472/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
563909110c5337aef57cfeb95cae7cd6c4b714c45e6a3dce42ec70c58e038d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Braze-Api-Key
23316cb7-f57f-4f14-a7d3-8bed8ca921f5
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
Referer
https://frca-development.elfcosmetics.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-Req-Attempt
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
5df5797c-5aae-44ac-8a80-ddf8cfdb5b59
x-runtime
0.130020
server
cloudflare
etag
W/"563909110c5337aef57cfeb95cae7cd6"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1719361260
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
899908dbcd914d2b-FRA
x-ratelimit-remaining
499.0
callback
frca-development.elfcosmetics.com/
Redirect Chain
  • https://frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/authorize?redirect_uri=https%3A%2F%2Ffrca-development.elfcosmetics.com%2Fcallback&res...
  • https://frca-development.elfcosmetics.com/callback?usid=f0777040-880c-4ad2-8575-e14323307fa1&code=GtF71DOWxNMoVcmLPINgH4HPweFWr0OHso7HClYYVIU
0
0
Fetch
General
Full URL
https://frca-development.elfcosmetics.com/callback?usid=f0777040-880c-4ad2-8575-e14323307fa1&code=GtF71DOWxNMoVcmLPINgH4HPweFWr0OHso7HClYYVIU
Protocol
H2
Server
52.45.200.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-200-122.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 00:21:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
content-encoding
gzip
x-amz-cf-pop
IAD89-C3
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
1925e97a-bb62-42b3-84aa-5f4dad472a57
x-yottaa-optimizations
ob/1000 si/23D1cc8d5973-1719340557-8789373357 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Miss from cloudfront
x-sl-norewrite
1
x-amz-apigw-id
Z8vE-Gt8IAMEgIQ=
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-667b5eec-61819e163805c15e73cd92bd;Parent=4928caeee5550e6c;Sampled=0;lineage=0483b39b:0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public, max-age=604800
x-yottaa-os
200
x-server
Smartling
x-yottaa-metrics
23214047a1a6/[412,362,-] 23D1cc8d5973/[-,413.902]
x-sl-notranslate
1
x-amzn-remapped-date
Wed, 26 Jun 2024 00:21:00 GMT
x-amz-cf-id
CHUDNQLSbCWPWJIViBrk4P5bM5g7SgdlIK3QHu9cp1C6m2DmSmNcSg==

Redirect headers

date
Wed, 26 Jun 2024 00:20:59 GMT
x-correlation-id
899908e10c822511
via
1.1 2de9b6504a97ad8423645370927ef0ce.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SFO20-C1
age
0
x-yottaa-optimizations
ob/0 si/25D1cc028a6b-1719340557-4143632956 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
Miss from cloudfront
x-sl-norewrite
1
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-ratelimit-1m-remaining
487, 1920311
x-ratelimit-1m-reset
223, 222
x-ratelimit-1m-limit
500, 2000000
vary
Accept-Encoding
location
https://frca-development.elfcosmetics.com/callback?usid=f0777040-880c-4ad2-8575-e14323307fa1&code=GtF71DOWxNMoVcmLPINgH4HPweFWr0OHso7HClYYVIU
cache-control
no-store
x-yottaa-os
303
x-server
Smartling
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/authorize?redirect_uri=https%3A%2F%2Ffrca-development.elfcosmetics.com%2Fcallback&response_type=code&client_id=bc4b91c6-6960-4cb9-b44d-33cc7dfe679b&hint=guest&channel_id=elf-us&code_challenge=-Yb9d6hpAMsrPs6-F2nQ4ETOTAVdVeh_dfIVe6GSdu0
x-yottaa-metrics
2521cc0285ab/[600,575,-] 25D1cc028a6b/[-,600.905]
cf-ray
899908e10c822511-SJC
x-amz-cf-id
BJIX4gQgpV-NUfYPDqzEdCzoa1byTY-m_UJ7AXEvrm6Crril2U6Hkg==
x-sl-notranslate
1
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Frame
0
0
Preflight
General
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.213.135.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-135-225.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sl-pjs-locale,x-sl-pjs-uid,x-sl-pjs-version
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
apigw-requestid
Z8vEwiqeIAMEVgQ=
content-length
2
content-type
application/json
date
Wed, 26 Jun 2024 00:20:58 GMT
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
6 KB
3 KB
XHR
General
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.213.135.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-135-225.compute-1.amazonaws.com
Software
/
Resource Hash
59e46d01ff9a430de7b1928dea92399e5508e659ae4599aabaa001b3f3faa9f3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-SL-PJS-Version
0.284
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
3220
apigw-requestid
Z8vExgzToAMEbeQ=
content-type
application/json
018f3a35-07a5-7147-9679-059bb45a7bfc.json
cdn.cookielaw.org/consent/018f3a35-07a5-7147-9679-059bb45a7bfc/
6 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/018f3a35-07a5-7147-9679-059bb45a7bfc/018f3a35-07a5-7147-9679-059bb45a7bfc.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88aa2fdba45f190a43ebb418538c48514becd87ea5b6631a70cfb6568f74140d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
70277
content-md5
EnQpyZfiKHKeH0qG+E+dhQ==
content-length
1762
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jun 2024 20:15:40 GMT
server
cloudflare
etag
0x8DC8B1C6E36A4DE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
75413858-501e-0072-6af3-c0e2b4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899908db0ce865c0-FRA
expires
Thu, 27 Jun 2024 00:20:58 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
66 B
303 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept
application/json
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
899908dbccbe1c85-FRA
access-control-allow-headers
Content-Type
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 23:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2395
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 26 Jun 2024 01:41:03 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:58 GMT
an-x-request-uuid
d72b8b5c-7038-4f2c-8a44-e604e385caa9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.157; 185.213.155.157; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:58 GMT
an-x-request-uuid
a3ccdacf-6380-40ae-8a7b-0edc3a0f95f1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.157; 185.213.155.157; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/
70 B
149 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:58 GMT
server
Kestrel
content-length
70
content-type
image/gif
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:58 GMT
an-x-request-uuid
5ed271cd-17c2-4163-a110-6bba84a39c24
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.157; 185.213.155.157; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:58 GMT
an-x-request-uuid
11109d8e-f924-4866-ae9f-e72d647260ac
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.157; 185.213.155.157; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/
70 B
148 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:58 GMT
server
Kestrel
content-length
70
content-type
image/gif
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1794215606.1719361259&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46o1n81WL...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1794215606.1719361259&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=...
42 B
65 B
Ping
General
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1794215606.1719361259&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46o1n81WL3STMXv896608294za200&auid=1483333547.1719361259
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1794215606.1719361259&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46o1n81WL3STMXv896608294za200&auid=1483333547.1719361259
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202405.2.0/
451 KB
110 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e94d708e9dc761fb1e714afe78b59026d8a7bc7641c89803d854c84cfa1e8b89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BVk4qgiFbkhql6hjghSxtg==
age
79450
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
112021
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jun 2024 01:58:24 GMT
server
cloudflare
etag
0x8DC8A8324B6C1DD
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0570beca-201e-0035-3c70-bcef3c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899908dbff4c37e6-FRA
en.json
cdn.cookielaw.org/consent/018f3a35-07a5-7147-9679-059bb45a7bfc/018ebeca-e8af-7f81-b182-0c90ba9664dd/
34 KB
10 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/018f3a35-07a5-7147-9679-059bb45a7bfc/018ebeca-e8af-7f81-b182-0c90ba9664dd/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d21d36952fe978daaa93617316f7a968a9dfbfe4acafb01bf4d1bc85585adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
70276
content-md5
a+fa5ce+2eJnpTzsVkYw5A==
content-length
9843
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jun 2024 20:15:44 GMT
server
cloudflare
etag
0x8DC8B1C706F0320
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4a6b33d5-501e-0097-11bb-c6f043000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899908dc3dba65c0-FRA
expires
Thu, 27 Jun 2024 00:20:58 GMT
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Frame
0
0
Preflight
General
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.213.135.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-135-225.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sl-pjs-locale,x-sl-pjs-uid,x-sl-pjs-version
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
apigw-requestid
Z8vExiqpoAMEVgQ=
content-length
2
content-type
application/json
date
Wed, 26 Jun 2024 00:20:59 GMT
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
6 KB
3 KB
XHR
General
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.213.135.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-135-225.compute-1.amazonaws.com
Software
/
Resource Hash
59e46d01ff9a430de7b1928dea92399e5508e659ae4599aabaa001b3f3faa9f3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-SL-PJS-Version
0.284
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
3220
apigw-requestid
Z8vEyhgboAMEbUw=
content-type
application/json
otFlat.json
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc11897bd686817da4d462b4fc503101091e6df96894ef4f58a7546285013a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XFxwGiqDQImLQKbYktZMCQ==
age
70276
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3010
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jun 2024 01:58:16 GMT
server
cloudflare
etag
0x8DC8A83206C98C8
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9da6b555-801e-0052-3799-c18e78000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899908dc9e1265c0-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d5103576ca3021541a6eb4ece82f19b2b2ac610297ccb565da0fdcc8bf479e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
kbRjHBvTlS4vDaDSomgikQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12748
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jun 2024 01:58:19 GMT
server
cloudflare
etag
0x8DC8A83220A5518
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ffea9025-d01e-00e0-0af3-c07502000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899908dcae1465c0-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
kTA/t3XG9fCoBuwIdlAXiA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1738
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jun 2024 01:58:19 GMT
server
cloudflare
etag
0x8DC8A8321B2F2F9
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
88b7e5a5-001e-0048-4dbb-c6a117000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899908dcae1565c0-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/
24 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
9eusssrwoAzVOVsIadvhfQ==
age
70276
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jun 2024 01:58:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
5867b0fb-701e-00c4-7b99-c1ec4c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
899908dcae1865c0-FRA
collect
www.google-analytics.com/j/
3 B
220 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2119725817&t=pageview&_s=1&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Produits%20de%20maquillage%20et%20soin%20%C3%A0%20prix%20abordables%20de%20drugstore%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=1696014255&gjid=22635316&cid=1158630202.1719361259&tid=UA-432816-1&_gid=1201775667.1719361259&_r=1&_slc=1&gtm=45He46o1n81WL3STMXv896608294za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&tag_exp=0&z=1657029864
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://frca-development.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
st
st.dynamicyield.com/
151 KB
13 KB
Script
General
Full URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=3d4nf4r5ey8ulugcrl9ovmj7z8uise58&ref=&scriptVersion=2.32.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22fr-CA%22%2C%22data%22%3A%5B%5D%7D
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:ea00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
424811d19077cc61b390a6575f2b91531aae506b069eab65cba6ce35ddb6a750

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control
no-cache
x-amz-cf-id
wsdHzrU235JSt_8VcebtItMtSktHniQTGYgUZzQjD5-TPSRO9z99Aw==
expires
Wed, 26 Jun 2024 00:20:58 GMT
ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
623 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
20777
x-ms-lease-status
unlocked
last-modified
Tue, 25 Jun 2024 02:35:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
90c37d8f-101e-0090-1caf-c606c6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
899908dd985337e6-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
489 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
70277
x-ms-lease-status
unlocked
last-modified
Mon, 24 Jun 2024 01:56:35 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9cf2ad42-801e-007b-75f5-c5f83a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
899908ddaeba65c0-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/
4 KB
4 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
31582
content-length
4036
x-ms-lease-status
unlocked
last-modified
Mon, 24 Jun 2024 16:48:43 GMT
server
cloudflare
etag
0x8DC946D81FC1ABF
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
80156571-901e-0002-259f-c69170000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
899908ddb86b37e6-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2024 00:20:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
142
x-ms-lease-status
unlocked
last-modified
Tue, 25 Jun 2024 02:35:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7db24059-e01e-000d-0d32-c77c86000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
899908ddb86c37e6-FRA
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame
0
0
Preflight
General
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
899908ddef054d2b-FRA
content-encoding
gzip
date
Wed, 26 Jun 2024 00:20:59 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/feature_flags/ Frame
0
0
Preflight
General
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
899908ddef074d2b-FRA
content-encoding
gzip
date
Wed, 26 Jun 2024 00:20:59 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/content_cards/
85 B
222 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11472/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c8444b30739591c1f9a293dbe129dbadedd00a29535a09bd6bd3f8e3bfec62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Braze-Req-Tokens-Remaining
29
X-Braze-Api-Key
23316cb7-f57f-4f14-a7d3-8bed8ca921f5
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
BRAZE-SYNC-RETRY-COUNT
0
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
X-Braze-Req-Attempt
1
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
2e2e8593-c9ad-4f01-8e65-a37c3b20ff5d
x-runtime
0.041691
server
cloudflare
etag
W/"41c8444b30739591c1f9a293dbe129db"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1719361260
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
899908deefae4d2b-FRA
x-ratelimit-remaining
499.0
sync
sdk.iad-05.braze.com/api/v3/feature_flags/
20 B
180 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11472/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Braze-Req-Tokens-Remaining
28
X-Braze-Api-Key
23316cb7-f57f-4f14-a7d3-8bed8ca921f5
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
Referer
https://frca-development.elfcosmetics.com/
X-Requested-With
XMLHttpRequest
X-Braze-FeatureFlagsRequest
true
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-Req-Attempt
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
293e7436-0957-4ddb-b545-ad615e2d2158
x-runtime
0.047991
server
cloudflare
etag
W/"e92f434a50c76d6e52d0d3cc91cdf185"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1719361260
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
899908deffb44d2b-FRA
x-ratelimit-remaining
498.0
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
8 KB
4 KB
XHR
General
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.213.135.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-135-225.compute-1.amazonaws.com
Software
/
Resource Hash
e0bf1256d05876b0703026d1f3d675729cc9b1734d3c85c4da80d46df7bc9560

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-SL-PJS-Version
0.284
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
4267
apigw-requestid
Z8vEzh19oAMEVXA=
content-type
application/json
3b9665c4-e926-47eb-ab1d-7af54f35eb0e
https://frca-development.elfcosmetics.com/
2 KB
0
Other
General
Full URL
blob:https://frca-development.elfcosmetics.com/3b9665c4-e926-47eb-ab1d-7af54f35eb0e
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccf05e34a56ce4958cebf205da9e7dc9db7ac4e8c799ae5f9b3d06e5dd842e78

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
2461
Content-Type
sl-placeholder-values
pinchjs.gdn.smartling.com/sl-api/
2 B
144 B
XHR
General
Full URL
https://pinchjs.gdn.smartling.com/sl-api/sl-placeholder-values
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.213.135.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-135-225.compute-1.amazonaws.com
Software
/
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-SL-PJS-Version
0.284
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 00:20:59 GMT
access-control-allow-headers
*
content-length
2
apigw-requestid
Z8vE1jRfoAMEb1w=
content-type
application/json
sl-placeholder-values
pinchjs.gdn.smartling.com/sl-api/ Frame
0
0
Preflight
General
Full URL
https://pinchjs.gdn.smartling.com/sl-api/sl-placeholder-values
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.213.135.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-135-225.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sl-pjs-locale,x-sl-pjs-uid,x-sl-pjs-version
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
apigw-requestid
Z8vE0h6HoAMEbHA=
content-length
2
content-type
application/json
date
Wed, 26 Jun 2024 00:20:59 GMT
dy-coll-min.js
cdn.dynamicyield.com/scripts/2.32.0/
196 KB
65 KB
Script
General
Full URL
https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:f800:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 21:44:25 GMT
content-encoding
gzip
via
1.1 5034084c037ff19008ba7c2c0b849a4c.cloudfront.net (CloudFront)
last-modified
Tue, 02 Apr 2024 09:13:12 GMT
server
DYCDN
age
2428595
x-amz-cf-pop
FRA56-P11
etag
W/"65b3e284856fb8d657d1f6a3423618c7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
dyVCl4M6djjQZVwyb90Je0D26lKS-nlkd3umcosaMbyLdx-wSVe-cg==
uia
async-px.dynamicyield.com/
0
384 B
XHR
General
Full URL
https://async-px.dynamicyield.com/uia?cnst=1&_=1719361259355
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-125.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
M3_21bsI_Puc1FX8N0DhtiUTKJyyox_VyCuBBlul9ENN6uW2lY_0XQ==
expires
0
brow-laminating-gel-2024-05-IMAGE-1_D-min
cdn.media.amplience.net/i/elfcosmetics/
20 KB
20 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-1_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-1_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-1_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
05d6a1f5cbdc45af1b0a63a615135dc1065f22f611517e428ed6ec64bddbef88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
1tbiQb9At,l4p5bDg2e,JBjQsh0DO,WepA0szpz
x-req-id
0pPg6FC-F1
content-length
20654
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Fri, 31 May 2024 07:00:09 GMT
brow-laminating-gel-2024-05-BACKGROUND_D-min
cdn.media.amplience.net/i/elfcosmetics/
10 KB
10 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-BACKGROUND_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-BACKGROUND_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-BACKGROUND_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
c04c2a9e91f5c91967c8716f3d885af6beb95566f26fc386a2f74a9cebdbc616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
NdDQrWW9R,l4p5bDg2e,kdpOvd2_a,WepA0szpz
x-req-id
IKmk2w81C3
content-length
10257
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Fri, 31 May 2024 07:00:10 GMT
project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-1_D-min
cdn.media.amplience.net/i/elfcosmetics/
26 KB
27 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-1_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-1_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-1_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
10b0a8089c1cea1328c2b06cb238c94036614502d91aec1e98309c560b3d316a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
k6o0kIDjm,l4p5bDg2e,cRluW8FOS,WepA0szpz
x-req-id
LbEACim5K2
content-length
27027
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 03 Jun 2024 21:22:03 GMT
project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min
cdn.media.amplience.net/i/elfcosmetics/
254 KB
255 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
60bcf01d04394617737446dc979e69c27ed9d8707decce34b5986d9be29a2d7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
NzNqqoDM-,l4p5bDg2e,mQqckZV-k,WepA0szpz
x-req-id
-Vye19Ln75
content-length
260184
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 03 Jun 2024 15:55:02 GMT
halo-glow-repromote-2024-05-IMAGE-1_D-min
cdn.media.amplience.net/i/elfcosmetics/
55 KB
0
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-repromote-2024-05-IMAGE-1_D-min?fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
556439ae99de9152826ea7a09b6a485315e1a783563542df48051122040576ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:56 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
L3thqhIUf,l4p5bDg2e,xAmoEKQeQ,WepA0szpz
x-req-id
vnRlyt9JN0
content-length
56154
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Tue, 23 Apr 2024 21:32:39 GMT
halo-glow-repromote-2024-05-IMAGE-2_D-min
cdn.media.amplience.net/i/elfcosmetics/
24 KB
0
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-repromote-2024-05-IMAGE-2_D-min?fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
6d4040c70033d1b909ef1133deddc8d454e05467be6975afa26ac324e1fadea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:56 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
nkpBQYJJ_,l4p5bDg2e,7a1WfdFKy,WepA0szpz
x-req-id
3CUtd9CQcx
content-length
24182
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Tue, 23 Apr 2024 21:32:39 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2119725817&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Produits%20de%20maquillage%20et%20soin%20%C3%A0%20prix%20abordables%20de%20drugstore%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=aEBAAEABAAAAACgAIkC~&cid=1059449412.1719361259&tid=UA-432816-1&_gid=2094418707.1719361259&gtm=45He46o1n81WL3STMXv896608294za200&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=homepage&cd19=&cd21=CA&gcs=G100&gcd=13u3u3u2u5&dma_cps=-&dma=1&tag_exp=0&npa=1&z=1143095780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 22:20:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7234
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.ico
frca-development.elfcosmetics.com/
34 KB
35 KB
Other
General
Full URL
https://frca-development.elfcosmetics.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.45.200.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-200-122.compute-1.amazonaws.com
Software
/
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:00 GMT
via
1.1 98e30e5953336545df428a8f5923a288.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
34494
x-amz-cf-pop
IAD89-C3
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
39e40fe5-56ee-44be-b532-78c14ba5c9e0
x-yottaa-optimizations
ob/0 si/23D1cc8d59c3-1719340557-9751260256 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
x-cache
RefreshHit from cloudfront
x-sl-norewrite
1
x-amz-apigw-id
Z8ecsG4OIAMEalw=
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
last-modified
Mon, 24 Jun 2024 19:30:42 GMT
x-amzn-trace-id
Root=1-667b4450-1ab1be6f649aff78365c4aa5;Parent=7b05dc42cc52dbf2;Sampled=0;lineage=0483b39b:0
etag
W/"86be-1904bbaa6d0"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=600, s-maxage=600
x-yottaa-os
200
x-server
Smartling
x-yottaa-metrics
23214047a188/[536,476,-] 23D1cc8d59c3/[-,539.039]
x-sl-notranslate
1
x-amzn-remapped-date
Tue, 25 Jun 2024 22:27:31 GMT
x-amz-cf-id
JVA-u_gmX9q-O5CAt5N8u8U7lO_jN_98nMYG91xg3ncDoaznXmMOeQ==
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=391805&uid=6300536120928853739&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=a00aedf7d0ed7215bca7d26848c3d16a&expSes=89684&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9010271507377818530&cgtgDecisionId=9010271504991530969&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719361259420&rri=4409913
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-125.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
r_cvySreu2TpH3TiiOMpm-vZWSxyT3RaG0oG_1FIRryJ0PLk5Oz5og==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=509244&uid=6300536120928853739&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=a00aedf7d0ed7215bca7d26848c3d16a&expSes=89684&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9010271507430105429&cgtgDecisionId=9010271506062893402&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719361259423&rri=9637822
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-125.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
zLCPuBwVuPlc6BVDUBeK44JhWxFddEfxRr3K6UZn4Fh0VsDl4Y2Ydg==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=604381&uid=6300536120928853739&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=a00aedf7d0ed7215bca7d26848c3d16a&expSes=89684&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9010271506251473869&cgtgDecisionId=9010271508236261999&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719361259424&rri=6629512
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-125.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
u_Po9t9JblF3JXE57wAm5cPaEez82pgZRLPRvCKaFn3SCLl6Ax7M0g==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=569536&uid=6300536120928853739&sec=8772046&t=ri&e=1708014&p=1&ve=13018622&va=%5B28672636%5D&ses=a00aedf7d0ed7215bca7d26848c3d16a&expSes=89684&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9010271505637283186&cgtgDecisionId=9010271508196896950&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719361259425&rri=2529068
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-125.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
5C7mUwa6r2SEQcL9niC-iQAGUtgv5b8cXMTm7lJ0YLHAJTxqjwNjkA==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=709231&uid=6300536120928853739&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28646951%5D&ses=a00aedf7d0ed7215bca7d26848c3d16a&expSes=89684&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9010271506466763614&cgtgDecisionId=9010271505054049825&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719361259425&rri=9158825
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-125.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
a3H3JlRJAuolR07s4hnjiCROMNQ87Lm_cdmToDAgL5VjDb1Le17otQ==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=935190&uid=6300536120928853739&sec=8772046&t=ri&e=1750936&p=1&ve=13190838&va=%5B28818377%5D&ses=a00aedf7d0ed7215bca7d26848c3d16a&expSes=89684&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9010271506969000904&cgtgDecisionId=9010271504986390171&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719361259426&rri=1087628
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-125.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
GYCOW8ubQnQD88aRtkRhfCSW3x-KHcm3oGcmGkvYmp2Zm-qCTdcB-g==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=407843&uid=6300536120928853739&sec=8772046&t=ri&e=1750954&p=1&ve=13304536&va=%5B28818429%5D&ses=a00aedf7d0ed7215bca7d26848c3d16a&expSes=89684&aud=884367.884385.884387.1167402.1324059.1846919.2356145.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=9010271508540930515&cgtgDecisionId=9010271505455287196&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719361259426&rri=4656222
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-125.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
Q5AMY_gxa1GXjZWJVlFB2gcJBg4p4pTQlrUxWWxOCGapFGRZF80EOQ==
expires
0
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
8 KB
4 KB
XHR
General
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.213.135.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-135-225.compute-1.amazonaws.com
Software
/
Resource Hash
81c75e5b9f1c58313526e4395b2a85eb13313e3a516b1bedf2b004d471933dc7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-SL-PJS-Version
0.284
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
4307
apigw-requestid
Z8vE1gVjoAMEbCA=
content-type
application/json
batch
async-px.dynamicyield.com/
0
385 B
Ping
General
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1719361259483_471006
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-125.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
via
1.1 13c8b9a0a39ad1238a922185ad5547fc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
J4xeHqgzRN3AYZ5viSRaKf9yFEKzRiyAEx2n5LfHswZQ8WNqUfDkAQ==
expires
0
110221.ct.js
tag.rmp.rakuten.com/
47 KB
15 KB
Script
General
Full URL
https://tag.rmp.rakuten.com/110221.ct.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
147f6c57c05b20ffc422296d90361d70008496016fd1effbf88cc65064565818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Wed, 26 Jun 2024 00:20:59 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js
www.paypal.com/sdk/
424 KB
119 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AdbSjPzpiugLUamLbxjsLNtn1SVvYd1DZAFlcqe0s_dfcQDjgON0Mzx9K2wVhJkCH8QEM9VLTeAT_oMr&intent=authorize&currency=CAD&vault=true&components=buttons,messages
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
17396c6bb47c7af35dad7463330cba53be78c77704ffe6b9ba60298ae47e3934
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-kgYOYFlcdIZCggbje+ibxMU7GLuLXT0K1LAt9F/gCO2YIJHg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-kgYOYFlcdIZCggbje+ibxMU7GLuLXT0K1LAt9F/gCO2YIJHg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-kgYOYFlcdIZCggbje+ibxMU7GLuLXT0K1LAt9F/gCO2YIJHg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-kgYOYFlcdIZCggbje+ibxMU7GLuLXT0K1LAt9F/gCO2YIJHg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Wed, 26 Jun 2024 00:21:00 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f698448ff2c2e
server-timing
"traceparent;desc="00-0000000000000000000f698448ff2c2e-6d3a1d79e4a063d9-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
119523
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230107-FRA, cache-fra-eddf8230107-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f698448ff2c2e-413bba0585ce9dcd-01
x-timer
S1719361260.565901,VS0,VE644
etag
W/"1d2e3-N7KBPAbz4hfQPLC/37T3UHCMoKk"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
main.js
staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/
260 KB
53 KB
Script
General
Full URL
https://staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.194.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
77.194.111.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
c48476ffd21ed753a90b11db277894d1c3f1bf60a2cc735abfbe1db237cdafe0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip
last-modified
Mon, 10 Apr 2023 21:09:34 GMT
server
Apache
via
1.1 google
etag
"145ba75-41083-5f901caaa5f80-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54128
js
www.googletagmanager.com/gtag/
302 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YLVE8V69LW&l=dataLayer&cx=c
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf5a74b315f3c549fd6e056a7023c7546934b873c7e0d3c70b563eb6e1cd4987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103600
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Jun 2024 00:20:59 GMT
js
www.googletagmanager.com/gtag/
310 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07ee3507970bffebc468c7519df71956f25cbd951cfc23c670a25d740b07fb40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105119
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Jun 2024 00:20:59 GMT
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dae9b41d89e2f4c730c24f101106c03ac157d2f3efc24d526a40279f9576dafa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 26 Jun 2024 00:20:59 GMT
destination
www.googletagmanager.com/gtag/
213 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa15cc3b8e86d8c69f09deffb960d3b44651ad33c9c79b1466a4b354df6b9488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78260
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jun 2024 00:20:59 GMT
destination
www.googletagmanager.com/gtag/
213 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
352c2a7a4992466942e8d3aa677fd92a8a61ad1bd9a79a3232e37849c71a11c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78254
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jun 2024 00:20:59 GMT
1a8bfa042c9c5.js
t.contentsquare.net/uxa/
336 KB
80 KB
Script
General
Full URL
https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-112.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d841b6859d2469f63df65c0a91d70da822367d82810d4d08900d79b21bdddc19

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 07:44:11 GMT
content-encoding
br
via
1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81626
last-modified
Wed, 19 Jun 2024 07:37:38 GMT
server
AmazonS3
etag
"833f870d397c05130b52ad5dd9f75837"
vary
Accept-Encoding, Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
gjtiOVret4vbrSXK3evB19k9Y1JGS2Ceno668F2jZBpLkMb0A7XRLg==
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
8 KB
4 KB
XHR
General
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.213.135.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-135-225.compute-1.amazonaws.com
Software
/
Resource Hash
bfb40ce76d0e0a46406467387115ddcca7432261d8046709448bbfaca56f0233

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-SL-PJS-Version
0.284
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
4307
apigw-requestid
Z8vE4jUoIAMEbZw=
content-type
application/json
destination
www.googletagmanager.com/gtag/
213 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ed581d995ab7b60ef12045e89c599ae81f15846028a0ce09d81c3c4298078d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78250
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jun 2024 00:20:59 GMT
pageview
c.contentsquare.net/
0
320 B
Image
General
Full URL
https://c.contentsquare.net/pageview?ex=&dt=44&pvt=n&cvars=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&cvarp=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&la=de-DE&uc=0&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dr=&dw=1600&dh=3286&ww=1600&wh=1200&sw=1600&sh=1200&uu=2bc49004-34b8-a0dc-a2a0-c6721526015c&sn=1&hd=1719361259&v=14.19.1&pid=1926&pn=1&r=700985
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.62.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-62-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
src=10742279;dc_pre=CPusjOn_94YDFfvMOwIdn6cB5g;type=elf8j0;cat=glo_flhp;ord=6196242257875;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=6196242257875;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Bra...
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPusjOn_94YDFfvMOwIdn6cB5g;type=elf8j0;cat=glo_flhp;ord=6196242257875;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;...
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPusjOn_94YDFfvMOwIdn6cB5g;type=elf8j0;cat=glo_flhp;ord=6196242257875;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPusjOn_94YDFfvMOwIdn6cB5g;type=elf8j0;cat=glo_flhp;ord=6196242257875;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=10742279;dc_pre=CO2rjOn_94YDFSfJOwIdMZQHcw;type=elf8j0;cat=glo_flap;ord=5850134585539;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=5850134585539;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Bra...
  • https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CO2rjOn_94YDFSfJOwIdMZQHcw;type=elf8j0;cat=glo_flap;ord=5850134585539;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;...
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CO2rjOn_94YDFSfJOwIdMZQHcw;type=elf8j0;cat=glo_flap;ord=5850134585539;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CO2rjOn_94YDFSfJOwIdMZQHcw;type=elf8j0;cat=glo_flap;ord=5850134585539;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=10265292;dc_pre=CLCojOn_94YDFc70OwIdiNIKLA;type=conte0;cat=homep0;ord=1192870450262;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0....
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=1192870450262;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Ch...
  • https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CLCojOn_94YDFc70OwIdiNIKLA;type=conte0;cat=homep0;ord=1192870450262;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromiu...
42 B
118 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CLCojOn_94YDFc70OwIdiNIKLA;type=conte0;cat=homep0;ord=1192870450262;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CLCojOn_94YDFc70OwIdiNIKLA;type=conte0;cat=homep0;ord=1192870450262;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
sgtm.elfcosmetics.com/g/
65 B
127 B
XHR
General
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46o1v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=543098860.1719361260&ecid=995747641&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-HE&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sst.rnd=1794215606.1719361259&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=1&sid=1719361259&sct=1&seg=0&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dt=Produits%20de%20maquillage%20et%20soin%20%C3%A0%20prix%20abordables%20de%20drugstore%20%7C%20e.l.f.%20Cosmetics&en=pageview&_fv=1&_nsi=1&_ss=1&ep.vendor_id=pinterest&ep.email=&ep.event_id=1719362065930_17193620987359&ep.external_id=&tfd=25299&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:00 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://frca-development.elfcosmetics.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
collect
sgtm.elfcosmetics.com/g/
65 B
314 B
XHR
General
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46o1v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=543098860.1719361260&ecid=995747641&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-HE&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sst.rnd=1794215606.1719361259&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=2&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1719361259&sct=1&seg=1&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&en=page_view&ep.page_type=homepage&ep.page_environment=development&ep.page_language=FR&ep.page_country=CA&_et=2&up.custom_user_id=&up.client_id=&up.user_has_transacted=false&up.user_logged_in=false&up.user_country=CA&up.user_loyalty_status=false&tfd=25305&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://frca-development.elfcosmetics.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YLVE8V69LW&gtm=45je46o1v9106080885z8896608294za200zb896608294&gcs=G100&gcd=13u3uPu2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1809555084.1719361260&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1719361259&sct=1&seg=0&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=homepage&ep.page_environment=development&ep.page_country=CA&ep.page_language=FR&up.custom_user_id=&up.client_id=&up.user_has_transacted=false&up.user_logged_in=false&up.user_country=CA&up.user_loyalty_status=false&tfd=25331&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YLVE8V69LW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://frca-development.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ef0315e8-65c3-4432-be31-b91e2a1d7d7d
https://frca-development.elfcosmetics.com/
7 KB
0
Other
General
Full URL
blob:https://frca-development.elfcosmetics.com/ef0315e8-65c3-4432-be31-b91e2a1d7d7d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dae94126362e2c8b80dfbc73f6b32f15be7805cbdf6739a72cab5ca534c15e0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
7329
Content-Type
application/javascript
www-widgetapi.js
www.youtube.com/s/player/a95aa57a/www-widgetapi.vflset/
31 KB
11 KB
Script
General
Full URL
https://www.youtube.com/s/player/a95aa57a/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56c989ad68e2d657ec33446633534c0d2b3ee0aeaa1cbe4ef8a21a1e9a5c3b99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 22:09:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
7903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10459
x-xss-protection
0
last-modified
Tue, 25 Jun 2024 04:17:26 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 25 Jun 2025 22:09:16 GMT
en-us.js
staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/
53 KB
5 KB
Script
General
Full URL
https://staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/en-us.js
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.194.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
77.194.111.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
8156e978b8f902bb27d56d9baeb9f76f37fc4dbbc718f8d95a2bf9936d07b361
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:20:59 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip
last-modified
Mon, 10 Apr 2023 21:09:34 GMT
server
Apache
via
1.1 google
etag
"1a114a5-d3e6-5f901caaa5f80-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5096
dvar
c.contentsquare.net/
0
319 B
Image
General
Full URL
https://c.contentsquare.net/dvar?v=14.19.1&pid=1926&pn=1&sn=1&uu=2bc49004-34b8-a0dc-a2a0-c6721526015c&dv=H4sIAAAAAAAAA6tWcnSKd4mMd8%2FJT0rMUXDOzyspys9RCEktLlGyUnKpzEvMzUxWiMxMzUlRcK0oSC3KTM1LTi1W0oHqQ4gpGAI1hCUWZSaWZObnAXkwJT755QqeeSWpeSATA%2FILSnOAikoqlWoB8S1cunwAAAA%3D&ct=2&r=030349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.62.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-62-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
src=9231397;dc_pre=CN3DkOn_94YDFebJOwIdCDsKsA;type=retarget;cat=globa0;ord=3365155414307;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=3365155414307;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0....
  • https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CN3DkOn_94YDFebJOwIdCDsKsA;type=retarget;cat=globa0;ord=3365155414307;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab...
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CN3DkOn_94YDFebJOwIdCDsKsA;type=retarget;cat=globa0;ord=3365155414307;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:21:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 00:20:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CN3DkOn_94YDFebJOwIdCDsKsA;type=retarget;cat=globa0;ord=3365155414307;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46o1v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jsp
ut.rd.linksynergy.com/
148 B
413 B
Script
General
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
225e65362afdff366c29b1dcfadc7bd9efbe3a406b99cf4ea4eafa32447133e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/plain; charset=utf-8
date
Wed, 26 Jun 2024 00:21:00 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-samesite
secure
brow-laminating-gel-2024-05-IMAGE-2_D-min
cdn.media.amplience.net/i/elfcosmetics/
41 KB
41 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-2_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-2_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-2_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
7b8605432e9c27615d25a6c7b17736cd04246f5e870795f30ee11af997e4e9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:00 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
T9_zPP76c,l4p5bDg2e,WbXrjzt4d,WepA0szpz
x-req-id
sOzzX0xP1P
content-length
41902
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Fri, 31 May 2024 07:00:10 GMT
project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min
cdn.media.amplience.net/i/elfcosmetics/
63 KB
63 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
d790874f1dd7070e825fb030f5184d25df09ce717cae40f228cbc8a474899269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:00 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
75qsyI94w,l4p5bDg2e,1jSdAz_q5,WepA0szpz
x-req-id
xvDioUmw9A
content-length
64250
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 03 Jun 2024 15:55:01 GMT
local
www.sandbox.paypal.com/credit-presentment/experiments/ Frame 2F78
0
0
Document
General
Full URL
https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRiU2pQenBpdWdMVWFtTGJ4anNMTnRuMVNWdllkMURaQUZsY3FlMHNfZGZjUURqZ09OME16eDlLMndWaEprQ0g4UUVNOVZMVGVBVF9vTXImaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1DQUQmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9ydXlueHN5YnZnc2llZGpreW1jdnZmemh0cHhyaHcifX0&env=sandbox&scriptUID=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&version=1.64.6&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdbSjPzpiugLUamLbxjsLNtn1SVvYd1DZAFlcqe0s_dfcQDjgON0Mzx9K2wVhJkCH8QEM9VLTeAT_oMr&intent=authorize&currency=CAD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
27906
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1523
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Wed, 26 Jun 2024 00:21:00 GMT
edge-cache-tag
up-treatments-zoid
etag
W/"1479-rcjjDmCYbnZKEiOs2pd/xEvI80U"
http_x_pp_az_locator
ccg18.slc
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f1844189c7190
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc=gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f1844189c7190-984e8597e0b4fad3-01
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS, HIT
x-cache-hits
0, 715
x-served-by
cache-fra-etou8220106-FRA, cache-fra-eddf8230052-FRA
x-timer
S1719361260.329136,VS0,VE1
x-xss-protection
1; mode=block
exist
srm.ba.contentsquare.net/
2 B
94 B
Fetch
General
Full URL
https://srm.ba.contentsquare.net/exist?v=14.19.1&pid=1926&pn=1&sn=1&uu=2bc49004-34b8-a0dc-a2a0-c6721526015c
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.84.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-84-62.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 00:21:00 GMT
content-length
2
content-type
application/json
logger
www.sandbox.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.sandbox.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
none
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://frca-development.elfcosmetics.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
date
Wed, 26 Jun 2024 00:21:00 GMT
http_x_pp_az_locator
ccg18.slc
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f2452410c1d37
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f2452410c1d37-d2c8c87d95e9db9e-01
vary
accept-encoding
via
1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220155-FRA, cache-fra-eddf8230127-FRA
x-timer
S1719361260.333561,VS0,VE186
logger
www.sandbox.paypal.com/xoplatform/logger/api/
1002 B
865 B
XHR
General
Full URL
https://www.sandbox.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
742d8703a40b005e13f52c33b92c8cccb74cd527d4eeca3dd2ec54f4c229f61b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:00 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f60042946705c
http_x_pp_az_locator
ccg18.slc
x-served-by
cache-fra-eddf8230159-FRA, cache-fra-eddf8230127-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f60042946705c-dcb65caef5428282-01
x-timer
S1719361261.527077,VS0,VE176
etag
W/"3ea-CAkkAO2cFH9T+vnViDYUiy2AEeA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://frca-development.elfcosmetics.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
collect
sgtm.elfcosmetics.com/g/
65 B
127 B
XHR
General
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46o1v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=543098860.1719361260&ecid=995747641&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-HE&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=MA&sst.rnd=1794215606.1719361259&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1719361259&sct=1&seg=1&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&_s=3&tfd=25811&richsstsse
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 26 Jun 2024 00:21:00 GMT
via
1.1 google, 1.1 google
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://frca-development.elfcosmetics.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
token
frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/
2 KB
2 KB
Fetch
General
Full URL
https://frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/token
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11472/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.45.200.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-200-122.compute-1.amazonaws.com
Software
/
Resource Hash
9dbee6e3fba21a23b1a56f1b67b702e6d116dd94eb1e6a26cf8c6b7e956c5c9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
c_x-pwa-request
true
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-correlation-id
899908e9ec932d08
cf-cache-status
DYNAMIC
via
1.1 fb71bc40c2ca2e3f3af674bf6527ac8a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P3
age
0
x-yottaa-optimizations
ob/1000 si/38D1cc02313e-1719340557-8399453219 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
x-sl-norewrite
1
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-ratelimit-1m-remaining
499, 1998505
x-ratelimit-1m-reset
58858, 58857
vary
Accept-Encoding, Accept-Encoding, User-Agent
x-ratelimit-1m-limit
500, 2000000
content-type
application/json; charset=utf-8
cache-control
no-store
x-yottaa-os
200
x-server
Smartling
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/token
x-yottaa-metrics
3821cc023182/[489,484,-] 38D1cc02313e/[-,491.525]
cf-ray
899908e9ec932d08-IAD
x-amz-cf-id
9_YwvJAFFgDeB6YqJ9RrGaaFlXYEdNyTLyVigl1vFb91jt1PInsV-g==
x-sl-notranslate
1
viewPage
api.cquotient.com/v3/activities/bbxc-elf-us/ Frame
0
0
Preflight
General
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.23.152 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cq-client-id
Access-Control-Request-Method
POST
Origin
https://frca-development.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type, x-cq-tenant, x-cq-client-id
access-control-allow-methods
POST
access-control-allow-origin
https://frca-development.elfcosmetics.com
content-length
0
date
Wed, 26 Jun 2024 00:21:01 GMT
server
envoy
strict-transport-security
max-age=15552000; includeSubdomains
x-envoy-upstream-service-time
1
sessions
frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/
0
0

shoppercontext
frca-development.elfcosmetics.com/api/v1/
0
0

sync
sdk.iad-05.braze.com/api/v3/content_cards/
85 B
253 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a79c58a0aa11096d12cb4eaf0154379ee67b716364b28fd9fdb99dafbc7a5674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Braze-Req-Tokens-Remaining
27
X-Braze-Api-Key
23316cb7-f57f-4f14-a7d3-8bed8ca921f5
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
2104
BRAZE-SYNC-RETRY-COUNT
0
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frca-development.elfcosmetics.com/
X-Braze-Req-Attempt
1
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
a8046506-d61b-4bc7-b94e-7705e32eff49
x-runtime
0.042386
server
cloudflare
etag
W/"a79c58a0aa11096d12cb4eaf0154379e"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1719361263
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
899908eb0f884d2b-FRA
x-ratelimit-remaining
499.0
geo-ip
frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/
0
0

geo-ip
frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/
0
0

baskets
frca-development.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_dev/customers/bcxHa1lXAUlbaRmbEUwWYYwuoW/
11 B
915 B
Fetch
General
Full URL
https://frca-development.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_dev/customers/bcxHa1lXAUlbaRmbEUwWYYwuoW/baskets?siteId=elf-us
Requested by
Host: frca-development.elfcosmetics.com
URL: https://frca-development.elfcosmetics.com/mobify/bundle/11472/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.45.200.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-200-122.compute-1.amazonaws.com
Software
/
Resource Hash
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19kZXYiLCJraWQiOiI3ZDBiMzhlZi1lYTg4LTQyYTUtYTVjZS1mMDI1MWU5YWRjNGQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnRhX2V4dF9vbl9iZWhhbGZfb2Ygc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5ydyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnBheW1lbnRpbnN0cnVtZW50cyBzZmNjLnNob3BwZXItY3VzdG9tZXJzLmxvZ2luIHNmY2Muc2hvcHBlci1jb250ZXh0LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQub3JkZXJzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMucmVnaXN0ZXIgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucHJvZHVjdGxpc3RzLnJ3IHNmY2Muc2hvcHBlci1wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLXByb21vdGlvbnMgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzLnJ3IHNmY2Muc2hvcHBlci1naWZ0LWNlcnRpZmljYXRlcyBzZmNjLnNob3BwZXItcHJvZHVjdC1zZWFyY2ggc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLWNhdGVnb3JpZXMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudCIsInN1YiI6ImNjLXNsYXM6OmJieGNfZGV2OjpzY2lkOmJjNGI5MWM2LTY5NjAtNGNiOS1iNDRkLTMzY2M3ZGZlNjc5Yjo6dXNpZDpmMDc3NzA0MC04ODBjLTRhZDItODU3NS1lMTQzMjMzMDdmYTEiLCJjdHgiOiJzbGFzIiwiaXNzIjoic2xhcy9wcm9kL2JieGNfZGV2IiwiaXN0IjoxLCJkbnQiOiIwIiwiYXVkIjoiY29tbWVyY2VjbG91ZC9wcm9kL2JieGNfZGV2IiwibmJmIjoxNzE5MzYxMjMxLCJzdHkiOiJVc2VyIiwiaXNiIjoidWlkbzpzbGFzOjp1cG46R3Vlc3Q6OnVpZG46R3Vlc3QgVXNlcjo6Z2NpZDpiY3hIYTFsWEFVbGJhUm1iRVV3V1lZd3VvVzo6Y2hpZDogIiwiZXhwIjoxNzE5MzYzMDYxLCJpYXQiOjE3MTkzNjEyNjEsImp0aSI6IkMyQzE5NTE2NDkyNjkwLTQyNDY0OTgyMDUxMzg2MzUxODE3OTE1NSJ9.ZYQuaxhff5tse0oQeHO6U6sn_6kKX15HX9rlHwfreZxrkxIDXjmKIzV7TecowJ_2q5ckMwlSujPKdk-or8J9BQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:01 GMT
sfdc_customization
HOOK
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
899908ecca7959c2
x-content-type-options
nosniff
via
1.1 97971aa6c140e2dfc8adaee6c929eedc.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-yottaa-optimizations
ob/1000 si/23D1cc8d5973-1719340557-8789373362 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
age
0
x-sl-norewrite
1
alt-svc
h3=":443"; ma=86400
vary
Accept-Encoding, Accept-Encoding
allow
GET,HEAD,OPTIONS
content-type
application/json; charset=utf-8
x-ratelimit-remaining
999
cache-control
max-age=0,no-cache,no-store
x-yottaa-os
200
x-server
Smartling
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_dev/customers/bcxHa1lXAUlbaRmbEUwWYYwuoW/baskets?siteId=elf-us
x-ratelimit-limit
99999
x-yottaa-metrics
23214047a167/[165,152,-] 23D1cc8d5973/[-,168.885]
cf-ray
899908ecca7959c2-IAD
x-amz-cf-id
U5NxDCJWT0F0gjHwRFKYsHnBIVbDXnmDPlKxCn1l6PYkklv3NOU0nA==
x-sl-notranslate
1
viewPage
api.cquotient.com/v3/activities/bbxc-elf-us/
98 B
526 B
Fetch
General
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.23.152 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
24be9df27c2e292dc4495eac2f93fd861918f645dc778a0d370c5ed5bac8cb37
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-cq-client-id
bc4b91c6-6960-4cb9-b44d-33cc7dfe679b
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:01 GMT
strict-transport-security
max-age=15552000; includeSubdomains
server
envoy
etag
W/"62-N5dWJZdFusM6U8ApQO4NsRXuE+o"
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://frca-development.elfcosmetics.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
content-length
98
458359.gif
idsync.rlcdn.com/
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/458359.gif?partner_uid=744e7e80-dc40-466f-ae1f-610b47d2cd5f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
8 KB
4 KB
XHR
General
Full URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Requested by
Host: pinchjs-cdn.gdn.smartling.com
URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.213.135.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-135-225.compute-1.amazonaws.com
Software
/
Resource Hash
84d4961838ee82bf46ab7244974ca52ad3f1358064eba1cf9b7e7a54515c5a5a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-SL-PJS-Version
0.284
X-SL-PJS-Uid
a8aa72de7
Accept-Language
de-DE,de;q=0.9;q=0.9
X-SL-PJS-Locale
fr-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://frca-development.elfcosmetics.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 00:21:01 GMT
content-encoding
gzip
access-control-allow-headers
*
content-length
4307
apigw-requestid
Z8vFJhXtoAMEbbw=
content-type
application/json
brow-laminating-gel-2024-05-IMAGE-3_D-min
cdn.media.amplience.net/i/elfcosmetics/
24 KB
24 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-3_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-3_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-3_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
944ef702f74c848d4f7c3f732c49020fa7c97f249c41fa52cfacc0f7c08bdb81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:01 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
BYz8nylgf,l4p5bDg2e,RXQrFclTW,WepA0szpz
x-req-id
9aD7fsoAwj
content-length
24526
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Fri, 31 May 2024 07:00:10 GMT
project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min
cdn.media.amplience.net/i/elfcosmetics/
37 KB
37 KB
Image
General
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
3112e5c63e9d51b903fd0531e92020dcbe8a03ffe1fdadeb77627fe4868771fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://frca-development.elfcosmetics.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 00:21:01 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
4xteYXg9W,l4p5bDg2e,oYd3ZsbSY,WepA0szpz
x-req-id
eHVHPoTjri
content-length
37925
x-xss-protection
1; mode=block
x-amp-source-height
1040
server
Unknown
x-frame-options
DENY
x-amp-source-width
1440
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Mon, 03 Jun 2024 15:55:01 GMT
/
pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
0
0

baskets
frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
frca-development.elfcosmetics.com
URL
https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Domain
frca-development.elfcosmetics.com
URL
https://frca-development.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Domain
frca-development.elfcosmetics.com
URL
https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=185.213.155.157
Domain
frca-development.elfcosmetics.com
URL
https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=185.213.155.157
Domain
pinchjs.gdn.smartling.com
URL
https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/
Domain
frca-development.elfcosmetics.com
URL
https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage object| slPatternMasksInit object| slEncryptedTranslations object| slApiConfig boolean| __slInitialized object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host object| __LOADABLE_LOADED_CHUNKS__ object| slCustomJsCode function| _ object| regeneratorRuntime function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive boolean| __HYDRATING__ object| dataLayer function| getDataLayerEvent boolean| rakutenDataLayer object| DataLayer object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otSPAPathChange boolean| otIsInitialized boolean| otBlockOptOutInitReload function| OptanonWrapper object| DYcustom object| OneTrustStub object| DYO function| DYID object| contextManager object| DYJSON object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga number| gtmPageLoadId object| _uxa string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust object| gaplugins object| gaGlobal object| gaData object| DYExps boolean| otLastAcceptAllValue object| DYWork function| $dy object| DYCS object| content function| onYouTubeIframeAPIReady function| ___rmuid object| ___RMCMPW object| CS_CONF function| csSymbol object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| UXAnalytics object| CSCurrentScript object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| ogJsonpFunction object| OG object| __post_robot_11_0_0___uid_ruynxsybvgsiedjkymcvvfzhtpxrhw object| paypal object| __zoid_10_3_3___uid_ruynxsybvgsiedjkymcvvfzhtpxrhw

33 Cookies

Domain/Path Name / Value
frca-development.elfcosmetics.com/ Name: initAuthComplete
Value: true
.elfcosmetics.com/ Name: ab.storage.sessionId.23316cb7-f57f-4f14-a7d3-8bed8ca921f5
Value: g%3A89cf665a-c9e0-f8fc-0cd1-f499bdbfa0f1%7Ce%3A1719363058530%7Cc%3A1719361258530%7Cl%3A1719361258530
.elfcosmetics.com/ Name: ab.storage.deviceId.23316cb7-f57f-4f14-a7d3-8bed8ca921f5
Value: g%3Add9400d9-332d-10a6-c1ba-825e8a6dfef1%7Ce%3Aundefined%7Cc%3A1719361258533%7Cl%3A1719361258533
.elfcosmetics.com/ Name: _gcl_au
Value: 1.1.1483333547.1719361259
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E?buX@YD!]tbP6j2F-XstGt!@E>o%3ZCm
.adnxs.com/ Name: XANDR_PANID
Value: 0cE_APHABPHDjRVVBvEdiaw9gRGEgyOalxCfV6hXDcmft1rF5EjQkoT46oLellf1NVqR8cewriLHGoPzB16IxD0A-GM75mEFoVFX_oXwQAE.
.adnxs.com/ Name: uuid2
Value: 1822388440415594607
.elfcosmetics.com/ Name: _ga
Value: GA1.2.1158630202.1719361259
.elfcosmetics.com/ Name: _gid
Value: GA1.2.1201775667.1719361259
.elfcosmetics.com/ Name: _gat_UA-432816-1
Value: 1
.elfcosmetics.com/ Name: _dyjsession
Value: 3d4nf4r5ey8ulugcrl9ovmj7z8uise58
.elfcosmetics.com/ Name: dy_fs_page
Value: frca-development.elfcosmetics.com
.elfcosmetics.com/ Name: _dy_csc_ses
Value: 3d4nf4r5ey8ulugcrl9ovmj7z8uise58
.elfcosmetics.com/ Name: _dy_c_exps
Value:
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.dynamicyield.com/ Name: DYID
Value: 6300536120928853739
.elfcosmetics.com/ Name: _dycnst
Value: dg
.elfcosmetics.com/ Name: _dyid
Value: 6300536120928853739
.elfcosmetics.com/ Name: _dycst
Value: dk.w.c.ws.fst.
.elfcosmetics.com/ Name: _dy_geo
Value: DE.EU.DE_HE.DE_HE_Frankfurt%20am%20Main
.elfcosmetics.com/ Name: _dy_df_geo
Value: Germany..Frankfurt%20am%20Main
.elfcosmetics.com/ Name: _dy_toffset
Value: 0
.elfcosmetics.com/ Name: _dy_soct
Value: 647796.1248068.1719361259.3d4nf4r5ey8ulugcrl9ovmj7z8uise58*836603.1652212.1719361259*837245.1654610.1719361259*861617.1750272.1719361259*926162.2078808.1719361259*928890.1982571.1719361259*960888.2078831.1719361259
.elfcosmetics.com/ Name: rmStore
Value: dmid:9097
.youtube.com/ Name: YSC
Value: sH3Lu6dJ4Tw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Zv5Z-qWu3Yw
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgbQ%3D%3D
.elfcosmetics.com/ Name: _cs_c
Value: 0
.elfcosmetics.com/ Name: _cs_id
Value: 2bc49004-34b8-a0dc-a2a0-c6721526015c.1719361259.1.1719361259.1719361259.1558384338.1753525259767.1
.elfcosmetics.com/ Name: og_session_id
Value: 1e72a9589c4f11e9a62ebc764e10b970.53337.1719361260
.linksynergy.com/ Name: rmuid
Value: 744e7e80-dc40-466f-ae1f-610b47d2cd5f
.elfcosmetics.com/ Name: _cs_s
Value: 1.5.0.1719363060067

1 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/458359.gif?partner_uid=744e7e80-dc40-466f-ae1f-610b47d2cd5f
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
api.cquotient.com
api.ipify.org
async-px.dynamicyield.com
c.contentsquare.net
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
frca-development.elfcosmetics.com
geolocation.onetrust.com
googleads.g.doubleclick.net
idsync.rlcdn.com
insight.adsrvr.org
pinchjs-cdn.gdn.smartling.com
pinchjs.gdn.smartling.com
region1.google-analytics.com
sdk.iad-05.braze.com
secure.adnxs.com
sgtm.elfcosmetics.com
srm.ba.contentsquare.net
st.dynamicyield.com
staging.static.ordergroove.com
t.contentsquare.net
tag.rmp.rakuten.com
ut.rd.linksynergy.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.paypal.com
www.sandbox.paypal.com
www.youtube.com
frca-development.elfcosmetics.com
pinchjs.gdn.smartling.com
104.26.13.205
13.35.58.125
142.250.184.200
142.250.186.78
151.101.1.21
151.101.195.1
151.101.3.1
172.217.16.130
172.217.16.132
18.213.135.225
18.244.18.112
2001:4860:4802:32::36
216.58.212.162
2600:9000:211e:8600:1b:8846:8500:93a1
2600:9000:2250:ea00:15:ad21:c740:93a1
2600:9000:275d:f800:a:b89d:a6c0:93a1
2606:4700:4400::6812:2089
2606:4700:4400::6812:25a1
2606:4700::6813:b134
2a00:1450:4001:803::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2008
2a02:26f0:3100::1735:2b10
2a02:26f0:3100::1735:2b59
34.102.147.248
34.111.194.77
34.49.124.132
34.98.67.3
35.244.174.68
35.71.131.137
37.252.171.149
52.212.62.146
52.45.200.122
54.171.23.152
63.32.84.62
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
05d6a1f5cbdc45af1b0a63a615135dc1065f22f611517e428ed6ec64bddbef88
07ee3507970bffebc468c7519df71956f25cbd951cfc23c670a25d740b07fb40
10b0a8089c1cea1328c2b06cb238c94036614502d91aec1e98309c560b3d316a
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
12aef701f9abbb77ad769e835f981ab2c6b7dd1f7f19ffb59261b23084fbed98
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
147f6c57c05b20ffc422296d90361d70008496016fd1effbf88cc65064565818
17396c6bb47c7af35dad7463330cba53be78c77704ffe6b9ba60298ae47e3934
18ba19e3b20996ceaec26cb04ccf96a0409efdaed19b5712dd2689bdbd227800
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f5dee40752ba2e5049c8e4e6e34090739d480f8b663308eeb2d4f6468fb1cf5
225e65362afdff366c29b1dcfadc7bd9efbe3a406b99cf4ea4eafa32447133e6
24be9df27c2e292dc4495eac2f93fd861918f645dc778a0d370c5ed5bac8cb37
2987599d351aa7fa2878bf9af44c0fb46d1da1aa9d5c374a391678bff551f06d
3112e5c63e9d51b903fd0531e92020dcbe8a03ffe1fdadeb77627fe4868771fc
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
34a6ee4e88a6e7fc683dcc91a87ef959578de03d8e4002a8d50e647ad06d18f3
352c2a7a4992466942e8d3aa677fd92a8a61ad1bd9a79a3232e37849c71a11c5
3dae94126362e2c8b80dfbc73f6b32f15be7805cbdf6739a72cab5ca534c15e0
41c8444b30739591c1f9a293dbe129dbadedd00a29535a09bd6bd3f8e3bfec62
424811d19077cc61b390a6575f2b91531aae506b069eab65cba6ce35ddb6a750
42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58
45d21d36952fe978daaa93617316f7a968a9dfbfe4acafb01bf4d1bc85585adf
498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
556439ae99de9152826ea7a09b6a485315e1a783563542df48051122040576ac
563909110c5337aef57cfeb95cae7cd6c4b714c45e6a3dce42ec70c58e038d11
56c989ad68e2d657ec33446633534c0d2b3ee0aeaa1cbe4ef8a21a1e9a5c3b99
59e46d01ff9a430de7b1928dea92399e5508e659ae4599aabaa001b3f3faa9f3
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
60bcf01d04394617737446dc979e69c27ed9d8707decce34b5986d9be29a2d7d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d4040c70033d1b909ef1133deddc8d454e05467be6975afa26ac324e1fadea7
6f6f95f8cd39b9625e7c23ce8435d8e7e6bdd896a87f52437261376df381f792
742d8703a40b005e13f52c33b92c8cccb74cd527d4eeca3dd2ec54f4c229f61b
7b8605432e9c27615d25a6c7b17736cd04246f5e870795f30ee11af997e4e9cd
8156e978b8f902bb27d56d9baeb9f76f37fc4dbbc718f8d95a2bf9936d07b361
81c75e5b9f1c58313526e4395b2a85eb13313e3a516b1bedf2b004d471933dc7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d4961838ee82bf46ab7244974ca52ad3f1358064eba1cf9b7e7a54515c5a5a
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7
88aa2fdba45f190a43ebb418538c48514becd87ea5b6631a70cfb6568f74140d
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
944ef702f74c848d4f7c3f732c49020fa7c97f249c41fa52cfacc0f7c08bdb81
962c3325defd7f502b51391c9e86cf7712e2a54cd472a8fd5de96e2c0e01b716
97996c9985c6b958fe1325fc72f641b0118c639d32f7b78f3d3245d83a588e43
9dbee6e3fba21a23b1a56f1b67b702e6d116dd94eb1e6a26cf8c6b7e956c5c9f
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a79c58a0aa11096d12cb4eaf0154379ee67b716364b28fd9fdb99dafbc7a5674
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf5a74b315f3c549fd6e056a7023c7546934b873c7e0d3c70b563eb6e1cd4987
bfb40ce76d0e0a46406467387115ddcca7432261d8046709448bbfaca56f0233
c04c2a9e91f5c91967c8716f3d885af6beb95566f26fc386a2f74a9cebdbc616
c48476ffd21ed753a90b11db277894d1c3f1bf60a2cc735abfbe1db237cdafe0
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
c97c9953abec796c4b0bd74a315a62e21947e66246a8f19ac91f0650325a405d
cc11897bd686817da4d462b4fc503101091e6df96894ef4f58a7546285013a84
ccf05e34a56ce4958cebf205da9e7dc9db7ac4e8c799ae5f9b3d06e5dd842e78
d790874f1dd7070e825fb030f5184d25df09ce717cae40f228cbc8a474899269
d841b6859d2469f63df65c0a91d70da822367d82810d4d08900d79b21bdddc19
dae9b41d89e2f4c730c24f101106c03ac157d2f3efc24d526a40279f9576dafa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0bf1256d05876b0703026d1f3d675729cc9b1734d3c85c4da80d46df7bc9560
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
e94d708e9dc761fb1e714afe78b59026d8a7bc7641c89803d854c84cfa1e8b89
ed581d995ab7b60ef12045e89c599ae81f15846028a0ce09d81c3c4298078d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12a8b5b11f2d6de29c54ef1cc7abcaae17f77c7f7af855e9bb6e489ecc2f089
f4d5103576ca3021541a6eb4ece82f19b2b2ac610297ccb565da0fdcc8bf479e
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fa15cc3b8e86d8c69f09deffb960d3b44651ad33c9c79b1466a4b354df6b9488