urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmetics.co.uk Open in urlscan Pro
204.2.48.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.cosmeticscriminal.co.uk/
Effective URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Submission: On September 26 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 2 countries across 18 domains to perform 88 HTTP transactions. The main IP is 204.2.48.22, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.co.uk. The Cisco Umbrella rank of the primary domain is 865539.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time www.elfcosmetics.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 165.254.198.210 393259 (YOTTAA-AS-1)
1 13 204.2.48.22 393259 (YOTTAA-AS-1)
2 162.159.138.60 13335 (CLOUDFLAR...)
1 2607:f8b0:402... 15169 (GOOGLE)
2 8 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
2 2607:f8b0:402... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 151.101.130.133 54113 (FASTLY)
12 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.26.12.205 13335 (CLOUDFLAR...)
5 104.18.38.107 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 204.141.89.251 393259 (YOTTAA-AS-1)
4 151.101.1.21 54113 (FASTLY)
2 35.190.10.96 15169 (GOOGLE)
1 151.101.65.21 54113 (FASTLY)
2 151.101.3.1 54113 (FASTLY)
2 192.229.210.155 15133 (EDGECAST)
2 54.165.23.229 14618 (AMAZON-AES)
3 172.64.145.183 13335 (CLOUDFLAR...)
2 108.138.106.40 16509 (AMAZON-02)
13 192.225.157.157 30286 (THM)
1 192.225.158.1 30286 (THM)
1 2620:f3:0:14:... 30286 (THM)
1 192.225.158.3 30286 (THM)
88 26
1    165.254.198.210 (United States)

ASN393259 (YOTTAA-AS-1, US)
www.cosmeticscriminal.co.uk
13    204.2.48.22 (United States)

ASN393259 (YOTTAA-AS-1, US)
www.elfcosmetics.co.uk
2    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
1    2607:f8b0:4023:1407::88 (Columbus, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
8    2606:4700:4400::6812:20dd (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.media.amplience.net
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2607:f8b0:4023:1419::5b (Columbus, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2606:4700:4400::ac40:96d1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.static.amplience.net
3    151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn-fsly.yottaa.net
12    2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
5    104.18.38.107 (None, )

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    204.141.89.251 (United States)

ASN393259 (YOTTAA-AS-1, US)
qoe-1.yottaa.net
4    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxxt4gy2ig.px-cloud.net
1    151.101.65.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    151.101.3.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
2    192.229.210.155 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    54.165.23.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-23-229.compute-1.amazonaws.com
api.cquotient.com
3    172.64.145.183 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
elfcosmetics.a.bigcontent.io
2    108.138.106.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-40.jfk50.r.cloudfront.net
cdn-scripts.signifyd.com
13    192.225.157.157 (United States)

ASN30286 (THM, US)
imgs.signifyd.com
1    192.225.158.1 (United States)

ASN30286 (THM, US)
h.online-metrix.net
1    2620:f3:0:14:b401:8ee8:4321:ad82 (United States)

ASN30286 (THM, US)
h64.online-metrix.net
1    192.225.158.3 (United States)

ASN30286 (THM, US)
w2txo5aa6aasod6q7uwepf5cq3z5zart5nuicokd69352d6174e35d90sac.d.aa.online-metrix.net
Apex Domain
Subdomains		 Transfer
15 signifyd.com
cdn-scripts.signifyd.com — Cisco Umbrella Rank: 9317
imgs.signifyd.com — Cisco Umbrella Rank: 7616
73 KB
13 elfcosmetics.co.uk
www.elfcosmetics.co.uk — Cisco Umbrella Rank: 865539
392 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 351
172 KB
10 amplience.net
cdn.media.amplience.net — Cisco Umbrella Rank: 13910
cdn.static.amplience.net — Cisco Umbrella Rank: 42545
6 MB
7 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3337
t.paypal.com — Cisco Umbrella Rank: 4028
127 KB
5 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 2603
1 KB
4 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 36007 Failed
qoe-1.yottaa.net — Cisco Umbrella Rank: 12272
1 MB
3 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 3451
h64.online-metrix.net — Cisco Umbrella Rank: 2673
w2txo5aa6aasod6q7uwepf5cq3z5zart5nuicokd69352d6174e35d90sac.d.aa.online-metrix.net
837 B
3 bigcontent.io
elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 167660
10 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 78
12 KB
2 cquotient.com
api.cquotient.com — Cisco Umbrella Rank: 38917
519 B
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 3005
16 KB
2 px-cloud.net
collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 963184
1 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2176
233 B
2 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2385
12 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 550
304 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 851
24 KB
1 cosmeticscriminal.co.uk
www.cosmeticscriminal.co.uk
1 KB
88 18
Domain Requested by
13 imgs.signifyd.com www.elfcosmetics.co.uk
imgs.signifyd.com
13 www.elfcosmetics.co.uk 1 redirects www.elfcosmetics.co.uk
cdn-fsly.yottaa.net
12 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
www.elfcosmetics.co.uk
8 cdn.media.amplience.net 2 redirects www.elfcosmetics.co.uk
5 www.paypal.com www.elfcosmetics.co.uk
www.paypal.com
5 sdk.iad-05.braze.com cdn-fsly.yottaa.net
3 elfcosmetics.a.bigcontent.io
3 www.youtube.com www.elfcosmetics.co.uk
3 cdn-fsly.yottaa.net www.elfcosmetics.co.uk
2 cdn-scripts.signifyd.com www.elfcosmetics.co.uk
2 api.cquotient.com www.elfcosmetics.co.uk
2 www.paypalobjects.com www.elfcosmetics.co.uk
2 t.paypal.com
2 collector-pxxt4gy2ig.px-cloud.net www.elfcosmetics.co.uk
2 api.ipify.org cdn-fsly.yottaa.net
2 cdn.static.amplience.net www.elfcosmetics.co.uk
2 player.vimeo.com www.elfcosmetics.co.uk
1 w2txo5aa6aasod6q7uwepf5cq3z5zart5nuicokd69352d6174e35d90sac.d.aa.online-metrix.net
1 h64.online-metrix.net imgs.signifyd.com
1 h.online-metrix.net imgs.signifyd.com
1 qoe-1.yottaa.net www.elfcosmetics.co.uk
1 geolocation.onetrust.com cdn.cookielaw.org
1 code.jquery.com www.elfcosmetics.co.uk
1 www.cosmeticscriminal.co.uk 1 redirects
88 24
Subject Issuer Validity Valid
*.elfcosmetics.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2023-09-25 -
2024-10-25		 a year crt.sh
player.vimeo.com
WE1		 2024-09-22 -
2024-12-21		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-05 -
2025-08-14		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2024-09-05 -
2025-10-07		 a year crt.sh
cookielaw.org
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
ipify.org
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
sdk.iad-05.braze.com
WE1		 2024-08-15 -
2024-11-13		 3 months crt.sh
geolocation.onetrust.com
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2024-08-16 -
2025-09-15		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 a year crt.sh
*.cquotient.com
Amazon RSA 2048 M02		 2024-03-05 -
2025-04-02		 a year crt.sh
*.bigcontent.io
GeoTrust TLS RSA CA G1		 2024-04-02 -
2025-05-03		 a year crt.sh
cdn-scripts.signifyd.com
Amazon RSA 2048 M02		 2024-06-02 -
2025-06-30		 a year crt.sh
imgs.signifyd.com
Go Daddy Secure Certificate Authority - G2		 2023-10-20 -
2024-11-20		 a year crt.sh
online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2024-03-20 -
2024-10-21		 7 months crt.sh
*.aa.online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2024-03-20 -
2024-10-21		 7 months crt.sh

This page contains 9 frames:

Primary Page: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Frame ID: 9F0EA57A7FBC17733B8E380CA83BDAAF
Requests: 68 HTTP requests in this frame

Frame: https://player.vimeo.com/video/985935623?h=0fd60177fc&badge=0&autopause=0&player_id=0&app_id=58479
Frame ID: D8608D7E0AAB93E43C2D4156E6057FFA
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/rZPCKoUReO0?enablejsapi=1
Frame ID: E202EACDF9E8B1BF27C7146614582375
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.11&integrationType=SDK
Frame ID: 9836E1F3E42C25AA255187C079CAFC47
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: A658CB0155B7A228F5E1633F5AC89AE2
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Frame ID: C729418216097FCB0852D574BB10DCAA
Requests: 12 HTTP requests in this frame

Frame: https://imgs.signifyd.com/wekaI0Wv7AHlAfeu?4e2a8e6f20b17323=06BLfUffQDEh5PZ9nkKdZLWnpThYBT2Bw_MBjjwbgckc3g3Yu7OtKDWAz5U-BrpOpa4-Eo0tlZSd9m3A26yEvAPhacGCXrnrn_BHzqcD2MgGREZpaYe-NVwbyXlbkQLxnpdclGFeZiEZOCkPFfZ-Bj7SdDrbd2IgFpmLs38brDqlF7YvSOyYYWD3QTUi2UyKdZ9KOUdXgzHldmFajpM
Frame ID: 59E1783289F21AB232BC2DD757E06D82
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/ID2KkWGLyU4kApMo?ef0aaf9e0eaa90bd=ttnKHPq90NmrtwVjOEHAzNGGcU-PdpPrXcCFub5l9aMRbtMGM_qbiPpfMUujezhX4F_-m7jnOCpRW1yecci0Yf7HVUG0VPhHORYTlMurY-Wq8zkdEX9TSNAPHb33LSXdWZbZMF9vp84_oIugpCsX0hKmk9jRUQaUnfy9HZmvp2YUP3bsSMfKoY7mPZWUwXjEkG4dsENN4XQs0DZEn9HQ
Frame ID: 1B29B706EF2F21913EBC0DF2C38146A4
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/9ZIHtIVnRrPx6lnb?953ed370ef750730=Tot7eJSt2psoMZ_jbqYFiLHcnuIrEiKEgN0ybw8pMM96a8UIA2hqp25hv78UuBd-CJZYLkgMferMiB4Ya44EVkK6ak1V_ineF4dMskg8NE5trUWFTcV7gJjW1EQSdTOFBQQaHV01AWT79CVWm5YfGBrDE9v4N432og7Ro1u7BIqkAxgrVe_TW6gxAQfVdm3-je_mqgUmNYXP1ysLJeAu
Frame ID: 11E9CF91E77DBDFFFC82795A5A54FC4F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cosmetic Criminals | e.l.f. Cosmetics

Page URL History Show full URLs

  1. https://www.cosmeticscriminal.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/elf-cosmetic-criminals Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

92 %
HTTPS

31 %
IPv6

18
Domains

24
Subdomains

26
IPs

2
Countries

8281 kB
Transfer

13724 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.cosmeticscriminal.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/elf-cosmetic-criminals Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_CRIMESCENE_VID/mp4_720p HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
Request Chain 19
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_COSMETIC_CRIMINALS_VID/mp4_720p HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
Request Chain 26
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=rdRVaH0QgF3AmYfDIxTbrzpItCQCWEJfPK4eJZzkLLc HTTP 303
  • https://www.elfcosmetics.co.uk/callback?usid=2c6afbd5-0cf9-45ce-a25e-2f872dd12cc2&code=R-KWUZ6A-nzBfAwZkJE7xxirlaB4Nxam-OL7NJGdWw4

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request elf-cosmetic-criminals
www.elfcosmetics.co.uk/
Redirect Chain
  • https://www.cosmeticscriminal.co.uk/
  • https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
1 MB
268 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
4e277b87d65e419f9f6925abc6c010c316e96c9fa27c1001d40f20e6542006f4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
public, must-revalidate, s-maxage=900
content-encoding
gzip
content-length
272932
content-type
text/html; charset=utf-8
date
Thu, 26 Sep 2024 21:19:00 GMT
etag
W/"102ad8-dZV9C2VOLL7tOYEYXdGKrY3KCRI"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 e4d445814bb6c01f7098c39c67755452.cloudfront.net (CloudFront)
x-amz-apigw-id
eu1mgHb9iYcEMJA=
x-amz-cf-id
NFJ698XZzkMqeS1rEEc_kHQffOocxWAwi_BfjS19I-BtV62BOzZf7A==
x-amz-cf-pop
ORD52-C2
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
1059544
x-amzn-remapped-date
Thu, 26 Sep 2024 21:19:00 GMT
x-amzn-requestid
f9b2884f-1201-452f-9e5d-2f5194b66614
x-amzn-trace-id
Root=1-66f5cfc2-7623f5477133990d5661e475;Parent=08493ac65b14b1cc;Sampled=0;Lineage=1:dcd1e669:0
x-cache
Miss from cloudfront
x-yottaa-metrics
2621cc8d5873/[1645,1454,-] 26D1cc023016/[-,1797.754]
x-yottaa-optimizations
ob/1000000100001000 si/26D1cc023016-1727367206-6293381885 tts/1727279619573 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-yottaa-os
200

Redirect headers

age
0
content-length
1197
content-type
text/html; charset=utf-8
date
Thu, 26 Sep 2024 21:18:58 GMT
location
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
vary
User-Agent
x-yottaa-fw
fb/100000 tid/658f1f4fd931403bb4ae54b7 rid/658f266dd931403bb4ae60ab stid/5ad7b08e2bb0ac0c5ba3d38c
x-yottaa-metrics
32D1a5fec6d2/[-,0.322]
x-yottaa-optimizations
ob/0 si/32D1a5fec6d2-1727367207-4956550762 tts/1727385538588 ti/0 ai/658f1f4fd931403bb4ae54b7
/
cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.elfcosmetics.co.uk
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.elfcosmetics.co.uk
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
985935623
player.vimeo.com/video/ Frame D860 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/985935623?h=0fd60177fc&badge=0&autopause=0&player_id=0&app_id=58479
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-Ray
8c964a2fd852ac3f-YYZ
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Sep 2024 21:19:01 GMT
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 varnish
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-784878c969-chxx7
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-host
player-backend-784878c969-chxx7
x-player-backend
g
x-served-by
cache-yyz4582-YYZ
x-timer
S1727385541.112730,VS0,VE222
x-xss-protection
1; mode=block
rZPCKoUReO0
www.youtube.com/embed/ Frame E202 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/rZPCKoUReO0?enablejsapi=1
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1407::88 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Sep 2024 21:19:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
PWT_STORY_HEADER_DESKTOP_BG-min
cdn.media.amplience.net/i/elfcosmetics/ 		630 KB
630 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_BG-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

cf-cache-status
HIT
age
4146
x-amp-source-width
3199
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:01 GMT
edge-control
max-age=86400
content-type
image/jpeg
last-modified
Wed, 25 Sep 2024 20:32:09 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
t-WLpDMcG,l4p5bDg2e,2orsu9Nt2,k4NPUWi7z
cache-control
s-maxage=86400, max-age=1800
x-req-id
miXx5KVBib
x-amp-source-height
1249
x-amp-cf-worker
true
cf-ray
8c964a2fab8e4bd6-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
644728
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
PWT_STORY_HEADER_DESKTOP_CC-min
cdn.media.amplience.net/i/elfcosmetics/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_CC-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

cf-cache-status
HIT
age
4146
x-amp-source-width
800
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:01 GMT
edge-control
max-age=86400
content-type
image/png
last-modified
Wed, 25 Sep 2024 20:32:09 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
HEFp05FuV,l4p5bDg2e,HwG53bbZp,UyB2-aY-L
cache-control
s-maxage=86400, max-age=1800
x-req-id
4yfN0eF90O
x-amp-source-height
340
x-amp-cf-worker
true
cf-ray
8c964a2fab914bd6-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
209440
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
PWT_STORY_SOCIALLISTENING_DESKTOP_5-blurred-min
cdn.media.amplience.net/i/elfcosmetics/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_SOCIALLISTENING_DESKTOP_5-blurred-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbeef0b146607f5137f8f5434eeab8625ee0801da2af33e045528d191e512d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

cf-cache-status
HIT
age
4146
x-amp-source-width
3080
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:01 GMT
edge-control
max-age=86400
content-type
image/png
last-modified
Wed, 25 Sep 2024 20:32:09 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
bbZ7I4jYr,l4p5bDg2e,hUXp-ygcH,UyB2-aY-L
cache-control
s-maxage=86400, max-age=1800
x-req-id
iusGeruuNX
x-amp-source-height
1484
x-amp-cf-worker
true
cf-ray
8c964a2fab944bd6-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2085695
x-amp-published
Wed, 03 Jan 2024 21:02:28 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
PWT_STORY_DETECTIVES_DESKTOP_6-min
cdn.media.amplience.net/i/elfcosmetics/ 		330 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_DETECTIVES_DESKTOP_6-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb2ac35adc7dee4b051d05a7ffc844c9f61eb67b3ce350a16a552f98ffc4172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

cf-cache-status
HIT
age
4146
x-amp-source-width
2806
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:01 GMT
edge-control
max-age=86400
content-type
image/jpeg
last-modified
Wed, 25 Sep 2024 20:32:09 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
dRj4K7h-K,l4p5bDg2e,q-jdDBY1E,k4NPUWi7z
cache-control
s-maxage=86400, max-age=1800
x-req-id
eTn0FE0PQR
x-amp-source-height
1062
x-amp-cf-worker
true
cf-ray
8c964a2fab924bd6-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
338113
x-amp-published
Wed, 27 Dec 2023 17:21:33 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
PWT_STORY_ON_THE_CASE_DESKTOP_BTS-min
cdn.media.amplience.net/i/elfcosmetics/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_ON_THE_CASE_DESKTOP_BTS-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0204422805f76d793709204fd52e753cb059e5dd5099e41781499c8072e726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

cf-cache-status
HIT
age
4146
x-amp-source-width
1952
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:01 GMT
edge-control
max-age=86400
content-type
image/jpeg
last-modified
Wed, 25 Sep 2024 20:32:09 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
AiF_FR1th,l4p5bDg2e,O8QiTHpoz,k4NPUWi7z
cache-control
s-maxage=86400, max-age=1800
x-req-id
bsvsIuh4-k
x-amp-source-height
1108
x-amp-cf-worker
true
cf-ray
8c964a2fab934bd6-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
184181
x-amp-published
Fri, 29 Dec 2023 07:51:47 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
PWT_STORY_CRIME_TAPE_DESKTOP_7-min
cdn.media.amplience.net/i/elfcosmetics/ 		614 KB
614 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CRIME_TAPE_DESKTOP_7-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d207a7297589d062c2af128ee513190a9297959cb24c68078f68d64b899c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

cf-cache-status
HIT
age
4146
x-amp-source-width
3200
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 26 Sep 2024 21:19:01 GMT
edge-control
max-age=86400
content-type
image/png
last-modified
Wed, 25 Sep 2024 20:32:09 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
cUMOKR_Tu,l4p5bDg2e,N2xhcEEJW,UyB2-aY-L
cache-control
s-maxage=86400, max-age=1800
x-req-id
uYxFLbyN15
x-amp-source-height
525
x-amp-cf-worker
true
cf-ray
8c964a2fab954bd6-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
628288
x-amp-published
Thu, 28 Dec 2023 16:15:28 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
jquery-3.7.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.slim.min.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-encoding
gzip
etag
W/"28feccc0-11278"
age
2043435
x-cache
HIT, HIT
date
Thu, 26 Sep 2024 21:19:01 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
7729, 23019
x-served-by
cache-lga21987-LGA, cache-yul1970047-YUL
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1727385541.075503,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
24036
server
nginx
player.js
player.vimeo.com/api/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
794b9f4fa15362394d9913554121b956f2ee5f5dc368540a8cc761dc9c7668f1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Age
36
x-backend-server
player-backend-edge-entry
expires
Thu, 26 Sep 2024 17:48:24 GMT
x-player-backend
g
x-cache
HIT
Date
Thu, 26 Sep 2024 21:19:01 GMT
Content-Type
application/javascript;charset=utf-8
x-bapp-server
x-served-by
cache-yyz4572-YYZ
x-cache-hits
35
vary
Accept-Encoding
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
Cache-Control
max-age=1800
x-timer
S1727385541.083276,VS0,VE0
Connection
keep-alive
via
1.1 varnish
CF-RAY
8c964a2fb9dfabd9-YYZ
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
11434
Server
cloudflare
player_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1419::5b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35c3162b611c3aaa72c002b914be112f207e0f3bce58a033ec0437d9aad814e9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Thu, 26 Sep 2024 21:19:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Thu, 26 Sep 2024 21:19:01 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_CRIMESCENE_VID/mp4_720p
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Server
2606:4700:4400::ac40:96d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3efc48717edad187198d0a608a3b3a8195f0e5b6b6b41f27b78824796cbd61e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

access-control-max-age
3000
cf-cache-status
HIT
x-amz-version-id
null
etag
"dd3676819bd88a250c875a11e38c307d"
age
124351
access-control-allow-methods
GET, HEAD
date
Thu, 26 Sep 2024 21:19:01 GMT
content-type
video/mp4
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 22 Dec 2023 15:50:27 GMT
x-amz-id-2
EhWVt2ZKpe6Eg8J5w6mL24m89ZEJPKim2gKanRJfqE3xCWxu8eO7h4U5eZaSf3jvawNuftjLjws=
Content-Range
bytes 0-1060947/1060948
x-amz-request-id
55YY7DX2JQ64KHJ6
cf-ray
8c964a30ce00a2dc-YUL
access-control-allow-origin
*
Content-Length
1060948
server
cloudflare

Redirect headers

cf-cache-status
HIT
age
4146
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:01 GMT
edge-control
max-age=86400
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
1_W_uZnh5,l4p5bDg2e,bgWw7nQ29
cache-control
s-maxage=86400, max-age=1800
location
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
x-amp-cf-worker
true
cf-ray
8c964a2fbb9c4bd6-YUL
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
x-amp-srv
CF
server
cloudflare
c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_COSMETIC_CRIMINALS_VID/mp4_720p
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Server
2606:4700:4400::ac40:96d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae7d857dd8d096a5198b1e8280de9f929ca88d690e445731b6ffdffbf2b8383

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

access-control-max-age
3000
cf-cache-status
HIT
x-amz-version-id
null
etag
"91a2cbc7ca143aac79d0312d84bb77fb"
age
124351
access-control-allow-methods
GET, HEAD
date
Thu, 26 Sep 2024 21:19:01 GMT
content-type
video/mp4
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 22 Dec 2023 17:43:50 GMT
x-amz-id-2
zeFbbOTjepB7obopT7iq6amaR/gbD1YFP6pBSnLbv4pwvRRLgzhXEEC8vZbgbWI4M2vzUroTJL4=
Content-Range
bytes 0-1262366/1262367
x-amz-request-id
6XR1TFX79XQPQVQ3
cf-ray
8c964a30ce04a2dc-YUL
access-control-allow-origin
*
Content-Length
1262367
server
cloudflare

Redirect headers

cf-cache-status
HIT
age
4146
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 26 Sep 2024 21:19:01 GMT
edge-control
max-age=86400
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
8N0u74LhG,l4p5bDg2e,fH6Lo3_5e
cache-control
s-maxage=86400, max-age=1800
location
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
x-amp-cf-worker
true
cf-ray
8c964a2fbb9e4bd6-YUL
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
x-amp-srv
CF
server
cloudflare
vendor.js
cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/ 		2 MB
627 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1c837b83e593f154428f1615709ad1146a51818f6973ad5ea0d24c2bb619670

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

x-amz-meta-deploy
840428
content-encoding
gzip
etag
W/"67be37efb624b2bf362ebe7d9925c519"
age
613301
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
56YGbAEKueoaUPeARNyBdtNw2qLz7hQx3ao6NWocsdbqKy7j3S8q_A==
date
Thu, 26 Sep 2024 21:19:01 GMT
content-type
application/javascript; charset=utf8
last-modified
Wed, 21 Aug 2024 18:13:25 GMT
x-served-by
cache-yul1970044-YUL
x-cache-hits
0
x-yottaa-optimizations
ob/1000 si/33118cae0c64-1722432662-1660560905 tts/1726771541851 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
vary
Accept-Encoding
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
x-timer
S1727385541.053254,VS0,VE1
via
1.1 8a47e4aac22d4ea9e135eed10a1bbf52.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-bundle
11898
x-yottaa-metrics
33218cae0c77/[57,27,-] 33118cae0c64/[-,173.808]
accept-ranges
bytes
content-length
641170
x-amz-cf-pop
ATL56-P1
server
AmazonS3
main.js
cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/ 		2 MB
508 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/main.js?yocs=1c_1e_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1961d18c3e6b963bbb09b850a484e8c10fca2938ffe503e4f693c6e673618f87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

x-amz-meta-deploy
840428
content-encoding
gzip
etag
W/"32303a6621070ad73aca27746f01ca84"
age
613319
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
YrE4W-RSnlo5GrpDd8dJwtkYTsUg5TaEkP_v7utlbMJB5nScgVLjaA==
date
Thu, 26 Sep 2024 21:19:01 GMT
content-type
application/javascript; charset=utf8
last-modified
Wed, 21 Aug 2024 18:13:24 GMT
x-served-by
cache-yul1970044-YUL
x-cache-hits
0
x-yottaa-optimizations
ob/1101 si/33118cae0c65-1722432663-545459034 tts/1726771541851 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
vary
Accept-Encoding
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
x-timer
S1727385541.053267,VS0,VE1
via
1.1 d9385f35ab823b6294a5ec3a85ed4be6.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-bundle
11898
x-yottaa-metrics
33218cae0cf4/[13,-,1726772218219] 33118cae0c65/[hit]
accept-ranges
bytes
content-length
518958
x-amz-cf-pop
ATL56-P1
server
AmazonS3
pages-product-list-product-list-page.js
cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/pages-product-list-product-list-page.js?yocs=1c_1e_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60604eb6ccf99a00d1666b9081d65b4e917ba2b4d295403e2a75887326aa3e15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

x-amz-meta-deploy
840428
content-encoding
gzip
etag
W/"f9295e8d9320baacfa265574e21ed457"
age
612079
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
Sb8GsYtj8YHxe1GKV6a1qgUe-0xsN-EXh2ojGQmP6uEqnHdfc3vehQ==
date
Thu, 26 Sep 2024 21:19:01 GMT
content-type
application/javascript; charset=utf8
last-modified
Wed, 21 Aug 2024 18:13:25 GMT
x-served-by
cache-yul1970044-YUL
x-cache-hits
0
x-yottaa-optimizations
ob/1101 si/2511cc0285b8-1721651262-1014568813 tts/1726771541851 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
vary
Accept-Encoding
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
x-timer
S1727385541.053214,VS0,VE1
via
1.1 7af4698bea7e964f89ad8d7ae22213a2.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-bundle
11898
x-yottaa-metrics
2521cc028a8d/[2,-,1726772230115] 2511cc0285b8/[hit]
accept-ranges
bytes
content-length
11984
x-amz-cf-pop
SFO53-P5
server
AmazonS3
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/main.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
jwlUUXc1HMPClYXMpY+NPQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCDC63EBBD1100
x-ms-lease-status
unlocked
age
25110
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 14:20:32 GMT
date
Thu, 26 Sep 2024 21:19:02 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 06:41:29 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
681bb224-301e-0087-72b2-0ec6a5000000
cf-ray
8c964a38ed5ca30a-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
6881
x-ms-blob-type
BlockBlob
server
cloudflare
/
api.ipify.org/ 		24 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42963d04775f09b1f7834b7fc62019aca171c718b81f5b895ccafa44b20fcda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c964a393d0aac96-YYZ
access-control-allow-origin
*
content-length
24
date
Thu, 26 Sep 2024 21:19:02 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api.ipify.org/ 		24 B
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42963d04775f09b1f7834b7fc62019aca171c718b81f5b895ccafa44b20fcda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c964a399d60ac96-YYZ
access-control-allow-origin
*
content-length
24
date
Thu, 26 Sep 2024 21:19:02 GMT
content-type
application/json
vary
Origin
server
cloudflare
callback
www.elfcosmetics.co.uk/
Redirect Chain
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client...
  • https://www.elfcosmetics.co.uk/callback?usid=2c6afbd5-0cf9-45ce-a25e-2f872dd12cc2&code=R-KWUZ6A-nzBfAwZkJE7xxirlaB4Nxam-OL7NJGdWw4
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/callback?usid=2c6afbd5-0cf9-45ce-a25e-2f872dd12cc2&code=R-KWUZ6A-nzBfAwZkJE7xxirlaB4Nxam-OL7NJGdWw4
Protocol
H2
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals

Response headers

x-amzn-remapped-content-length
0
x-amzn-remapped-connection
close
age
0
x-amzn-requestid
c381790e-8e52-40d5-a87a-097fb3f59ffb
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
g2lcOxXS3mP21RkQY7vc-deLTh2MYnn10I__CxRZ0K8CQrEDIUXZ5Q==
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/json
x-yottaa-optimizations
ob/1000 si/26D1cc023016-1727367206-6293381901 tts/1727279619573 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
strict-transport-security
max-age=15552000; includeSubDomains
x-yottaa-os
200
x-yottaa-forcecache
true
cache-control
public, max-age=604800
x-amz-apigw-id
eu1nPF1_CYcEdkg=
x-amzn-remapped-date
Thu, 26 Sep 2024 21:19:03 GMT
x-amzn-trace-id
Root=1-66f5cfc7-0b85269523f5f1826efa90e3;Parent=69224134a825e144;Sampled=0;Lineage=1:dcd1e669:0
via
1.1 2614aff6912f836d77ae243b9dbf5dd6.cloudfront.net (CloudFront)
x-yottaa-metrics
2621cc028332/[173,165,-] 26D1cc023016/[-,176.144]
content-length
0
x-amz-cf-pop
ORD52-C2

Redirect headers

x-correlation-id
8c964a3da97fcf43
cf-cache-status
DYNAMIC
age
0
x-ratelimit-1m-limit
24000, 2000000
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
j1emv0YM3Um-1E2DcFQHnHb72StAY7TzMyomqpv_N0WqAMSpD1bUFA==
date
Thu, 26 Sep 2024 21:19:03 GMT
vary
Accept-Encoding
x-yottaa-optimizations
ob/0 si/26D1cc023016-1727367206-6293381899 tts/1727279619573 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
strict-transport-security
max-age=31536000; includeSubDomains
x-yottaa-os
303
cache-control
no-store
location
https://www.elfcosmetics.co.uk/callback?usid=2c6afbd5-0cf9-45ce-a25e-2f872dd12cc2&code=R-KWUZ6A-nzBfAwZkJE7xxirlaB4Nxam-OL7NJGdWw4
pragma
no-cache
via
1.1 bffe83de7594be28771c4164d4617e3a.cloudfront.net (CloudFront)
cf-ray
8c964a3da97fcf43-CMH
x-yottaa-metrics
2621cc028330/[105,93,-] 26D1cc023016/[-,107.772]
x-ratelimit-1m-remaining
23954, 1995742
content-length
0
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=rdRVaH0QgF3AmYfDIxTbrzpItCQCWEJfPK4eJZzkLLc
x-amz-cf-pop
ORD52-C2
x-ratelimit-1m-reset
56668, 56667
/
sdk.iad-05.braze.com/api/v3/data/ 		662 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d57a7b15b96385b45edafd51106b322a29c30e5cd72de9ba9ea7d97d7a0475f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.co.uk/
X-Braze-TriggersRequest
true
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-DataRequest
true
X-Braze-Req-Attempt
1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268

Response headers

access-control-max-age
7200
x-request-id
dd63a396-54ea-42c9-ada2-b75b32a5b93a
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"d57a7b15b96385b45edafd51106b322a"
access-control-allow-methods
POST, GET
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.174155
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1727385546
cf-ray
8c964a3b7b77aba5-YYZ
x-ratelimit-remaining
497.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8c964a3b0b26aba5-YYZ
content-encoding
gzip
date
Thu, 26 Sep 2024 21:19:02 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
25840211-e69f-428e-bb3b-0787cffdf0e8.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/25840211-e69f-428e-bb3b-0787cffdf0e8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd2387aa7fce3761291afcefea9a7bcb85652ffd781ba6a2c0afb22c1ac00fe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
PTbrcjK8IhP+1ATcydxbww==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCA10F2F0EACE9
age
71735
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Fri, 27 Sep 2024 21:19:02 GMT
date
Thu, 26 Sep 2024 21:19:02 GMT
content-type
application/json
last-modified
Wed, 10 Jul 2024 18:36:16 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
83065864-f01e-003b-11f8-d2d1d4000000
cf-ray
8c964a3b9dc3a269-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
1828
x-ms-blob-type
BlockBlob
server
cloudflare
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.elfcosmetics.co.uk/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8c964a3c2d0033ee-YUL
access-control-allow-origin
*
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
init.js
www.elfcosmetics.co.uk/XT4Gy2ig/ 		169 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
77a35ca4d195c4c9ea26d6040cc2ea2598ac44c05e7cb93616ffeff2be5f7162

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals

Response headers

cache-control
max-age=600
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
content-encoding
gzip
etag
"2a20f-N2wxrn9nqMrjLgz5z65K0fmLZ34"
x-px-hash
OGYzZGE5ZmQyZWEzY2FlNDAyYzNjNWMwN2MyNzVlYmQzM2Q2MjQwNGU4ZGM3MWQ1NWYzZGYxMDNmYWJjNTExOA==
active-cdn
Akamai
x-yottaa-metrics
26D1cc023016/[-,5.900]
access-control-allow-origin
*
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-yottaa-optimizations
ob/0 si/26D1cc023016-1727367206-6293381897 tts/1727385543062 ti/0 ai/5dbb1b434f1bbf5af87e10a5
favicon.ico
www.elfcosmetics.co.uk/ 		34 KB
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals

Response headers

x-amzn-remapped-content-length
34494
x-amzn-remapped-connection
close
etag
W/"86be-19224fb9b10"
age
140, 140
x-amzn-requestid
b3f46a8c-42c7-49de-8e81-1ae4f1ab346d
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
K3LYRlYcNMj5-YVH7d_LJTyaApHin68BG6ORFpDeaY0JC7Qr5hIm_Q==
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
image/x-icon
last-modified
Tue, 24 Sep 2024 17:02:02 GMT
vary
Accept-Encoding
x-yottaa-optimizations
ob/100 si/26D1cc023016-1727367206-6293381896 tts/1727279619573 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
cache-control
max-age=600, s-maxage=600
x-amz-apigw-id
etIpgHmkCYcEuew=
x-amzn-remapped-date
Thu, 26 Sep 2024 08:55:11 GMT
x-amzn-trace-id
Root=1-66f5216f-17e85dc44fc4273023b1813f;Parent=43b570d75ce9c839;Sampled=0;Lineage=1:dcd1e669:0
via
1.1 0d686860a571e09f23ba7586948f0628.cloudfront.net (CloudFront)
x-yottaa-metrics
2621cc8d587d/[9,-,1727385143751] 26D1cc023016/[-,11.254]
accept-ranges
bytes
content-length
34494
x-amz-cf-pop
ORD52-C2
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202406.1.0/ 		451 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
7I5y/rp4ODu7ul89ty+epQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56F667161
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
18651
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 22:20:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
c05e064f-501e-009c-79cf-d7e837000000
cf-ray
8c964a3c791ea30a-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
112027
x-ms-blob-type
BlockBlob
server
cloudflare
event
qoe-1.yottaa.net/log-nt/ 		3 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/log-nt/event
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.141.89.251 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmetics.co.uk/

Response headers

access-control-allow-origin
*
access-control-expose-headers
X-Results-Data-Source
timing-allow-origin
*
cache-control
no-cache
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
text/json
access-control-allow-credentials
true
www-widgetapi.js
www.youtube.com/s/player/b0557ce3/www-widgetapi.vflset/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b0557ce3/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1419::5b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36cb859be5a639c678f317d76c5c589da1b5e08820fcce41d67c38b517efa959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-encoding
br
age
36293
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 11:14:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 11:14:10 GMT
last-modified
Wed, 25 Sep 2024 04:14:17 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10417
x-xss-protection
0
server
sffe
js
www.paypal.com/sdk/ 		425 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
911e25ea789b35cecb213533e3e37314c942e2988517b91f5926aadc8be3633b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Dk+uXTe86lWlUJ/2hFU/Tv0noPD3q9BdFDwMv7VKui5iezuf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Dk+uXTe86lWlUJ/2hFU/Tv0noPD3q9BdFDwMv7VKui5iezuf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f414816b22d57
content-encoding
gzip
etag
W/"1d7f5-W4lEP+J+R2avmJ41jpSeRcpGla0"
age
2950
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f414816b22d57-519bd7644d69a8ba-01
server-timing
"traceparent;desc="00-0000000000000000000f414816b22d57-0f3fce10a1c4444b-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-bur-kbur8200137-BUR, cache-yul1970048-YUL, cache-yul1970048-YUL
x-cache-hits
0, 0, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Dk+uXTe86lWlUJ/2hFU/Tv0noPD3q9BdFDwMv7VKui5iezuf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Dk+uXTe86lWlUJ/2hFU/Tv0noPD3q9BdFDwMv7VKui5iezuf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1727385543.210501,VS0,VE80
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
120821
x-xss-protection
1; mode=block
en.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/01909d38-8581-74d6-a781-1b3350ec8317/ 		113 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/01909d38-8581-74d6-a781-1b3350ec8317/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c8e0af17f35bd3dc4b961886d48e646050403e04fce05f5de53fd3ceda09b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
v3qwXg2CJWkgo0feclnjFg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCA10F33595FAA
age
71734
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Fri, 27 Sep 2024 21:19:03 GMT
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/json
last-modified
Wed, 10 Jul 2024 18:36:23 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
514e3ced-401e-00ee-56f8-d29909000000
cf-ray
8c964a3cdf48a269-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
23312
x-ms-blob-type
BlockBlob
server
cloudflare
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		536 B
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4edb3f1f8801514d33f03ca0781b9f8b21fbceffb9495438803e20f91e0ff005

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.elfcosmetics.co.uk/

Response headers

timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
via
1.1 google
access-control-allow-origin
https://www.elfcosmetics.co.uk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
date
Thu, 26 Sep 2024 21:19:02 GMT
content-type
application/json; charset=utf-8
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1c521c09b85be1676a99323c2b5de3031bcab6d32c16e92cea7e3d4ecf19a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.co.uk/
BRAZE-SYNC-RETRY-COUNT
0
X-Braze-DataRequest
true
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-ContentCardsRequest
true
X-Braze-Req-Attempt
1
X-Braze-Req-Tokens-Remaining
29
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268

Response headers

access-control-max-age
7200
x-request-id
7746e2c3-6c9c-41ff-b9be-60915b864867
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"dd1c521c09b85be1676a99323c2b5de3"
access-control-allow-methods
POST, GET
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.085120
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1727385546
cf-ray
8c964a3dad95aba5-YYZ
x-ratelimit-remaining
499.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8c964a3d4d39aba5-YYZ
content-encoding
gzip
date
Thu, 26 Sep 2024 21:19:03 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
otFlat.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
sHJXWIgDpMKY35PyRRy4zQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56B3084E2
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
71734
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:19:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
efcb78ad-201e-0054-5b76-d87900000000
cf-ray
8c964a3d8821a269-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
3003
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/otPcCenter.json
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
LtDYZmcfPNW39lMw/Yu0RQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56C7CC8BB
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
71734
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:19:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
120b4659-d01e-00e0-145f-d87502000000
cf-ray
8c964a3d8825a269-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
12723
x-ms-blob-type
BlockBlob
server
cloudflare
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCookieSettingsButton.json
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
QnaHNt7KvNcyo6Q1ZDZObg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56C38B888
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
71734
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:19:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
13e30717-201e-0032-0fe3-d7cb5a000000
cf-ray
8c964a3d8827a269-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
1738
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
71734
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 22:20:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
4f6177c1-801e-007b-305f-d8f83a000000
cf-ray
8c964a3d8828a269-YUL
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
pcXWFGpuVeSg/jVnYCseRg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
83663
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Sep 2024 06:41:31 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
96ae05c6-a01e-006c-2897-0e3859000000
cf-ray
8c964a3ddaeca30a-YUL
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
505 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
71734
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Sep 2024 06:41:30 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
3e87f513-d01e-00eb-5b0d-0f6d76000000
cf-ray
8c964a3df8b8a269-YUL
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
E8+sk/ECzKgTUVtDLikiIA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCDC63ED0510E7
age
11750
cf-cache-status
HIT
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
mage/png
last-modified
Tue, 24 Sep 2024 06:41:31 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
ec416c2a-c01e-0055-38b8-0e78fd000000
cf-ray
8c964a3e1b65a30a-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
4036
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
83664
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Sep 2024 06:41:31 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
103bc9ec-301e-0026-47bd-0e083e000000
cf-ray
8c964a3e1b68a30a-YUL
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
local
www.paypal.com/credit-presentment/experiments/ Frame 9836 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.11&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
106619
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1524
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Thu, 26 Sep 2024 21:19:03 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-ClnmPO7DyfffGu1eUHyw5RpWVY0"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f1480216f4935
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f1480216f4935-ebea4e586cb78550-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f1480216f4935-f05a661c6f0dd36b-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, MISS
x-cache-hits
15682, 5318, 0
x-served-by
cache-bur-kbur8200167-BUR, cache-yul1970037-YUL, cache-yul1970037-YUL
x-timer
S1727385544.574715,VS0,VE6
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.co.uk&t=xo&v=5.0.458&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
880e492109f305ced24544df1e461024572032fce300d28de5f058e34db17c66
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-rmv/gFgJjIr3Ys1rB2m0kJ9yrRWJ2AMVPM4is5IoD0sNmh/X' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

paypal-debug-id
f953382062e74
content-encoding
gzip
etag
W/"36ab-v/4nkRNKa4MnWiIKbqPPycw6w+U"
age
86743
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f953382062e74-bec36fdbd1c4867a-01
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, HIT, MISS
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-bur-kbur8200098-BUR, cache-yul1970048-YUL, cache-yul1970048-YUL
x-cache-hits
146, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-rmv/gFgJjIr3Ys1rB2m0kJ9yrRWJ2AMVPM4is5IoD0sNmh/X' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1727385544.548579,VS0,VE5
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4794
x-xss-protection
1; mode=block
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.elfcosmetics.co.uk
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 26 Sep 2024 21:19:03 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f553467198c21
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f553467198c21-16ebd6d7179325b4-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-served-by
cache-bur-kbur8200028-BUR, cache-yul1970041-YUL, cache-yul1970041-YUL
x-timer
S1727385544.719965,VS0,VE135
logger
www.paypal.com/xoplatform/logger/api/ 		979 B
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
04e3a4fa4a9dbf1d6b0303513da6048169e6818f44390956d2011a230545e463
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f553467d5a114
content-encoding
br
etag
W/"3d3-lRJjX+kfUrOizYIkfcg0/5q2X5k"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f553467d5a114-fc826db29d98e9d5-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS
date
Thu, 26 Sep 2024 21:19:04 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-bur-kbur8200093-BUR, cache-yul1970041-YUL, cache-yul1970041-YUL
x-cache-hits
0, 0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1727385544.874457,VS0,VE134
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://www.elfcosmetics.co.uk
ts
t.paypal.com/ 		42 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Cosmetic%20Criminals%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1727385543703&g=420&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
1ec01d7f90cb2
correlation-id
1ec01d7f90cb2
expires
Thu, 26 Sep 2024 21:19:03 GMT
traceparent
00-00000000000000000001ec01d7f90cb2-bbf6c46a31f270d5-01
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-00000000000000000001ec01d7f90cb2-1724be412cde111c-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
image/gif
x-served-by
cache-bur-kbur8200043-BUR, cache-yul1970034-YUL
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1727385544.774989,VS0,VE122
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
token
www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
4ff6c8301caeaa395ca4ea018d5aca89fc688c5913ab2bffbf4f9f1359746813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Authorization
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-correlation-id
8c964a414830cf33
age
0
x-ratelimit-1m-limit
24000, 2000000
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
z9-40TJer7q2uthaM078UTIDYOLfP7CPksy1mpeYM6b2tiYHeR6Zuw==
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/json
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/26D1cc023016-1727367206-6293381905 tts/1727279619573 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
strict-transport-security
max-age=31536000; includeSubDomains
x-yottaa-os
200
cache-control
no-store
pragma
no-cache
via
1.1 e8541cab93cd37ee5ef379270867e664.cloudfront.net (CloudFront)
cf-ray
8c964a414830cf33-CMH
x-yottaa-metrics
2621cc8d587b/[102,99,-] 26D1cc023016/[-,105.414]
x-ratelimit-1m-remaining
23939, 1995025
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-amz-cf-pop
ORD52-C2
x-ratelimit-1m-reset
56094, 56093
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D10C) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

paypal-debug-id
98ec315f1bea3
content-encoding
gzip
etag
"64f25363-daa8+gzip"
x-content-type-options
nosniff
expires
Thu, 26 Sep 2024 22:19:03 GMT
traceparent
00-000000000000000000098ec315f1bea3-fc9aa14ce65289e2-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/javascript
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
content-length
16355
server
ECAcc (nyd/D10C)
sessions
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/sessions
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwYjE3M2Y4Zi00OWYzLTRmOGUtOGQxMC1kY2U0OWFmZmI4MGQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjJjNmFmYmQ1LTBjZjktNDVjZS1hMjVlLTJmODcyZGQxMmNjMiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MjczODU1MTMsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0trMHd1eEd4YnNSa2VsS21xWVlsdWxKOjpjaGlkOmVsZi1ldSIsImV4cCI6MTcyNzM4NzM0MywiaWF0IjoxNzI3Mzg1NTQzLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM2MDYwMDQ0NjYyMzA5NzE4In0.TuBG9o_z4EqIfPDAi-7y5wN-Rbe2LXLp9ZC1tl458fpN33DX1TJxFG6G9SUiUF8AHGfhalq0TnqWh-QWNumdBQ
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals

Response headers

access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-dw-request-base-id
4TJv9sjP9WYBAAB_
x-dw-version-status
obsolete
age
0
cf-cache-status
DYNAMIC
expires
Thu, 01 Dec 1994 16:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
TfGzp8mE9i6cB83PR9VB2VNUso2aZXegk0cByKoqiXv5us-m5QxLTQ==
date
Thu, 26 Sep 2024 21:19:04 GMT
x-yottaa-optimizations
ob/0 si/26D1cc023016-1727367206-6293381906 tts/1727279619573 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-yottaa-os
204
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
allow
OPTIONS,POST
cf-ray
8c964a43189c61d3-ORD
x-yottaa-metrics
2621cc8d587e/[302,296,-] 26D1cc023016/[-,304.566]
via
1.1 2614aff6912f836d77ae243b9dbf5dd6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://www.elfcosmetics.co.uk
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/sessions
x-amz-cf-pop
ORD52-C2
shoppercontext
www.elfcosmetics.co.uk/api/v1/ 		57 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/api/v1/shoppercontext?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwYjE3M2Y4Zi00OWYzLTRmOGUtOGQxMC1kY2U0OWFmZmI4MGQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjJjNmFmYmQ1LTBjZjktNDVjZS1hMjVlLTJmODcyZGQxMmNjMiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MjczODU1MTMsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0trMHd1eEd4YnNSa2VsS21xWVlsdWxKOjpjaGlkOmVsZi1ldSIsImV4cCI6MTcyNzM4NzM0MywiaWF0IjoxNzI3Mzg1NTQzLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM2MDYwMDQ0NjYyMzA5NzE4In0.TuBG9o_z4EqIfPDAi-7y5wN-Rbe2LXLp9ZC1tl458fpN33DX1TJxFG6G9SUiUF8AHGfhalq0TnqWh-QWNumdBQ
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-amzn-remapped-content-length
57
content-encoding
gzip
x-amzn-remapped-connection
close
etag
W/"39-LgPw152VfElAKHYfDt/MyAcU00g"
age
0
x-amzn-requestid
e64b9db0-c5a2-4739-a452-b5b26d88757b
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
yTbb07A3l0SFXFdXECHia976Q3XOoZuFLitvEE0igy22jWK9RgIgwg==
date
Thu, 26 Sep 2024 21:19:04 GMT
content-type
application/json; charset=utf-8
x-yottaa-optimizations
ob/1000 si/26D1cc023016-1727367206-6293381907 tts/1727279619573 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
strict-transport-security
max-age=15552000; includeSubDomains
x-yottaa-os
200
x-amz-apigw-id
eu1nTGpfCYcEIMg=
x-amzn-remapped-date
Thu, 26 Sep 2024 21:19:04 GMT
x-amzn-trace-id
Root=1-66f5cfc8-22272ef868f9cb5f464c4d5e;Parent=1d1cede38f6cb1bd;Sampled=0;Lineage=1:dcd1e669:0
via
1.1 4415a352e914eb2ce98de1c6bdfa37ca.cloudfront.net (CloudFront)
x-yottaa-metrics
2621cc8d587c/[476,472,-] 26D1cc023016/[-,478.706]
content-length
79
x-amz-cf-pop
ORD52-C2
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d9543949071859ed9629a9c5b527f1d586f6636657c87410eb7bc0dbeb4feca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.co.uk/
BRAZE-SYNC-RETRY-COUNT
0
X-Braze-DataRequest
true
X-Braze-Last-Req-Ms-Ago
750
X-Braze-ContentCardsRequest
true
X-Braze-Req-Attempt
1
X-Braze-Req-Tokens-Remaining
28
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268

Response headers

access-control-max-age
7200
x-request-id
453c35d3-7ae4-4ced-8799-6ff35e368200
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"4d9543949071859ed9629a9c5b527f1d"
access-control-allow-methods
POST, GET
date
Thu, 26 Sep 2024 21:19:04 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.041372
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1727385546
cf-ray
8c964a41f940aba5-YYZ
x-ratelimit-remaining
497.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		189 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=167.114.209.103
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1a69edfa8b18d3fdf995628faed84a7660dd3144fe7f4e5639e945861ba7815a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

content-encoding
gzip
x-dw-request-base-id
AzJmmcjP9WYBAAB_
x-dw-version-status
obsolete
age
0
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
efE4nEReKAUZSbOyLQAxJFpWH48sjgYbAaAZ8qMRwDInXJjS-klhGw==
date
Thu, 26 Sep 2024 21:19:04 GMT
content-type
application/json;charset=UTF-8
x-yottaa-optimizations
ob/1000 si/26D1cc023016-1727367206-6293381909 tts/1727279619573 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
sfdc_customization
HOOK
x-yottaa-os
200
cache-control
max-age=0,no-cache,no-store,must-revalidate
allow
GET,HEAD,OPTIONS
cf-ray
8c964a43ac2ccf43-CMH
x-yottaa-metrics
2621cc8d5880/[199,195,-] 26D1cc023016/[-,201.721]
via
1.1 e385fbaea7c648ad7e4ea77cdc0acd94.cloudfront.net (CloudFront)
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=167.114.209.103
x-amz-cf-pop
ORD52-C2
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		189 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=167.114.209.103
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1a69edfa8b18d3fdf995628faed84a7660dd3144fe7f4e5639e945861ba7815a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

content-encoding
gzip
x-dw-request-base-id
4TKB9sjP9WYBAAB_
x-dw-version-status
obsolete
age
0
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
hyoZcefdXJ-K-i7_c7HVVJ4NkB3QihKLSq86LTHRjdpt2JSZ8dzdgw==
date
Thu, 26 Sep 2024 21:19:04 GMT
content-type
application/json;charset=UTF-8
x-yottaa-optimizations
ob/1000 si/26D1cc023016-1727367206-6293381912 tts/1727279619573 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
sfdc_customization
HOOK
x-yottaa-os
200
cache-control
max-age=0,no-cache,no-store,must-revalidate
allow
GET,HEAD,OPTIONS
cf-ray
8c964a461d536209-ORD
x-yottaa-metrics
2621cc02835f/[270,266,-] 26D1cc023016/[-,272.173]
via
1.1 6d5eb10703fb0c500533591581396cb8.cloudfront.net (CloudFront)
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=167.114.209.103
x-amz-cf-pop
ORD52-C2
baskets
www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkKk0wuxGxbsRkelKmqYYlulJ/ 		11 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkKk0wuxGxbsRkelKmqYYlulJ/baskets?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwYjE3M2Y4Zi00OWYzLTRmOGUtOGQxMC1kY2U0OWFmZmI4MGQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjJjNmFmYmQ1LTBjZjktNDVjZS1hMjVlLTJmODcyZGQxMmNjMiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MjczODU1MTMsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0trMHd1eEd4YnNSa2VsS21xWVlsdWxKOjpjaGlkOmVsZi1ldSIsImV4cCI6MTcyNzM4NzM0MywiaWF0IjoxNzI3Mzg1NTQzLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM2MDYwMDQ0NjYyMzA5NzE4In0.TuBG9o_z4EqIfPDAi-7y5wN-Rbe2LXLp9ZC1tl458fpN33DX1TJxFG6G9SUiUF8AHGfhalq0TnqWh-QWNumdBQ
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

x-yottaa-metrics
2621cc8d5882/[134,126,-] 26D1cc023016/[-,136.368]
x-correlation-id
8c964a43a965cf6f
cf-cache-status
DYNAMIC
content-encoding
gzip
age
0
x-content-type-options
nosniff
expires
Thu, 01 Dec 1994 16:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
ozmLbaX56RGKLjJN30VGxMhiFWOwbjMLymroFzl9Lx4fZr2A7FXSYg==
date
Thu, 26 Sep 2024 21:19:04 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
x-yottaa-optimizations
ob/1000 si/26D1cc023016-1727367206-6293381908 tts/1727279619573 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
strict-transport-security
max-age=31536000; includeSubDomains
sfdc_customization
HOOK
x-yottaa-os
200
cache-control
no-cache, no-store
pragma
no-cache
via
1.1 2614aff6912f836d77ae243b9dbf5dd6.cloudfront.net (CloudFront)
sfdc_cache_status
MISS [0/1]
cf-ray
8c964a43a965cf6f-CMH
accept-ranges
bytes
sfdc_load
2
content-length
37
dnt
0
x-ratelimit-limit
99999
x-ratelimit-remaining
999
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkKk0wuxGxbsRkelKmqYYlulJ/baskets?siteId=elf-eu
x-amz-cf-pop
ORD52-C2
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ 		98 B
519 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.23.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-23-229.compute-1.amazonaws.com
Software
envoy /
Resource Hash
8e224e1d21ac4f1bd3e582e616ed654e7b869382d2af550afc704f9bc1ead1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
x-cq-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b

Response headers

strict-transport-security
max-age=15552000; includeSubdomains
etag
W/"62-7JnDarYTXUIJ9fOEqV2i+Bc8V5Y"
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
content-length
98
date
Thu, 26 Sep 2024 21:19:04 GMT
content-type
application/json; charset=utf-8
server
envoy
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.23.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-23-229.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cq-client-id
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type, x-cq-tenant, x-cq-client-id
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
content-length
0
date
Thu, 26 Sep 2024 21:19:04 GMT
server
envoy
strict-transport-security
max-age=15552000; includeSubdomains
x-envoy-upstream-service-time
1
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		600 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
5aff3f6aaa027feccc81fc8d0457bba98030c901ef968252167d6b0271ef3839

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.elfcosmetics.co.uk/

Response headers

timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
via
1.1 google
access-control-allow-origin
https://www.elfcosmetics.co.uk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
date
Thu, 26 Sep 2024 21:19:03 GMT
content-type
application/json; charset=utf-8
index.html
www.paypalobjects.com/muse/analytics/ Frame A658 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D191) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16754
content-type
text/html
date
Thu, 26 Sep 2024 21:19:04 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc+gzip"
expires
Thu, 26 Sep 2024 22:19:04 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
c3f7b2d62add6
server
ECAcc (nyd/D191)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000c3f7b2d62add6-8388d1d230fda6d2-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
ts
t.paypal.com/ 		42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Cosmetic%20Criminals%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1727385544358&g=420&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
fb0f20edc587b
correlation-id
fb0f20edc587b
expires
Thu, 26 Sep 2024 21:19:04 GMT
traceparent
00-0000000000000000000fb0f20edc587b-71bda50f8e6a70c5-01
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000fb0f20edc587b-799f7bf5e405a30d-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Thu, 26 Sep 2024 21:19:04 GMT
content-type
image/gif
x-served-by
cache-bur-kbur8200148-BUR, cache-yul1970034-YUL
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1727385544.364657,VS0,VE118
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
baskets
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/baskets
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11898/vendor.js?yocs=1c_1e_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
77d18f52509b535871fdc662b0e6fff7f6d8391bf2af147e02a15717c4bc7d03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwYjE3M2Y4Zi00OWYzLTRmOGUtOGQxMC1kY2U0OWFmZmI4MGQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjJjNmFmYmQ1LTBjZjktNDVjZS1hMjVlLTJmODcyZGQxMmNjMiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MjczODU1MTMsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia0trMHd1eEd4YnNSa2VsS21xWVlsdWxKOjpjaGlkOmVsZi1ldSIsImV4cCI6MTcyNzM4NzM0MywiaWF0IjoxNzI3Mzg1NTQzLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM2MDYwMDQ0NjYyMzA5NzE4In0.TuBG9o_z4EqIfPDAi-7y5wN-Rbe2LXLp9ZC1tl458fpN33DX1TJxFG6G9SUiUF8AHGfhalq0TnqWh-QWNumdBQ
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-dw-resource-state
a7bd0bc82f5e091dd4938b59ca11d774cd665d83f8a66cee615d8016eeccc756
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
content-encoding
gzip
x-dw-request-base-id
4TJ29sjP9WYBAAB_
etag
a7bd0bc82f5e091dd4938b59ca11d774cd665d83f8a66cee615d8016eeccc756
age
0
x-dw-version-status
obsolete
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
Thu, 01 Dec 1994 16:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
855FVslk3KvYsq_tH8sCK0xe-guW3mqZ1UtTJ6zNRaGqfEQS0rP3gw==
date
Thu, 26 Sep 2024 21:19:04 GMT
content-type
application/json;charset=UTF-8
x-yottaa-optimizations
ob/1000 si/26D1cc023016-1727367206-6293381911 tts/1727279619573 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
sfdc_customization
HOOK
x-yottaa-os
200
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
allow
OPTIONS,POST
cf-ray
8c964a44b8a361e4-ORD
x-yottaa-metrics
2621cc02835b/[164,159,-] 26D1cc023016/[-,167.061]
via
1.1 28858a97d9085a1c936c63ea0b2b4b46.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://www.elfcosmetics.co.uk
content-length
990
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/baskets
x-amz-cf-pop
ORD52-C2
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/11898/static/img/flag-icons/ 		717 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/11898/static/img/flag-icons/gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.48.22 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals

Response headers

x-amz-meta-deploy
840428
content-encoding
gzip
etag
"e44a90033e1a1ff48c7aef9b686467bb"
age
3121480
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
hSAQ1p9PqK4qSrzrvDIJhYvkei5zaOBTkSFPnRcOdgbfNZkqrlX53Q==
date
Thu, 26 Sep 2024 21:19:04 GMT
content-type
image/svg+xml
last-modified
Wed, 21 Aug 2024 18:13:25 GMT
x-yottaa-optimizations
ob/1001 si/26D1cc023016-1724260932-2427497806 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-yottaa-os
200
x-yottaa-forcecache
true
cache-control
public, max-age=31104000
via
1.1 bffe83de7594be28771c4164d4617e3a.cloudfront.net (CloudFront)
x-amz-meta-bundle
11898
x-yottaa-metrics
2621cc02836a/[12,5,-] 26D1cc023016/[hit]
access-control-allow-origin
*
content-length
431
x-amz-cf-pop
ORD52-C2
NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

cf-cache-status
HIT
x-amz-version-id
null
age
30227
access-control-allow-methods
POST, GET, OPTIONS
date
Thu, 26 Sep 2024 21:19:04 GMT
edge-control
max-age=86400
content-type
image/png
last-modified
Thu, 26 Sep 2024 11:59:46 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
s-maxage=86400, max-age=1800
x-amp-cf-worker
true
cf-ray
8c964a475899a1db-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5378
server
cloudflare
x-amz-server-side-encryption
AES256
icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
age
3692
access-control-allow-methods
POST, GET, OPTIONS
date
Thu, 26 Sep 2024 21:19:04 GMT
edge-control
max-age=86400
content-type
image/svg+xml
last-modified
Wed, 25 Sep 2024 20:42:17 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
s-maxage=86400, max-age=1800
x-amp-cf-worker
true
cf-ray
8c964a47589ea1db-YYZ
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
icon-noun-jewel-243384
elfcosmetics.a.bigcontent.io/v1/static/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-jewel-243384?%24Desktop%24=&fmt=auto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ab5f6c2c8b700330c1512dad8c18e7fab1c596de153afdb9621fe6ce9de9388

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
age
18847
access-control-allow-methods
POST, GET, OPTIONS
date
Thu, 26 Sep 2024 21:19:04 GMT
edge-control
max-age=86400
content-type
image/svg+xml
last-modified
Thu, 26 Sep 2024 04:16:59 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
s-maxage=86400, max-age=1800
x-amp-cf-worker
true
cf-ray
8c964a47589ba1db-YYZ
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
script-tag.js
cdn-scripts.signifyd.com/api/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-40.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

vary
Accept-Encoding
cache-control
max-age=1800
content-encoding
gzip
etag
W/"73ca6f23f3e08738233832c7a7a0c30c"
age
1416
via
1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
fJ3eAcpduR__tzHMh9BItT5-f45v2Mok4PYKOG84byswFM35t6mcYA==
date
Thu, 26 Sep 2024 20:55:30 GMT
content-type
application/javascript
last-modified
Tue, 23 Apr 2024 14:51:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
company_toolkit.js
cdn-scripts.signifyd.com/api/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-40.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

vary
Accept-Encoding
cache-control
max-age=1800
content-encoding
gzip
etag
W/"2c3950f122b3977df61b0e077aaa92c8"
age
1415
via
1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
_FGFbeb7Ulx5Y8IKuPKQQ7-U7A6oUJVPhQyZwRzUhroAvXx7vvjBxQ==
date
Thu, 26 Sep 2024 20:55:31 GMT
content-type
application/javascript
last-modified
Tue, 30 May 2023 10:18:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
r6vwq7topd9e2zaf.js
imgs.signifyd.com/ 		96 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/r6vwq7topd9e2zaf.js?1nwrltafx68oq3os=w2txo5aa&5hjk3bbwco9zyh53=LzdjNTIxOTYyZDcwNjA2Y2UzZTE4YWYwMDI4
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
66747746ab69ea2b6f5219fb9b4e6318b0631eff561b8659453e2ba9850dfd4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

X-Robots-Tag
noindex, nofollow
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
CP=IVAa PSAa
Keep-Alive
timeout=2, max=100
Date
Thu, 26 Sep 2024 21:19:05 GMT
Content-Type
text/javascript;charset=UTF-8
Vary
Accept-Encoding
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Server
Apache
PGLaSs5VO93iUpet
imgs.signifyd.com/ Frame C729 		302 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/r6vwq7topd9e2zaf.js?1nwrltafx68oq3os=w2txo5aa&5hjk3bbwco9zyh53=LzdjNTIxOTYyZDcwNjA2Y2UzZTE4YWYwMDI4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
07c2787da6bd67b5a76089805a2056af212964471634ba1858480015397be59e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

X-Robots-Tag
noindex, nofollow
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=99
Date
Thu, 26 Sep 2024 21:19:05 GMT
Content-Type
text/javascript;charset=UTF-8
Vary
Accept-Encoding
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
tmx-nonce
69352d6174e35d90
X-XSS-Protection
1; mode=block
Server
Apache
OjkW4c5hjYU-kii7
imgs.signifyd.com/ Frame C729 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/OjkW4c5hjYU-kii7?e0de2c5892b30441=bhi6qTxM3V0umcozFAgpxEDDypxjNKjeSrkuPc_qM1-IpH1tvTyuP-dSTfkyHMwaTvFGCIpK5m3GHR4VVxs-Y0FKn_YTi2TgvogVeyWcNXzAw-YeM5R5lPJ1BWSo_6RpMe5tF2Js7GO00ud2RWyjPNZ3mKg_waf6CBzghYE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
81
Keep-Alive
timeout=2, max=100
Date
Thu, 26 Sep 2024 21:19:05 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png
Server
Apache
7r_Uve5EfAN6OFf_
imgs.signifyd.com/ Frame C729 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/7r_Uve5EfAN6OFf_?034e1aae2bf9448c=xZ0rFrpRjfQSBsYS7tXst1BgrkjXq_VRYh7c9QYZtQDECpsmyUGS5ZtkV_-txti_tPqLV1GBXlH-guObqWpkw2biw7ItCYCFhYtpNowpvJ2MeGVs-sSQMgoLJy-hbKg4kZ8esSdX44CjMnd700yNQqWX2z7YtOaL4oTMVyE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
81
Keep-Alive
timeout=2, max=100
Date
Thu, 26 Sep 2024 21:19:05 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png
Server
Apache
clear.png
imgs.signifyd.com/fp/ Frame C729 		81 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*, w2txo5aa/69352d6174e35d90lzdjntixotyyzdcwnja2y2uzzte4ywywmdi4
Referer
https://www.elfcosmetics.co.uk/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
private, must-revalidate, max-age=0
Etag
138d0e56b93c4d30b7dd12566a125956
Connection
Keep-Alive
Expires
Tue, 25 Sep 2029 21:19:06 GMT
Access-Control-Allow-Origin
https://www.elfcosmetics.co.uk
Content-Length
81
Keep-Alive
timeout=2, max=100
Date
Thu, 26 Sep 2024 21:19:06 GMT
Last-Modified
Thu, 26 Sep 2024 21:19:06 GMT
Content-Type
image/png
Server
Apache
wekaI0Wv7AHlAfeu
imgs.signifyd.com/ Frame 59E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/wekaI0Wv7AHlAfeu?4e2a8e6f20b17323=06BLfUffQDEh5PZ9nkKdZLWnpThYBT2Bw_MBjjwbgckc3g3Yu7OtKDWAz5U-BrpOpa4-Eo0tlZSd9m3A26yEvAPhacGCXrnrn_BHzqcD2MgGREZpaYe-NVwbyXlbkQLxnpdclGFeZiEZOCkPFfZ-Bj7SdDrbd2IgFpmLs38brDqlF7YvSOyYYWD3QTUi2UyKdZ9KOUdXgzHldmFajpM
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 26 Sep 2024 21:19:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
doQ_-0vx9IamIpjJ
imgs.signifyd.com/ Frame C729 		0
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/doQ_-0vx9IamIpjJ?a609f30a7755b984=6kiu3-U2Npa3dIz5CtZ7DBF3LpVrKKIsZySBe-E6XG4vZfaPWdvbhlBY5bWmGkWG0ywlkFMxO4eXdoClvwza8KERotm1D5sBiJw4xY7_Pp_FxjrNqJhO-1fhDVicKhjSculgrk5_pQN4tHsVXq2t8LyYE4A&jb=3b3c26667961353b3f613c6b6c3467343f326436386730686e3933363f3a3f3a31663e343d3f65
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
0
Keep-Alive
timeout=2, max=98
Date
Thu, 26 Sep 2024 21:19:05 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript
Server
Apache
fdDaFWbzUBh7Rt_P
imgs.signifyd.com/ Frame C729 		134 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fdDaFWbzUBh7Rt_P?1e5e281300c550d7=BDJvjpJq5qTajaWjMuYJ_h6v90JJLrZ4zNNJcWuXm9EgNwuXRMPCd9VD4xgciIsYYERLdvzBbpwHXG4oYDGmSk5xOcGQaRjnSzlD4nEd8qQ_XOm7EKPwaEWYiGz-Utg95q-tdSoJXyi6JaKvZxY22Q
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
9c2b2c04ed9fe9f0ad55944887ebe50a83871df38a83b6dd2905add6579b9f2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=99
Date
Thu, 26 Sep 2024 21:19:05 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript;charset=UTF-8
Vary
Accept-Encoding
Server
Apache
ID2KkWGLyU4kApMo
h.online-metrix.net/ Frame 1B29 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/ID2KkWGLyU4kApMo?ef0aaf9e0eaa90bd=ttnKHPq90NmrtwVjOEHAzNGGcU-PdpPrXcCFub5l9aMRbtMGM_qbiPpfMUujezhX4F_-m7jnOCpRW1yecci0Yf7HVUG0VPhHORYTlMurY-Wq8zkdEX9TSNAPHb33LSXdWZbZMF9vp84_oIugpCsX0hKmk9jRUQaUnfy9HZmvp2YUP3bsSMfKoY7mPZWUwXjEkG4dsENN4XQs0DZEn9HQ
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 26 Sep 2024 21:19:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
9ZIHtIVnRrPx6lnb
imgs.signifyd.com/ Frame 11E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/9ZIHtIVnRrPx6lnb?953ed370ef750730=Tot7eJSt2psoMZ_jbqYFiLHcnuIrEiKEgN0ybw8pMM96a8UIA2hqp25hv78UuBd-CJZYLkgMferMiB4Ya44EVkK6ak1V_ineF4dMskg8NE5trUWFTcV7gJjW1EQSdTOFBQQaHV01AWT79CVWm5YfGBrDE9v4N432og7Ro1u7BIqkAxgrVe_TW6gxAQfVdm3-je_mqgUmNYXP1ysLJeAu
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 26 Sep 2024 21:19:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
q409_tVe9nClHi5l
h64.online-metrix.net/ Frame C729 		0
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h64.online-metrix.net/q409_tVe9nClHi5l?f581733b234b04df=dPt82aJ9XTecnh7IMEgLcrhpkjeQYCLZf8EcPXtF_9BBmXNvn96vm9qVL8oNSWNE2GPww6zu5Dq263Xds6pfbw51zhfzH4AdFCeaAAAlT0LBpJCX8LRwRXC9wG5SSBJlA6TO9Cfvfw-f-zYfa8QcttFIR7okPZgv
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2620:f3:0:14:b401:8ee8:4321:ad82 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
0
Keep-Alive
timeout=2, max=100
Date
Thu, 26 Sep 2024 21:19:06 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript
Server
Apache
doQ_-0vx9IamIpjJ
imgs.signifyd.com/ Frame C729 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/doQ_-0vx9IamIpjJ?a609f30a7755b984=6kiu3-U2Npa3dIz5CtZ7DBF3LpVrKKIsZySBe-E6XG4vZfaPWdvbhlBY5bWmGkWG0ywlkFMxO4eXdoClvwza8KERotm1D5sBiJw4xY7_Pp_FxjrNqJhO-1fhDVicKhjSculgrk5_pQN4tHsVXq2t8LyYE4A&ja=3a3a36332c266b35273430382c7a3f343a2c663f3934303a723132303824696435313e30387231383a302e7b7279353932307a33323a266678703d3b26313630382e3930383024313e3a30263b32383826313e383a2c33303a3a2c333e3230263b32383524333032243130302e67743738376e3d3b643b393e396734686c32323160363c686433383f6038636e336b342e676e3738267b6b6e3d3a3c2c6c6a3f627e74727b27334b2f3246253a447f757f2e6d6c6e696f7967657c616973266b652e77692f38466764642d6965736d657c6b6b2f6b72616d616461667926786437352e78623d673a3a3864646937353f3b3933663c676a67303931336d68346b33393a313a642e60623d663a3f6c32633a63613c3a6163313d3a39373e353d643e6e62383a306b3d3f362e62796f3f4e6364757a2e68736837436872676f6d273a303932312c6a7965753544636e7d702c6a71607f37436a7a6d6d6f2c6e686335333e246664653d302c6e677e7035382c74726c37416f67786363632d30465c6b6e636f7d746d702e6d697460783d3e3a303b6c3b633a6a6f6332306f3c63613d34303a3232616439373d3638316e643c3f38323b34396c3c65696938346661333e61646a66373839313331313469246c7235687c7e70792f33492d38462d3a4c777575246f6c646b6d73676f7469637b2c6b6d267563253a4c65666c2d6b67796d6d7c63632f6178636d6b66636c792c703d7064776f6b665f6e6c6979682f3f456e6966736d297a6c776563645f75616c64657d735f6d6d66616357706461716f722f3f456e6966736d297a6c776563645f636c6d626f55616372676069762d354d666966736f2b70647d6d6966577b756b61617e696f6d27354f6c616c736d23786e7d67616e57796865696b7f697c652d3d4f66636e796f217264776763645f7265696e786e69796d722d3f456c6b6c7b6d2b70647d6d696c5d7c66635d786e61736f7225354d64696e7b652970647f6763645f6c6d7c61647e782537476c6b6c716d2370667f67696e57717e65577661657f6f722f3f456e6966736d297a6c776563645f686974612f3f45666164716d246f6c5763357d65686d6c5f6d6847442d3830332c3a2f3232204d706f64474c253a324d512d323832263a25383a43607a656d617d67295567684d4c273a324746594c253238475b273a30392e382f323a224f786d6447442d383047512f38304544514c2f383045532d30383326302d3238496878656d617d67295f6d684b6b765d6f6249617625383a5765624f4e494c4f4c4d5f6164737e6b6e6b6d6e5f697a78617b712f3942273a3245525e5f626c6d6c6c5d6569666d6972253948253a384f585c57696c6b7255696f6c7c706f662f3342253a324d5a5c5f6b6f6465725568756e6e6f7257606b6c645d6c666f637c2733482f323045505657666d707c6857696c6b67702d3b48253a384f58565d6c666f637c5d62666f6e64253b402d3038455054576c726b6d5f6c6d7a74602d394227303a4f585657726f6673676f6e576d6e647b657c5f6b6661677a253b4a2f32384d52545d71626b64677a5d746f727475726d5d646d6c253b422d38304f5254577c6f787c7d78655d61656770706d717363656e5f6278766b273b422d32384f585e55746d707e757a6d55636d6f7a7865717b6b6f64557267746b273b402d323845505e5f7e6f787c7d7865576e636c76677855616c61716f7e786f70696b273b402d323845505e5f7e6f787c7d786557656372706d7855636e696f70557e6f5f656c656d273b422d32384f585e55735a4f48253b4a2f32324d4f595f6764676d6f64745f6966666d7a5775616e7c2f33482f3238474f53576e686f5d706f6464677a5d6d637a6d61702d314a273a3047455b55737e6b6e6c697864576c6f726b746b7e69746d7125394825323047475b5d7c6570747d7865556c6c67697e253b4a2f32324d4f595f766d7a747f78655f66646d6976576c616e6d6b722f39422d3a3a4f4d5b5574677a7e7f7267576a61666c5f666c67637c273b422d323845455955746d707e757a6d5568636e6c55666e6763745566696e6569702d314a253a30474f53557c657a7c6f7857697872637b556562686d61742f3942253238554d404f4c576367666f7855627d6e6c657a576c6c6d637e2f33402d30305d4f42474c5761676f78726d737b6f64557e65707c7f726d576b7376612f3942273a32574f48474c5f6b6d65727a657b736d6e5f7e6f787c7d7865576d7e632731482f32325f47424d465f636f65727a677b736d64577e65727e757a6d55657c6b3b2531402f3830554d40474655636f6d78706d717b656c5f7c6f787e7f726d5779337c6b2f334027383a57474a454c55696f6d707a677b716d6457746d72747f7865577b39746b57797265602f3942273a32574f48474c5f6c676a776f5f7a65666e65786f7257616466672d394227303a5d45404f4e5f6e6f627567577160636c657a732d39422f38305f4d484744576e65727662557467707675786f2533422d3038554d424f4c576e726b7d5f6a7d6c666d7a792531402f3830554d404746556c6f736d5d6b6d66746d787c2f33482f32385f4f424f44556d776e7e635f667a63772f3942253238554d404f4c57706766796d656e576565646d393c26656e55623d3a3e643369323461383f336a3630656964303e36336b643c693d623d6b3c303a60326b64373d33362c7d676c76354b66766d6c2d3238436e6924267f6f667235416474676e2f38304b7a6b732f38304f706d6c4f4e2d323845666d69646f266b6b6e3d392e6d6c6a5d623766643832306b3b3431316a36313b6b3538646c3d63686e613c6d69616d393b6434673d6c37353863&jb=3939342c66713545657a6164666127304c3f2e322d303022523131253b402d30384c616e7d7225383a78303e55363c212f3232437a7a6c675f676241637425324e373b3526333e253a3a2841425445442f324b2d38306e6b616f253038456569616f29253a324b6a7a6f65652d38463b38392638243026382f3232516b6c61706127324c3f33372e3b34
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

Strict-Transport-Security
max-age=31536000
Keep-Alive
timeout=2, max=99
Date
Thu, 26 Sep 2024 21:19:05 GMT
Content-Type
text/javascript;charset=UTF-8
Server
Apache
Connection
Keep-Alive
9QpdFmf63V7djtIX
w2txo5aa6aasod6q7uwepf5cq3z5zart5nuicokd69352d6174e35d90sac.d.aa.online-metrix.net/ Frame C729 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2txo5aa6aasod6q7uwepf5cq3z5zart5nuicokd69352d6174e35d90sac.d.aa.online-metrix.net/9QpdFmf63V7djtIX?e3da401d23a22431=sAuLuJlPbL72obl4KqtD5cjQhFMtWFF5_nmQRhMaP7PW_QZ0Vif5ub29yppn2DxJyDn7z-XWdbFUN6Gw22WiGlbjSOtP6rBFyqkUlpJgSwBfDjpkTS_tPD1raeHyqUNnLfVs_Q3ybiYBcTOjVcS-HYgWD73vgqO1ucWX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.158.3 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
close
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
81
Date
Thu, 26 Sep 2024 21:19:06 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png
Server
Apache
AnLG7C7vNppWyUPO
imgs.signifyd.com/ Frame C729 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/AnLG7C7vNppWyUPO?cbd4d9c5055d56b5=sB8Wfl3mD_DdDSl3xCVji0RzYGV_emvkHvetlqXbqNl4kzRf1cTNnPvkWE65Ddw6X0_S1uoEqaoVDeHid04iVcaY7TFJaVJI520v7c1-CjzF6v__fDznLqi1P2mW_9ccjSZRyecRW-5wvtV2KMS2SlEOd40KI6HNPgtMxMceGA_Ej3sl4yDN7H7rInLhEfpIsV4IjFqY_iqQkAPVRGA&jac=1&je=303e262c67656c6037283b2d38433327384933273a41393a6f6130336d3b30343b3938393b3d373a68623d3d6f666d31383430613a6f62646e61376c6b6636653e356a616a376b386e3e66683a373b6d68636c3d38662b
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

Strict-Transport-Security
max-age=31536000
Keep-Alive
timeout=2, max=98
Date
Thu, 26 Sep 2024 21:19:06 GMT
Content-Type
text/javascript;charset=UTF-8
Server
Apache
Connection
Keep-Alive
KzylaIaCtqktyLSt
imgs.signifyd.com/ Frame C729 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/KzylaIaCtqktyLSt?0a2b1e17a8a87ff6=rFU5M4NG7DktoPm3w9bdhpppTdau_BAcMTpV9W6HkQyPVFQWnkCfYBE3tZ_BIrdWymjGqu1yTfq_R4OaTm5ckrj9MMtnHvhnFgehEyFeU3f1OWPiwHU0DSCYb2vVOe6UZUE1Czqg-FUQOvPqWmCXM4L56sfLZ1VuGKNQcqoBmuzy84yjCyJVZv4wAo07YzudNl90b7I_AHL3EKbcuoY&jf=3c3b342c79696c57786e6c357e64705d69614b4f5b647853726c5131724d7a462e736164576e617e6f3d393f38373b303f3536342c7969665776797a6f3d77656a386d616c7369267b6364556165713539303d31393033313a3c30353a63383c3e3863653b663830383138363832326b32363c3069653b6c3a3332333a3d30313c30303a3a3464386e3b3a646d376a62383e38686f373e6b3e656d6c6e613a326c3a32666961346e3d386661386138676e333936303b306b6b346c3e3a643a396e3930346e3835663936313e333736316d3a3b353d646c62313e316c3e643a3f3d343c316863333b33383934313b666b693939643131386069336d346d3c386f3864383e32362e7b63645d71636d3d313836343a383230326c3130363d6269666d3e356b3e363d6d6e306a6b6c6135353b6e62643b32656b3c31643230603a613d366c666e6f623d3e6438693a346a6a33316764323e62323a3030383b3236393c326966313131343c68373f38346e6b6b306a3f683864663f3a323a3b34353a6c3131646a3b383330663c363a3c336b3e32383939663a3a39393a24796366703532
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=98
Date
Thu, 26 Sep 2024 21:19:06 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png;charset=UTF-8
Server
Apache
doQ_-0vx9IamIpjJ
imgs.signifyd.com/ Frame C729 		0
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/doQ_-0vx9IamIpjJ?a609f30a7755b984=6kiu3-U2Npa3dIz5CtZ7DBF3LpVrKKIsZySBe-E6XG4vZfaPWdvbhlBY5bWmGkWG0ywlkFMxO4eXdoClvwza8KERotm1D5sBiJw4xY7_Pp_FxjrNqJhO-1fhDVicKhjSculgrk5_pQN4tHsVXq2t8LyYE4A&jac=1&je=3d33302c2c77616137313f3a2431352c3a24342e39322e3b2431382e3a3639247f65613d393c37243b313c26383031263b3031247d63363f6e66626c303164333f386a606d303230323b3730383a38326c312e78673d6c6d2c6861767b763d2f3d4225323a6e6d746d6c2d323a2f334b3b2e38382f324b2d383271766b7e75712d30322f394125323a6160637a67616e6f2f32382f374c2e6b756c6037636335683365346d34383b696361633e643a633f6339393a33333c39343e6a3f633b393d3934603e6e38666c36383c3a3033386e673c6438336e636c32343f33266d70393d6b39396336673a3f39673033643a3d3766336e666a326c3830376933383e3e61306a6f633b6b396224776b623d273f40253838617263606b7c676b747d726d2f32382f33492d38322d3a382530412f38326061766e6f797325323a273b432d323a253a38253849253a3a687269666e732730382f33432d37422f3f4425324b273a306e75646c5e6f7279636f664463737c2d383227314b2f35402d37442f384325323a6f6760616c6d253a3825394b66696479652d3a4925303067656467642732382f3341253a302d303a253a432d38327a66617c6e6572652d383227314b2f32302d30322f384325323a7264637c666772655c6578796967662f323a2d39412730382f32302d30432f3832776f7f343c273a322d33496c616679652d3f4e267d69663d2735482f32306a7061646e7325323a273b432d354a253d4e253849253a3a676f6a6166652730382f33436e636c796f2532432d303a7264617c6667786d2f38322d3b4b253a3a2f3230273d4e
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/PGLaSs5VO93iUpet?ec8f44afea99d3c6=nc2qtYaGMTIzQtRR0k9Y9z14fzBN4ylYqS6-Lx5HMf2BMbBy0et8Rbq3p3b_IgDUWPD425zriUvcDA255JhMfB4P9cbr1h1-b-qGKw1eqLlsI60r77uGpREpUKeeLvghcxXZ_Zz-iRBbx2w9CbIlOvIdj9tBMPQ-Bx-OZ-jD04wYMnNMvIEz2g0BD2IUmjGuiMa9ap1xfV0h8N3T&jb=3d3a262c6073677d374c61667f78246879653d4e616c75722c6a73627d3f4b6a7a6f65652e6073683743607a656d6d2d3830333033
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.elfcosmetics.co.uk/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
0
Keep-Alive
timeout=2, max=97
Date
Thu, 26 Sep 2024 21:19:06 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript
Server
Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host string| _pxAppId function| $ function| jQuery object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| ytCCPlayer object| ytBTSPlayer function| onYouTubePlayerAPIReady function| onCCPlayerReady function| onBTSPlayerReady object| content object| __LOADABLE_LOADED_CHUNKS__ function| yo_aTagRewrite function| yo_rewriteJSON function| _ object| regeneratorRuntime function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive object| viewedProductIdsForPage object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otIsInitialized function| OptanonWrapper object| DYcustom string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| PXXT4Gy2ig object| PX object| Optanon object| OneTrust boolean| otLastAcceptAllValue object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL function| a0_0x3eec function| a0_0x20c7 object| sigScriptLoader object| SIG_SCRIPT_DEBUG object| threatmetrix boolean| tmx_profiling_started function| tmx_run_page_fingerprinting function| tmx_post_session_params_fixed

18 Cookies

Domain/Path Name / Value
www.elfcosmetics.co.uk/ Name: _pxhd
Value: O7iwjuBKehx9FaYr-C731huNxLVtCYS8rURr4trsYfvNc/hG7gNSMY506uVDrt0BKALEdR5EDMZL2WsURrIuIw==:0xuLcDKbLJbygPXou/-Y-ZuGdbjJeCnbq2-BFnGrlsQCfUI5ZJatMe4LZmUhR3-ORrd4KLqS-3JP2AQkUK-sHdImPPavNnOashL8-oDP6Mg=
.youtube.com/ Name: YSC
Value: eu1bneCN7Bs
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: KoomvtEHzzk
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJDQRIEGgAgaw%3D%3D
.vimeo.com/ Name: _cfuvid
Value: f4_jhFMcB7x40Sq3GEpa_BGBmq8dIb18bH0cElorEvM-1727385541342-0.0.1.1-604800000
.vimeo.com/ Name: vuid
Value: pl2060665358.990157818
.vimeo.com/ Name: __cf_bm
Value: 25c7578NStORLTy3J34LVSznTymaATJ7fSxX.cAZZU4-1727385541-1.0.1.1-TWKwCafVIwH3r16rN75aNE3L.C5NN1TiHBgosjJey0uVLLANKztI7XG3TLBLnd.j
www.elfcosmetics.co.uk/ Name: initAuthComplete
Value: true
.elfcosmetics.co.uk/ Name: ab.storage.sessionId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: g%3A44047fe9-98d8-aa8f-ddb6-a60283920d8d%7Ce%3A1727387342538%7Cc%3A1727385542538%7Cl%3A1727385542538
.elfcosmetics.co.uk/ Name: ab.storage.deviceId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: g%3A3f5554c2-f731-5697-3789-9bffdb35bc37%7Ce%3Aundefined%7Cc%3A1727385542540%7Cl%3A1727385542540
.elfcosmetics.co.uk/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Sep+26+2024+14%3A19%3A03+GMT-0700+(Pacific+Daylight+Time)&version=202406.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=187b239e-b88a-44e1-968a-c49da3ba46b4&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1%2C5%3A1
.elfcosmetics.co.uk/ Name: pxcts
Value: f47d9413-7c4c-11ef-b8c0-e3beb5d2bc54
.elfcosmetics.co.uk/ Name: _pxvid
Value: f1d1276b-7c4c-11ef-bd1f-9600ac31841e
.elfcosmetics.co.uk/ Name: _px3
Value: 305eb93a6db1493172a4658c9b4d1fffa12678566b59c533c14fdc369763a177:ub4p13XSF8xyuzgxNtNoiZ+wOHSmO0y0irbUEcX2ze9SYgktaLBrb6NPM/Ma37/IKYrc17sk1q+gKyh4KivEEg==:1000:+0jtLLVwYLkwnjANSlX/s59knrD08PfoylVoxIeYQimuPuUTcs6RFidBJ+glkOhIv+t197gakRCw54JAM2wzNSwsKycfZVlQn24pTKbOz3/QbMmw48aiE0mpisz5FdYbJB0MoURu+nqII/HkFjDPb9JNSOvCv5PuQWsnUIk7J0y/slO61V4Z5PgyOj1MAx/5VPrRU7/NpqqtyVxAIlU0kOTL+GsKNaWydy69s4p58RE=
www.elfcosmetics.co.uk/ Name: dwanonymous_d0d57f92086b8d4216742497990aeda2
Value: abkKk0wuxGxbsRkelKmqYYlulJ
www.elfcosmetics.co.uk/ Name: dwsid
Value: IkB4iqLJMvshCRvoK8Vzt8je2LPoPKL6FVDx_HEQgyWg_nhJVRnpKIXpHDhqNJORyrYkPj0nlgN5YL99risXew==
imgs.signifyd.com/ Name: thx_guid
Value: d29547c2f926c7778b49552f86c6c4fc
imgs.signifyd.com/ Name: tmx_guid
Value: AAxql2W8IZZqd6Cz-9QRxs6GCiqMuk4JWwx8s4kruncnHj56NGdiAcRc-CIVay-Mrbt4e_YcZran1AB9Io3ThAMec_in2A

5 Console Messages

Source Level URL
Text
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 395)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 395)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 395)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
javascript error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Access to image at 'https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1c_' from origin 'https://www.elfcosmetics.co.uk' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn-fsly.yottaa.net/5dbb1b444f1bbf5af87e1113/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1c_
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cquotient.com
api.ipify.org
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.cookielaw.org
cdn.media.amplience.net
cdn.static.amplience.net
code.jquery.com
collector-pxxt4gy2ig.px-cloud.net
elfcosmetics.a.bigcontent.io
geolocation.onetrust.com
h.online-metrix.net
h64.online-metrix.net
imgs.signifyd.com
player.vimeo.com
qoe-1.yottaa.net
sdk.iad-05.braze.com
t.paypal.com
w2txo5aa6aasod6q7uwepf5cq3z5zart5nuicokd69352d6174e35d90sac.d.aa.online-metrix.net
www.cosmeticscriminal.co.uk
www.elfcosmetics.co.uk
www.paypal.com
www.paypalobjects.com
www.youtube.com
cdn-fsly.yottaa.net
104.18.38.107
104.26.12.205
108.138.106.40
151.101.1.21
151.101.130.133
151.101.3.1
151.101.65.21
162.159.138.60
165.254.198.210
172.64.145.183
192.225.157.157
192.225.158.1
192.225.158.3
192.229.210.155
204.141.89.251
204.2.48.22
2606:4700:4400::6812:2089
2606:4700:4400::6812:20dd
2606:4700:4400::ac40:96d1
2606:4700::6812:562a
2607:f8b0:4023:1407::88
2607:f8b0:4023:1419::5b
2620:f3:0:14:b401:8ee8:4321:ad82
2a04:4e42:400::649
35.190.10.96
54.165.23.229
04e3a4fa4a9dbf1d6b0303513da6048169e6818f44390956d2011a230545e463
07c2787da6bd67b5a76089805a2056af212964471634ba1858480015397be59e
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
1961d18c3e6b963bbb09b850a484e8c10fca2938ffe503e4f693c6e673618f87
1a69edfa8b18d3fdf995628faed84a7660dd3144fe7f4e5639e945861ba7815a
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
35c3162b611c3aaa72c002b914be112f207e0f3bce58a033ec0437d9aad814e9
36cb859be5a639c678f317d76c5c589da1b5e08820fcce41d67c38b517efa959
37d207a7297589d062c2af128ee513190a9297959cb24c68078f68d64b899c98
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
48c8e0af17f35bd3dc4b961886d48e646050403e04fce05f5de53fd3ceda09b0
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4ae7d857dd8d096a5198b1e8280de9f929ca88d690e445731b6ffdffbf2b8383
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
4d9543949071859ed9629a9c5b527f1d586f6636657c87410eb7bc0dbeb4feca
4e277b87d65e419f9f6925abc6c010c316e96c9fa27c1001d40f20e6542006f4
4edb3f1f8801514d33f03ca0781b9f8b21fbceffb9495438803e20f91e0ff005
4ff6c8301caeaa395ca4ea018d5aca89fc688c5913ab2bffbf4f9f1359746813
5aff3f6aaa027feccc81fc8d0457bba98030c901ef968252167d6b0271ef3839
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
60604eb6ccf99a00d1666b9081d65b4e917ba2b4d295403e2a75887326aa3e15
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
66747746ab69ea2b6f5219fb9b4e6318b0631eff561b8659453e2ba9850dfd4b
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
77a35ca4d195c4c9ea26d6040cc2ea2598ac44c05e7cb93616ffeff2be5f7162
77d18f52509b535871fdc662b0e6fff7f6d8391bf2af147e02a15717c4bc7d03
794b9f4fa15362394d9913554121b956f2ee5f5dc368540a8cc761dc9c7668f1
7a0204422805f76d793709204fd52e753cb059e5dd5099e41781499c8072e726
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
880e492109f305ced24544df1e461024572032fce300d28de5f058e34db17c66
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8ab5f6c2c8b700330c1512dad8c18e7fab1c596de153afdb9621fe6ce9de9388
8cb2ac35adc7dee4b051d05a7ffc844c9f61eb67b3ce350a16a552f98ffc4172
8e224e1d21ac4f1bd3e582e616ed654e7b869382d2af550afc704f9bc1ead1df
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
911e25ea789b35cecb213533e3e37314c942e2988517b91f5926aadc8be3633b
91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9c2b2c04ed9fe9f0ad55944887ebe50a83871df38a83b6dd2905add6579b9f2c
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
b3efc48717edad187198d0a608a3b3a8195f0e5b6b6b41f27b78824796cbd61e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd2387aa7fce3761291afcefea9a7bcb85652ffd781ba6a2c0afb22c1ac00fe1
cdbeef0b146607f5137f8f5434eeab8625ee0801da2af33e045528d191e512d0
d1c837b83e593f154428f1615709ad1146a51818f6973ad5ea0d24c2bb619670
d42963d04775f09b1f7834b7fc62019aca171c718b81f5b895ccafa44b20fcda
d57a7b15b96385b45edafd51106b322a29c30e5cd72de9ba9ea7d97d7a0475f1
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8
dd1c521c09b85be1676a99323c2b5de3031bcab6d32c16e92cea7e3d4ecf19a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855