urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmetics.co.uk Open in urlscan Pro
204.2.131.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cosmeticcriminals.co.uk/
Effective URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Submission: On August 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 2 countries across 18 domains to perform 91 HTTP transactions. The main IP is 204.2.131.137, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.co.uk. The Cisco Umbrella rank of the primary domain is 770690.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time www.elfcosmetics.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 204.2.138.107 393259 (YOTTAA-AS-1)
1 14 204.2.131.137 393259 (YOTTAA-AS-1)
2 162.159.138.60 13335 (CLOUDFLAR...)
3 172.217.165.142 15169 (GOOGLE)
2 12 23.48.224.13 20940 (AKAMAI-ASN1)
1 151.101.66.137 54113 (FASTLY)
3 151.101.194.133 54113 (FASTLY)
2 23.48.224.6 20940 (AKAMAI-ASN1)
11 104.18.87.42 13335 (CLOUDFLAR...)
2 104.26.13.205 13335 (CLOUDFLAR...)
5 172.64.149.149 13335 (CLOUDFLAR...)
2 35.190.10.96 15169 (GOOGLE)
4 151.101.193.21 54113 (FASTLY)
1 172.64.155.119 13335 (CLOUDFLAR...)
1 151.101.1.21 54113 (FASTLY)
2 151.101.67.1 54113 (FASTLY)
2 192.229.210.155 15133 (EDGECAST)
2 44.209.205.143 14618 (AMAZON-AES)
3 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 108.138.106.40 16509 (AMAZON-02)
13 192.225.157.157 30286 (THM)
1 192.225.158.1 30286 (THM)
1 2620:f3:0:14:... 30286 (THM)
1 192.225.158.3 30286 (THM)
91 24
1    204.2.138.107 (United States)

ASN393259 (YOTTAA-AS-1, US)
cosmeticcriminals.co.uk
14    204.2.131.137 (United States)

ASN393259 (YOTTAA-AS-1, US)
www.elfcosmetics.co.uk
2    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
3    172.217.165.142 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f14.1e100.net
www.youtube.com
12    23.48.224.13 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-13.deploy.static.akamaitechnologies.com
cdn.media.amplience.net
1    151.101.66.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn-fsly.yottaa.net
2    23.48.224.6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-6.deploy.static.akamaitechnologies.com
cdn.static.amplience.net
11    104.18.87.42 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
5    172.64.149.149 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
2    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxxt4gy2ig.px-cloud.net
4    151.101.193.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    172.64.155.119 (None, )

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    151.101.67.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
2    192.229.210.155 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    44.209.205.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-205-143.compute-1.amazonaws.com
api.cquotient.com
3    2600:141b:1c00:23::1730:e044 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
elfcosmetics.a.bigcontent.io
2    108.138.106.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-40.jfk50.r.cloudfront.net
cdn-scripts.signifyd.com
13    192.225.157.157 (United States)

ASN30286 (THM, US)
imgs.signifyd.com
1    192.225.158.1 (United States)

ASN30286 (THM, US)
h.online-metrix.net
1    2620:f3:0:14:b401:8ee8:4321:ad82 (United States)

ASN30286 (THM, US)
h64.online-metrix.net
1    192.225.158.3 (United States)

ASN30286 (THM, US)
w2txo5aa4ketvjvxont2m4ancbqjyhtuf3vojyfj3987ebfc2332474fsac.d.aa.online-metrix.net
Apex Domain
Subdomains		 Transfer
15 signifyd.com
cdn-scripts.signifyd.com — Cisco Umbrella Rank: 10828
imgs.signifyd.com — Cisco Umbrella Rank: 8265
73 KB
14 amplience.net
cdn.media.amplience.net — Cisco Umbrella Rank: 17159
cdn.static.amplience.net — Cisco Umbrella Rank: 57868
6 MB
14 elfcosmetics.co.uk
www.elfcosmetics.co.uk — Cisco Umbrella Rank: 770690
392 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
170 KB
7 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3677
t.paypal.com — Cisco Umbrella Rank: 4582
127 KB
5 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 3003
1 KB
3 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 4355
h64.online-metrix.net — Cisco Umbrella Rank: 2866
w2txo5aa4ketvjvxont2m4ancbqjyhtuf3vojyfj3987ebfc2332474fsac.d.aa.online-metrix.net
837 B
3 bigcontent.io
elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 309547
8 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
13 KB
3 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 35589 Failed
1 MB
2 cquotient.com
api.cquotient.com — Cisco Umbrella Rank: 54198
519 B
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 3281
16 KB
2 px-cloud.net
collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 929719
2 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2512
230 B
2 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 3381
12 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
309 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
24 KB
1 cosmeticcriminals.co.uk
cosmeticcriminals.co.uk
1 KB
91 18
Domain Requested by
14 www.elfcosmetics.co.uk 1 redirects www.elfcosmetics.co.uk
cdn-fsly.yottaa.net
13 imgs.signifyd.com www.elfcosmetics.co.uk
imgs.signifyd.com
12 cdn.media.amplience.net 2 redirects www.elfcosmetics.co.uk
11 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
www.elfcosmetics.co.uk
5 www.paypal.com www.elfcosmetics.co.uk
www.paypal.com
5 sdk.iad-05.braze.com cdn-fsly.yottaa.net
3 elfcosmetics.a.bigcontent.io
3 www.youtube.com www.elfcosmetics.co.uk
3 cdn-fsly.yottaa.net www.elfcosmetics.co.uk
2 cdn-scripts.signifyd.com www.elfcosmetics.co.uk
2 api.cquotient.com cdn-fsly.yottaa.net
2 www.paypalobjects.com www.elfcosmetics.co.uk
2 t.paypal.com
2 collector-pxxt4gy2ig.px-cloud.net www.elfcosmetics.co.uk
2 api.ipify.org cdn-fsly.yottaa.net
2 cdn.static.amplience.net www.elfcosmetics.co.uk
2 player.vimeo.com www.elfcosmetics.co.uk
1 w2txo5aa4ketvjvxont2m4ancbqjyhtuf3vojyfj3987ebfc2332474fsac.d.aa.online-metrix.net
1 h64.online-metrix.net imgs.signifyd.com
1 h.online-metrix.net imgs.signifyd.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 code.jquery.com www.elfcosmetics.co.uk
1 cosmeticcriminals.co.uk 1 redirects
91 23
Subject Issuer Validity Valid
*.elfcosmetics.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2023-09-25 -
2024-10-25		 a year crt.sh
player.vimeo.com
WE1		 2024-07-25 -
2024-10-23		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-05 -
2025-08-14		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2023-09-13 -
2024-10-14		 a year crt.sh
cookielaw.org
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
ipify.org
WE1		 2024-07-18 -
2024-10-16		 3 months crt.sh
sdk.iad-05.braze.com
WE1		 2024-08-15 -
2024-11-13		 3 months crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2024-08-16 -
2025-09-15		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
geolocation.onetrust.com
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 a year crt.sh
*.cquotient.com
Amazon RSA 2048 M02		 2024-03-05 -
2025-04-02		 a year crt.sh
*.bigcontent.io
GeoTrust TLS RSA CA G1		 2024-06-13 -
2025-05-03		 a year crt.sh
cdn-scripts.signifyd.com
Amazon RSA 2048 M02		 2024-06-02 -
2025-06-30		 a year crt.sh
imgs.signifyd.com
Go Daddy Secure Certificate Authority - G2		 2023-10-20 -
2024-11-20		 a year crt.sh
online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2024-03-20 -
2024-10-21		 7 months crt.sh
*.aa.online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2024-03-20 -
2024-10-21		 7 months crt.sh

This page contains 9 frames:

Primary Page: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Frame ID: 69C1F0E959E9BEBB036333B4B7FB7376
Requests: 71 HTTP requests in this frame

Frame: https://player.vimeo.com/video/985935623?h=0fd60177fc&badge=0&autopause=0&player_id=0&app_id=58479
Frame ID: CBE5D10F54724ABE47590050CF5F3022
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/rZPCKoUReO0?enablejsapi=1
Frame ID: 5705F3A6602362AA95EE0ED5ABA02DA1
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.9&integrationType=SDK
Frame ID: 1309D6CEEAB63BDB549466373D533DEF
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 22ECA63F5916B6062DEFF7D9A5D517D2
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Frame ID: 446E57DCAFE1BE9F40D5F52E25CB8575
Requests: 12 HTTP requests in this frame

Frame: https://imgs.signifyd.com/mXP2CnL2EF2nv7l1?be59c25ae15a56b7=iraInaNZbTV185CCTyscornIXz1rv-g3uo7lKXgmlw6D5K27Hn6hHc-sn6lZwOoldVVQJODOGC1u-RUHPtUORlIqMrNP19W6hH8KCzp75sQvCNeSmOpHcikq9FT_1OjyXG57PuexVbJkq6nM4PnNfc0eulxep41ilEai1J3-SgGtoftJaLHlvGd0FXwf1HRkCZA6frBpiV35nIIxB_I
Frame ID: 7B1EDCB850CB32E157D8B3EB95C3A2D9
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/u3clOD_DblY_XYmI?cee6c482c42039b9=AcDpSAdzKRy58_vPXpdQOEP6QU_7Yjyrh_xYXTCr80SW9OY1hygbsj51nzXALuD-npacMUXt0kuKMRTYv33fQOnTLt89W_ZDesqryH1BcMZxDXsHkq11f2QruN0Nw0LxOOLbQ7omkxrcq6yecmnCq-j_OvGybX4FlORozA9iKYDZzQLLSpc5yMv5Vykhgg8cJKJPdhbBiJWlN2haaXgF
Frame ID: A833692C53F7CEBD7E643615965A2E4E
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/Hx9-r7077NE_abXx?ec23c55bde3217d0=9TEww9qQcZ8dE26S-2dL5XxSqbMlkMO4NQGkF94M0gQWCDA8-vlG5gQAsSbsDUBeW7mxqRl_Qv-cRkLl4FgVfF0C5dd4cIs-ZjqNAHd6u7UR5O8jrMWSCkdrCaKHcLX4KSFnnFo71JC5snqI_MtXowoNhEoJurT30nBojdVDfd880tU2fPgf3DNitc4Yt_Nb7QJY_oUYrAc-iHqHxCjc
Frame ID: 3B12E355EF1853DD0181CE3ECB2884F7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cosmetic Criminals | e.l.f. Cosmetics

Page URL History Show full URLs

  1. https://cosmeticcriminals.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/elf-cosmetic-criminals Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

91
Requests

92 %
HTTPS

8 %
IPv6

18
Domains

23
Subdomains

24
IPs

2
Countries

8431 kB
Transfer

13881 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cosmeticcriminals.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/elf-cosmetic-criminals Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_CRIMESCENE_VID/mp4_720p HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
Request Chain 22
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_COSMETIC_CRIMINALS_VID/mp4_720p HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
Request Chain 30
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=9Qtaj_CYaC1jXXNByODH_Q_eHpYy24jP4_JaYwPAK9Y HTTP 303
  • https://www.elfcosmetics.co.uk/callback?usid=19a1f205-0170-43a4-b929-9ecb0f46a479&code=b4Xd0Kj5nKY1vY8MiVJ3qh-t3UBQZ18IRhHxb_duqmU

91 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request elf-cosmetic-criminals
www.elfcosmetics.co.uk/
Redirect Chain
  • https://cosmeticcriminals.co.uk/
  • https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
1 MB
257 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b64b52a2bdf96baa45c806725c3e922d6e415c234dd685809ba04f1d3e26bd05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
public, must-revalidate, s-maxage=900
content-encoding
gzip
content-length
261951
content-type
text/html; charset=utf-8
date
Wed, 21 Aug 2024 06:54:24 GMT
etag
W/"f82a1-HEAV7OL/MTgdnWiHLOG9mSialG8"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 361be9423fbc0d226d13a3e0f5517234.cloudfront.net (CloudFront)
x-amz-apigw-id
c2NM6G0TCYcEoyg=
x-amz-cf-id
f_A1jKgUjcPT5_RfRyIypc6jOtbhges8Pc50cW0y2Sx_xVs6BwVCqg==
x-amz-cf-pop
ORD52-C2
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
1016481
x-amzn-remapped-date
Wed, 21 Aug 2024 06:54:24 GMT
x-amzn-requestid
afa5ec10-d02d-4f7c-8f08-cc83b8201c4b
x-amzn-trace-id
Root=1-66c58f1f-14e0578948cad95e6d6fd7d9;Parent=09e767487191f3e4;Sampled=0;lineage=dcd1e669:0
x-cache
Miss from cloudfront
x-yottaa-metrics
2621cc028331/[1538,1392,-] 26D1cc028389/[-,1671.329]
x-yottaa-optimizations
ob/1000000100001000 si/26D1cc028389-1724190792-5238514729 tts/1717701333621 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-yottaa-os
200

Redirect headers

age
0
content-length
1197
content-type
text/html; charset=utf-8
date
Wed, 21 Aug 2024 06:54:22 GMT
location
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
vary
User-Agent
x-yottaa-fw
fb/100000 tid/658f1f27d931403bb4ae5240 rid/658f266dd931403bb4ae60ab stid/5ad7b08e2bb0ac0c5ba3d38c
x-yottaa-metrics
25D1cc028a6b/[-,0.150]
x-yottaa-optimizations
ob/0 si/25D1cc028a6b-1724190791-699447620 tts/1724223262865 ti/0 ai/658f1f27d931403bb4ae5240
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin
https://www.elfcosmetics.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin
https://www.elfcosmetics.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
985935623
player.vimeo.com/video/ Frame CBE5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/985935623?h=0fd60177fc&badge=0&autopause=0&player_id=0&app_id=58479
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-Ray
8b68b62e3b9342b0-EWR
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Aug 2024 06:54:25 GMT
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 varnish
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-b44b65fb5-djswl
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-host
player-backend-b44b65fb5-djswl
x-player-backend
g
x-served-by
cache-lga21937-LGA
x-timer
S1724223265.015743,VS0,VE253
x-xss-protection
1; mode=block
rZPCKoUReO0
www.youtube.com/embed/ Frame 5705 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/rZPCKoUReO0?enablejsapi=1
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Aug 2024 06:54:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
PWT_STORY_HEADER_DESKTOP_BG-min
cdn.media.amplience.net/i/elfcosmetics/ 		630 KB
630 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_BG-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-13.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
h-pEhIV59,l4p5bDg2e,2orsu9Nt2,k4NPUWi7z
x-req-id
u3126KnTh_
content-length
644728
x-xss-protection
1; mode=block
x-amp-source-height
1249
server
Unknown
x-frame-options
DENY
x-amp-source-width
3199
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
PWT_STORY_HEADER_DESKTOP_CC-min
cdn.media.amplience.net/i/elfcosmetics/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_CC-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-13.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
sP7lQzVeu,l4p5bDg2e,HwG53bbZp,UyB2-aY-L
x-req-id
hAuntbg0oI
content-length
209440
x-xss-protection
1; mode=block
x-amp-source-height
340
server
Unknown
x-frame-options
DENY
x-amp-source-width
800
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
PWT_STORY_SOCIALLISTENING_DESKTOP_5-blurred-min
cdn.media.amplience.net/i/elfcosmetics/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_SOCIALLISTENING_DESKTOP_5-blurred-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-13.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
cdbeef0b146607f5137f8f5434eeab8625ee0801da2af33e045528d191e512d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
uSQ4fd5W5,l4p5bDg2e,hUXp-ygcH,UyB2-aY-L
x-req-id
4aJ5Rsa7KK
content-length
2085695
x-xss-protection
1; mode=block
x-amp-source-height
1484
server
Unknown
x-frame-options
DENY
x-amp-source-width
3080
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 03 Jan 2024 21:02:28 GMT
PWT_STORY_DETECTIVES_DESKTOP_6-min
cdn.media.amplience.net/i/elfcosmetics/ 		330 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_DETECTIVES_DESKTOP_6-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-13.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
8cb2ac35adc7dee4b051d05a7ffc844c9f61eb67b3ce350a16a552f98ffc4172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
I1ONKWRk2,l4p5bDg2e,q-jdDBY1E,k4NPUWi7z
x-req-id
YXeEkx6bmH
content-length
338113
x-xss-protection
1; mode=block
x-amp-source-height
1062
server
Unknown
x-frame-options
DENY
x-amp-source-width
2806
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 27 Dec 2023 17:21:33 GMT
PWT_STORY_ON_THE_CASE_DESKTOP_BTS-min
cdn.media.amplience.net/i/elfcosmetics/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_ON_THE_CASE_DESKTOP_BTS-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-13.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
7a0204422805f76d793709204fd52e753cb059e5dd5099e41781499c8072e726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
2sqD6qrVA,l4p5bDg2e,O8QiTHpoz,k4NPUWi7z
x-req-id
Ic9d5ZeNlI
content-length
184181
x-xss-protection
1; mode=block
x-amp-source-height
1108
server
Unknown
x-frame-options
DENY
x-amp-source-width
1952
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Fri, 29 Dec 2023 07:51:47 GMT
PWT_STORY_CRIME_TAPE_DESKTOP_7-min
cdn.media.amplience.net/i/elfcosmetics/ 		614 KB
614 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CRIME_TAPE_DESKTOP_7-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-13.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
37d207a7297589d062c2af128ee513190a9297959cb24c68078f68d64b899c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
b3Qpf3tPI,l4p5bDg2e,N2xhcEEJW,UyB2-aY-L
x-req-id
Du3WyGsIql
content-length
628288
x-xss-protection
1; mode=block
x-amp-source-height
525
server
Unknown
x-frame-options
DENY
x-amp-source-width
3200
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 28 Dec 2023 16:15:28 GMT
jquery-3.7.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.slim.min.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
content-encoding
gzip
via
1.1 varnish
age
2329899
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
24036
x-served-by
cache-lga21969-LGA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1724223265.270594,VS0,VE0
etag
W/"28feccc0-11278"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
13004
player.js
player.vimeo.com/api/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
794b9f4fa15362394d9913554121b956f2ee5f5dc368540a8cc761dc9c7668f1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
426
Date
Wed, 21 Aug 2024 06:54:25 GMT
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
via
1.1 varnish
Age
747
x-cache
HIT
Connection
keep-alive
x-backend-server
player-backend-edge-entry
Content-Length
11434
x-served-by
cache-lga21983-LGA
x-player-backend
g
Server
cloudflare
x-timer
S1724223265.009304,VS0,VE0
vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
access-control-allow-origin
*
Cache-Control
max-age=1800
x-bapp-server
accept-ranges
bytes
CF-RAY
8b68b62e3a8a43ac-EWR
expires
Wed, 21 Aug 2024 03:11:58 GMT
player_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f14.1e100.net
Software
ESF /
Resource Hash
e9dca3e1405640ba65996828612b9186c7e481644a75bac9ecaa9529afbbebd5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script'
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 21 Aug 2024 06:54:25 GMT
vendor.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/ 		2 MB
627 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1c837b83e593f154428f1615709ad1146a51818f6973ad5ea0d24c2bb619670

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:24 GMT
via
1.1 39a169e5169cc741a7c793f95d144134.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
PHL50-C1
age
691934
x-yottaa-optimizations
ob/1000 si/2311cc8d59ce-1721245740-785038504 tts/1717701333621 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
829241
content-length
641170
x-amz-meta-bundle
11801
x-served-by
cache-lga21943-LGA
x-yottaa-forcecache
true
last-modified
Wed, 07 Aug 2024 18:55:34 GMT
server
AmazonS3
x-timer
S1724223265.989712,VS0,VE1
etag
W/"333d899a5f2889a55122e03d1e6e7732"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
2321cc8d59e7/[312,232,-] 2311cc8d59ce/[-,681.293]
accept-ranges
bytes
x-amz-cf-id
WA_Hbur40hu1ljaZSy7b-2Yq5LA1J3pil_5Xv1xOqLSIvhBkBmn9Dg==
x-cache-hits
0
main.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/ 		2 MB
501 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/main.js?yocs=y_A_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a2e8fd4b96e51ccf6f83def36ea3fa300ffe936f638750d97246bb86fed479e

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:24 GMT
via
1.1 a0df19b3a52d309c43956e51d3e15e26.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
DFW55-C3
age
1166306
x-yottaa-optimizations
ob/1001 si/3211a5fec6ea-1721912122-2145396689 tts/1717701333621 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
829241
content-length
512339
x-amz-meta-bundle
11801
x-served-by
cache-lga21943-LGA
x-yottaa-forcecache
true
last-modified
Wed, 07 Aug 2024 18:55:33 GMT
server
AmazonS3
x-timer
S1724223265.989827,VS0,VE1
etag
W/"7662e1353abaf1bd3db897a034bff4f6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
3221a5fec60e/[157,94,-] 3211a5fec6ea/[hit]
accept-ranges
bytes
x-amz-cf-id
d1BxCOJrJzAU0EGUVpnbP04BB2HbRsWIhRSLGiVDp0cD5b4rir83Ug==
x-cache-hits
0
pages-product-list-product-list-page.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/pages-product-list-product-list-page.js?yocs=y_A_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
573bf20738a24dff3470e7ee724e8c433f5b85460659c502de261ca9d24b3b4a

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:24 GMT
via
1.1 91e7f6dd5130ccc0c1247b2da038e3de.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
ORD52-C2
age
1166199
x-yottaa-optimizations
ob/1000 si/2611cc8d5869-1722266027-1913749035 tts/1717701333621 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
829241
content-length
11987
x-amz-meta-bundle
11801
x-served-by
cache-lga21943-LGA
x-yottaa-forcecache
true
last-modified
Wed, 07 Aug 2024 18:55:34 GMT
server
AmazonS3
x-timer
S1724223265.989695,VS0,VE1
etag
W/"2e2618beb426e1b83c7a3cba660ac80d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
2621cc02835e/[21,15,-] 2611cc8d5869/[-,29.438]
accept-ranges
bytes
x-amz-cf-id
IRindRk3FVs11TePfSE2gFPRWKAHv07CnB1lTWVZ77DW4H38cshXBQ==
x-cache-hits
0
8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_CRIMESCENE_VID/mp4_720p
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Server
23.48.224.6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b3efc48717edad187198d0a608a3b3a8195f0e5b6b6b41f27b78824796cbd61e

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:26 GMT
last-modified
Fri, 22 Dec 2023 15:50:27 GMT
etag
"dd3676819bd88a250c875a11e38c307d"
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1060947/1060948
x-amp-srv
A
accept-ranges
bytes
x-amp-route
ak-s1
Content-Length
1060948

Redirect headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
server
Unknown
x-frame-options
DENY
x-amp-srv
A
cache-tag
Cee65qnsn,l4p5bDg2e,bgWw7nQ29
access-control-allow-origin
*
location
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
content-type
text/html; charset=UTF-8
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_COSMETIC_CRIMINALS_VID/mp4_720p
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Server
23.48.224.6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4ae7d857dd8d096a5198b1e8280de9f929ca88d690e445731b6ffdffbf2b8383

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:26 GMT
last-modified
Fri, 22 Dec 2023 17:43:50 GMT
etag
"91a2cbc7ca143aac79d0312d84bb77fb"
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1262366/1262367
x-amp-srv
A
accept-ranges
bytes
x-amp-route
ak-s1
Content-Length
1262367

Redirect headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
server
Unknown
x-frame-options
DENY
x-amp-srv
A
cache-tag
Tz4691wJ9,l4p5bDg2e,fH6Lo3_5e
access-control-allow-origin
*
location
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
content-type
text/html; charset=UTF-8
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
PWT_STORY_CAROUSEL_DESKTOP_3_OLIVIA-min
cdn.media.amplience.net/i/elfcosmetics/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CAROUSEL_DESKTOP_3_OLIVIA-min?fmt=auto
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-13.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
aca990e4ea5c882dcfe05c1b6de93300cc4e0ed49fe61d511422b67c9953ec0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
RRqWkncgG,l4p5bDg2e,5-jG4GMEO,WepA0szpz
x-req-id
NRJadl_Gs9
content-length
74677
x-xss-protection
1; mode=block
x-amp-source-height
1303
server
Unknown
x-frame-options
DENY
x-amp-source-width
855
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 21 Dec 2023 20:12:24 GMT
PWT_STORY_CAROUSEL_DESKTOP_3_PRODUCT_OFACE-min
cdn.media.amplience.net/i/elfcosmetics/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CAROUSEL_DESKTOP_3_PRODUCT_OFACE-min?fmt=auto
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-13.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
d7d6f2d3cc5c5e3b057e899b45fb372d18890b7b61e0df9ced47891f9bbf0061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
JMnYHiGYc,l4p5bDg2e,QvpKILV5P,DtzGFM5oJ
x-req-id
gEE1c61RWc
content-length
16698
x-xss-protection
1; mode=block
x-amp-source-height
2000
server
Unknown
x-frame-options
DENY
x-amp-source-width
2000
access-control-allow-origin
*
content-type
image/webp
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 21 Dec 2023 20:12:23 GMT
PWT_STORY_CAROUSEL_DESKTOP_3_CHARLOTTE-min
cdn.media.amplience.net/i/elfcosmetics/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CAROUSEL_DESKTOP_3_CHARLOTTE-min?fmt=auto
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-13.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
bb378098ee9eb555df3b46abb37f65c770427b74147322c7707da6f623b28144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
7BI70fesq,l4p5bDg2e,h1qKNVnZ0,WepA0szpz
x-req-id
62jGmJC1DM
content-length
52893
x-xss-protection
1; mode=block
x-amp-source-height
1324
server
Unknown
x-frame-options
DENY
x-amp-source-width
862
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 21 Dec 2023 20:12:24 GMT
PWT_STORY_CAROUSEL_DESKTOP_3_PRODUCT_H20PROOF-min
cdn.media.amplience.net/i/elfcosmetics/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CAROUSEL_DESKTOP_3_PRODUCT_H20PROOF-min?fmt=auto
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-13.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
e79dea9b0707ff2fa615359bdb9683037505ddb2a00daae13de4ae1a80055adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:25 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
PPzV13MJd,l4p5bDg2e,nb-u70u49,DtzGFM5oJ
x-req-id
YN2pkBMaVO
content-length
20738
x-xss-protection
1; mode=block
x-amp-source-height
2400
server
Unknown
x-frame-options
DENY
x-amp-source-width
2400
access-control-allow-origin
*
content-type
image/webp
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 21 Dec 2023 20:12:23 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/main.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Aug 2024 06:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7Ul52Di6PS5B5w/RS7EYIA==
age
55134
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Mon, 19 Aug 2024 18:44:02 GMT
server
cloudflare
etag
0x8DCC07EE50769B2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
aadff316-601e-0053-3b68-f28f85000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b68b6388b8041d5-EWR
/
api.ipify.org/ 		22 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa1ca7a298c05fcd0b150c05da0bfaae7c50d2a762631fcaaefb0c40b4806767

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
8b68b636fb6818f2-EWR
content-length
22
/
api.ipify.org/ 		22 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa1ca7a298c05fcd0b150c05da0bfaae7c50d2a762631fcaaefb0c40b4806767

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
8b68b6370b6d18f2-EWR
content-length
22
callback
www.elfcosmetics.co.uk/
Redirect Chain
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client...
  • https://www.elfcosmetics.co.uk/callback?usid=19a1f205-0170-43a4-b929-9ecb0f46a479&code=b4Xd0Kj5nKY1vY8MiVJ3qh-t3UBQZ18IRhHxb_duqmU
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/callback?usid=19a1f205-0170-43a4-b929-9ecb0f46a479&code=b4Xd0Kj5nKY1vY8MiVJ3qh-t3UBQZ18IRhHxb_duqmU
Protocol
H2
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 e4d445814bb6c01f7098c39c67755452.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
x-amz-cf-pop
ORD52-C2
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
1de19e64-5beb-40f8-aa5f-bd0d853b5a85
x-yottaa-optimizations
ob/1000 si/26D1cc028389-1724190792-5238514739 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
c2NNgHXYCYcEnLQ=
content-length
0
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-66c58f22-69f45a1264e6924b2006691d;Parent=37fb9b686251be57;Sampled=0;lineage=dcd1e669:0
content-type
application/json
cache-control
public, max-age=604800
x-yottaa-os
200
x-yottaa-metrics
2621cc028369/[166,160,-] 26D1cc028389/[-,168.026]
x-amzn-remapped-date
Wed, 21 Aug 2024 06:54:26 GMT
x-amz-cf-id
jlDVVRtBtuPu01tE9EgIy0AjhIc_xeSCWRqByXcuYD_Az6TXc9X-0Q==

Redirect headers

date
Wed, 21 Aug 2024 06:54:26 GMT
x-correlation-id
8b68b6395b2acf4a
via
1.1 25e7bebca39745fba964bb8cceec363e.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ORD52-C2
age
0
x-yottaa-optimizations
ob/0 si/26D1cc028389-1724190792-5238514733 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-ratelimit-1m-remaining
23543, 1980671
x-ratelimit-1m-reset
33203, 33202
x-ratelimit-1m-limit
24000, 2000000
vary
Accept-Encoding
location
https://www.elfcosmetics.co.uk/callback?usid=19a1f205-0170-43a4-b929-9ecb0f46a479&code=b4Xd0Kj5nKY1vY8MiVJ3qh-t3UBQZ18IRhHxb_duqmU
cache-control
no-store
x-yottaa-os
303
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=9Qtaj_CYaC1jXXNByODH_Q_eHpYy24jP4_JaYwPAK9Y
x-yottaa-metrics
2621cc02836b/[86,80,-] 26D1cc028389/[-,88.065]
cf-ray
8b68b6395b2acf4a-CMH
x-amz-cf-id
KZtqPI-15x20JvsYmQFSNCdBxjOygTedLhct8bPMV8VgopH2VC40Yw==
/
sdk.iad-05.braze.com/api/v3/data/ 		564 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5388dd253b656385d492a852116fb2f5aedf3412f51bd2986ae4d9b5d8d2a023
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
Referer
https://www.elfcosmetics.co.uk/
X-Requested-With
XMLHttpRequest
X-Braze-Req-Attempt
1

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
b01f4d62-7559-421f-b5b1-525fd75cc324
x-runtime
0.173856
server
cloudflare
etag
W/"5388dd253b656385d492a852116fb2f5"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1724223270
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
8b68b63ab96243c4-EWR
x-ratelimit-remaining
496.0
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8b68b63a893643c4-EWR
content-encoding
gzip
date
Wed, 21 Aug 2024 06:54:26 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
25840211-e69f-428e-bb3b-0787cffdf0e8.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/25840211-e69f-428e-bb3b-0787cffdf0e8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd2387aa7fce3761291afcefea9a7bcb85652ffd781ba6a2c0afb22c1ac00fe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Aug 2024 06:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
71671
content-md5
PTbrcjK8IhP+1ATcydxbww==
content-length
1828
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jul 2024 18:36:16 GMT
server
cloudflare
etag
0x8DCA10F2F0EACE9
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
83065864-f01e-003b-11f8-d2d1d4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b68b63aad038c1d-EWR
expires
Thu, 22 Aug 2024 06:54:27 GMT
init.js
www.elfcosmetics.co.uk/XT4Gy2ig/ 		167 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
c680a2e50f0465f89895615a4db8f2b148dd4d0f5964a73c8cc649f2018f6fd6

Request headers

Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:26 GMT
content-encoding
gzip
etag
"29a39-idzF5JQc3nGm5lKrow7DlUavCL4"
active-cdn
Akamai
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
x-yottaa-metrics
26D1cc028389/[-,42.921]
x-px-hash
ZWY4YzNlYTY4MDg3ZWYwZjJiNGRjM2Y2NjUyNzRmYzQwODNkOTk3Mjk5NjRjYTZmN2E1Zjc4OTc3OWQwODkzMA==
x-yottaa-optimizations
ob/0 si/26D1cc028389-1724190792-5238514736 tts/1724223266874 ti/0 ai/5dbb1b434f1bbf5af87e10a5
favicon.ico
www.elfcosmetics.co.uk/ 		34 KB
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:26 GMT
via
1.1 7fa75077148a5e108de410272ea8ccc4.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
34494
x-amz-cf-pop
ORD52-C2
age
189, 189
x-amzn-remapped-connection
close
x-amzn-requestid
3ce1df0b-f9d4-4dcb-aebc-377d0d098ec0
x-yottaa-optimizations
ob/10 si/26D1cc028389-1724190792-5238514735 tts/1717701333621 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront
x-amz-apigw-id
c2Lc4G4FCYcEsug=
content-length
34494
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 13 Aug 2024 06:26:18 GMT
etag
W/"86be-1914a6a7b10"
x-amzn-trace-id
Root=1-66c58c52-5191189719e2a75a6e43e522;Parent=6aceeeaae89bfa46;Sampled=0;lineage=dcd1e669:0
content-type
image/x-icon
cache-control
max-age=600, s-maxage=600
x-yottaa-metrics
2621cc02836a/[3,-,1724222735604] 26D1cc028389/[-,5.181]
accept-ranges
bytes
x-amzn-remapped-date
Wed, 21 Aug 2024 06:42:26 GMT
x-amz-cf-id
Lt9P8hpAL19OLciAAM8HbIVbY9o-WlgQXINUcTsKLUanWhAJFfz9Mw==
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e7d1e8605f37a6e5db0bfd2e5df26604b7e1475484f9d51f8373344cc3f1aaf2

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 21 Aug 2024 06:54:26 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1104
www-widgetapi.js
www.youtube.com/s/player/6db2bd17/www-widgetapi.vflset/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6db2bd17/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f14.1e100.net
Software
sffe /
Resource Hash
d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:30:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
23058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10546
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 04:16:02 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Aug 2025 00:30:08 GMT
js
www.paypal.com/sdk/ 		425 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
024331496292688a08ddab09c072445da1af4bdbd2b3c36e77ef6be1edd082c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-d8su3YahOn107lc8ge+QtGcjuSlW6Lfr6PyX46RBbE5Kd993' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-d8su3YahOn107lc8ge+QtGcjuSlW6Lfr6PyX46RBbE5Kd993' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-d8su3YahOn107lc8ge+QtGcjuSlW6Lfr6PyX46RBbE5Kd993' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-d8su3YahOn107lc8ge+QtGcjuSlW6Lfr6PyX46RBbE5Kd993' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Wed, 21 Aug 2024 06:54:27 GMT
age
984
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, HIT, MISS
p3p
true
paypal-debug-id
f9587293b31de
server-timing
"traceparent;desc="00-0000000000000000000f9587293b31de-dc4c38941436665a-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
120851
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200119-IAD, cache-lga21932-LGA, cache-lga21932-LGA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f9587293b31de-23e88c554226476d-01
x-timer
S1724223267.993356,VS0,VE14
etag
W/"1d813-OUmsYD1HA+UVdwc8xw5dxQkLIuY"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
42, 0, 0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		71 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8b68b63de9cc523f-LAX
access-control-allow-headers
Content-Type
local
www.paypal.com/credit-presentment/experiments/ Frame 1309 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.9&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
81963
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1526
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Wed, 21 Aug 2024 06:54:27 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-cSrp6ii8KZAaC9snHtNM8xjNyfA"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f8301449c3654
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f8301449c3654-f8b43faf286a4682-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f8301449c3654-002b1ac89246acfd-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, MISS
x-cache-hits
6783, 89, 0
x-served-by
cache-iad-kjyo7100052-IAD, cache-lga21972-LGA, cache-lga21972-LGA
x-timer
S1724223267.151316,VS0,VE5
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.co.uk&t=xo&v=5.0.456&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47964e6ef73b9e710211b640795701da41f9ebad7b0686c09ec0e47ebc053874
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-UJlAz0rt+mwVGoGOQr19U3FtF7xS8PKcyEOsDangZp3zl3/M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-UJlAz0rt+mwVGoGOQr19U3FtF7xS8PKcyEOsDangZp3zl3/M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 21 Aug 2024 06:54:27 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
114670
x-cache
HIT, HIT, MISS
paypal-debug-id
f5653817dbcd9
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4794
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200035-IAD, cache-lga21932-LGA, cache-lga21932-LGA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f5653817dbcd9-1e1ccafbdc770074-01
fastly-mss
ngwaf-backend
x-timer
S1724223267.148537,VS0,VE5
etag
W/"36ab-6SnGgxwTFcJcUMRqFIKMIz7eL3Y"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
276, 0, 0
token
www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
3463c623dd03e4b83435abcf0bf4c82c2bd3631bde91913879f41e21a7a87fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Authorization
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
content-encoding
gzip
x-correlation-id
8b68b63c7b7ccf43
cf-cache-status
DYNAMIC
via
1.1 16d4bcfda1468cec9dcd61512b954bd8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ORD52-C2
age
0
x-yottaa-optimizations
ob/1000 si/26D1cc028389-1724190792-5238514740 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-ratelimit-1m-remaining
23533, 1980317
x-ratelimit-1m-reset
32711, 32710
vary
Accept-Encoding, User-Agent
x-ratelimit-1m-limit
24000, 2000000
content-type
application/json
cache-control
no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics
2621cc028366/[93,92,-] 26D1cc028389/[-,96.137]
cf-ray
8b68b63c7b7ccf43-CMH
x-amz-cf-id
9DLHlT_ZNDAbJ1OLxr0Karz71FevfPUW7_BAiNwDlTwTKoAnp1zfJw==
logger
www.paypal.com/xoplatform/logger/api/ 		983 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
38fb4e2b3b27b248bb8577f60f5959e0affc160c2ad395db627daf2ece17ab6b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS, MISS
paypal-debug-id
f1581374fce7a
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kiad7000074-IAD, cache-lga21984-LGA, cache-lga21984-LGA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f1581374fce7a-03683194e14c0b1c-01
x-timer
S1724223267.277982,VS0,VE117
etag
W/"3d7-1JZRQpxDJenoezTPpGJWLJm8qPA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Wed, 21 Aug 2024 06:54:27 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f1581372f8345
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f1581372f8345-ca32ef82531e086e-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-served-by
cache-iad-kcgs7200105-IAD, cache-lga21984-LGA, cache-lga21984-LGA
x-timer
S1724223267.176364,VS0,VE96
ts
t.paypal.com/ 		42 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Cosmetic%20Criminals%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1724223267178&g=600&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Wed, 21 Aug 2024 06:54:27 GMT
date
Wed, 21 Aug 2024 06:54:27 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
9d81cb42fbc22
server-timing
"traceparent;desc="00-00000000000000000009d81cb42fbc22-4226bc1757534a20-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-iad-kcgs7200130-IAD, cache-lga21949-LGA
pragma
no-cache
correlation-id
9d81cb42fbc22
traceparent
00-00000000000000000009d81cb42fbc22-71f393a011e4009c-01
x-timer
S1724223267.220129,VS0,VE66
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8b68b63c0a2a43c4-EWR
content-encoding
gzip
date
Wed, 21 Aug 2024 06:54:27 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f29ea5eb4e212aa52055e918e85726b96910782af4755d88249de37336872877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Req-Tokens-Remaining
29
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-DataRequest
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
BRAZE-SYNC-RETRY-COUNT
0
X-Requested-With
XMLHttpRequest
Referer
https://www.elfcosmetics.co.uk/
X-Braze-Req-Attempt
1
X-Braze-ContentCardsRequest
true

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
f5f80d7a-c9a2-4aef-a1ed-bd7d5beb7691
x-runtime
0.067712
server
cloudflare
etag
W/"f29ea5eb4e212aa52055e918e85726b9"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1724223270
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
8b68b63c4a4e43c4-EWR
x-ratelimit-remaining
498.0
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D10C) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
5bc0dd54448b9
dc
ccg11-origin-www-1.paypal.com
content-length
16355
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (nyd/D10C)
traceparent
00-00000000000000000005bc0dd54448b9-2148bc8ebbce73f9-01
etag
"64f25363-daa8+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 21 Aug 2024 07:54:27 GMT
sessions
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/sessions
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4MmIyMGQwYy04YjUzLTRjMjQtYmUzMy1jMjIwMjdlYmMyZjciLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjE5YTFmMjA1LTAxNzAtNDNhNC1iOTI5LTllY2IwZjQ2YTQ3OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MjQyMjMyMzcsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia3JKRmt1d1drYnNSa2JjMWthWVlrMGNZOjpjaGlkOmVsZi1ldSIsImV4cCI6MTcyNDIyNTA2NywiaWF0IjoxNzI0MjIzMjY3LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMyODk4MDQ0MDUyMDI4NzczIn0.dVh9osaj3nPdJSrC2185ERDN9drmtBlj_hpbHXTNheJGSOkHXmB9H9giOgHgWPtVOU0o-HQpicnuAp2Qlqr02Q
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
via
1.1 28858a97d9085a1c936c63ea0b2b4b46.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-yottaa-metrics
2621cc028364/[81,79,-] 26D1cc028389/[-,83.774]
x-amz-cf-pop
ORD52-C2
age
0
x-yottaa-optimizations
ob/0 si/26D1cc028389-1724190792-5238514741 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
allow
OPTIONS,POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/sessions
accept-ranges
bytes
cf-ray
8b68b63db908cf5e-CMH
x-dw-request-base-id
AsqA2iOPxWYBAAB_
x-amz-cf-id
JfmQBqbU5t1M3TX3OXddJe2YS9g9b6NYtIlFnYBP-xOINvfhBy5hHg==
x-yottaa-os
204
expires
Thu, 01 Dec 1994 16:00:00 GMT
shoppercontext
www.elfcosmetics.co.uk/api/v1/ 		57 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/api/v1/shoppercontext?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4MmIyMGQwYy04YjUzLTRjMjQtYmUzMy1jMjIwMjdlYmMyZjciLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjE5YTFmMjA1LTAxNzAtNDNhNC1iOTI5LTllY2IwZjQ2YTQ3OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MjQyMjMyMzcsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia3JKRmt1d1drYnNSa2JjMWthWVlrMGNZOjpjaGlkOmVsZi1ldSIsImV4cCI6MTcyNDIyNTA2NywiaWF0IjoxNzI0MjIzMjY3LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMyODk4MDQ0MDUyMDI4NzczIn0.dVh9osaj3nPdJSrC2185ERDN9drmtBlj_hpbHXTNheJGSOkHXmB9H9giOgHgWPtVOU0o-HQpicnuAp2Qlqr02Q
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 1653617c8dfc2e48beca446a9a4426a0.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
57
content-encoding
gzip
x-amz-cf-pop
ORD52-C2
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
73e3b6bd-4062-4ca1-a2d2-d8b9fc236ea1
x-yottaa-optimizations
ob/1000 si/26D1cc028389-1724190792-5238514742 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
c2NNlE8lCYcEhzQ=
content-length
79
alt-svc
h3=":443"; ma=86400
etag
W/"39-LgPw152VfElAKHYfDt/MyAcU00g"
x-amzn-trace-id
Root=1-66c58f23-5ce1c08e11b3b59077d03734;Parent=1a99d5f53fa77578;Sampled=0;lineage=dcd1e669:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
2621cc028365/[524,522,-] 26D1cc028389/[-,527.807]
x-amzn-remapped-date
Wed, 21 Aug 2024 06:54:27 GMT
x-amz-cf-id
w7s4WZA0k9DuJslLCeknHxFJk7TRcO8RJ2dZCmlX98kcmALDAslCiw==
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f29ea5eb4e212aa52055e918e85726b96910782af4755d88249de37336872877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Req-Tokens-Remaining
28
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-DataRequest
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
222
BRAZE-SYNC-RETRY-COUNT
0
X-Requested-With
XMLHttpRequest
Referer
https://www.elfcosmetics.co.uk/
X-Braze-Req-Attempt
1
X-Braze-ContentCardsRequest
true

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
dd00d769-105e-4937-9f50-9e157f6725a0
x-runtime
0.069946
server
cloudflare
etag
W/"f29ea5eb4e212aa52055e918e85726b9"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1724223270
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
8b68b63d6af243c4-EWR
x-ratelimit-remaining
497.0
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		200 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=5.181.234.134
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
97288c12b80b1296fe10c5d60c188d495fd900eae4d95c41038de6e7bd002bab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 851ddb32cd4fb6ca4503e357c5e6a0cc.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
x-yottaa-optimizations
ob/1000 si/26D1cc028389-1724190792-5238514743 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=kltb4fwmR1OnsC_AO2gihuGoqtjgC7lcwY51Wjz.Fgo-1724223267-1.0.1.1-VM1neRTknyN7_jS62_vjOJrekJYhIAsy9eG6FqdDf.onIcXntfxtY1CCZBjmHaj3J8mKH16LpAFas6cNb_8wWNbgtIEj3BtM4vlrcZyX66Xjy6GEQGjbBXEvQkl8xbDn8dBXkU.v0JHIIv6WK5MrF.J4IYVPh.1WDzgt.QdWuFgbrdT3l2xRci1Tla6p0Nu3; report-to cf-csp-endpoint
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=kltb4fwmR1OnsC_AO2gihuGoqtjgC7lcwY51Wjz.Fgo-1724223267-1.0.1.1-VM1neRTknyN7_jS62_vjOJrekJYhIAsy9eG6FqdDf.onIcXntfxtY1CCZBjmHaj3J8mKH16LpAFas6cNb_8wWNbgtIEj3BtM4vlrcZyX66Xjy6GEQGjbBXEvQkl8xbDn8dBXkU.v0JHIIv6WK5MrF.J4IYVPh.1WDzgt.QdWuFgbrdT3l2xRci1Tla6p0Nu3"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=5.181.234.134
x-yottaa-metrics
2621cc028363/[152,150,-] 26D1cc028389/[-,154.092]
cf-ray
8b68b63e8999cf5e-CMH
x-dw-request-base-id
fJTy7yOPxWYBAAB_
x-amz-cf-id
EohIDwz_C5LGqDzNJBNaLmSGH7FRivybCMbOl6LsRgBqGQw27HViFA==
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		200 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=5.181.234.134
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
97288c12b80b1296fe10c5d60c188d495fd900eae4d95c41038de6e7bd002bab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 249aa6f890bf73000af910ed0724d954.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
x-yottaa-optimizations
ob/1000 si/26D1cc028389-1724190792-5238514747 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=5.181.234.134
x-yottaa-metrics
2621cc028335/[96,90,-] 26D1cc028389/[-,98.968]
cf-ray
8b68b63fde41cf32-CMH
x-dw-request-base-id
AsqG2iOPxWYBAAB_
x-amz-cf-id
XQ7E7N2axjwKtY1MtKrofWWm-uDT4v1awLnL92OtGx9sUqJstgLIRQ==
baskets
www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkrJFkuwWkbsRkbc1kaYYk0cY/ 		11 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkrJFkuwWkbsRkbc1kaYYk0cY/baskets?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4MmIyMGQwYy04YjUzLTRjMjQtYmUzMy1jMjIwMjdlYmMyZjciLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjE5YTFmMjA1LTAxNzAtNDNhNC1iOTI5LTllY2IwZjQ2YTQ3OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MjQyMjMyMzcsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia3JKRmt1d1drYnNSa2JjMWthWVlrMGNZOjpjaGlkOmVsZi1ldSIsImV4cCI6MTcyNDIyNTA2NywiaWF0IjoxNzI0MjIzMjY3LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMyODk4MDQ0MDUyMDI4NzczIn0.dVh9osaj3nPdJSrC2185ERDN9drmtBlj_hpbHXTNheJGSOkHXmB9H9giOgHgWPtVOU0o-HQpicnuAp2Qlqr02Q
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
sfdc_customization
HOOK
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
8b68b63f0af7cf7c
x-content-type-options
nosniff
via
1.1 62c9e714a19291e1725b1320d4c9b368.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
x-yottaa-optimizations
ob/1000 si/26D1cc028389-1724190792-5238514744 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
content-length
37
allow
GET,HEAD,OPTIONS
x-ratelimit-remaining
999
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
sfdc_load
1
cache-control
max-age=0,no-cache,no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkrJFkuwWkbsRkbc1kaYYk0cY/baskets?siteId=elf-eu
x-ratelimit-limit
99999
accept-ranges
bytes
cf-ray
8b68b63f0af7cf7c-CMH
x-amz-cf-id
yp4hG9oDyOPeioUxn9RERz_eO4a5RKBhXX9Aw6vL7jBRstvQO6EQhg==
x-yottaa-metrics
2621cc028362/[108,103,-] 26D1cc028389/[-,111.831]
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ 		98 B
519 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/main.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.205.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-205-143.compute-1.amazonaws.com
Software
envoy /
Resource Hash
d09b9c8ab95948d9e0ca57cbccfe7e2bbbbab2922a7e06f11f2a413a78f377b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

x-cq-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
strict-transport-security
max-age=15552000; includeSubdomains
server
envoy
etag
W/"62-tUXsx4dmMuVFv4ctqatpl0wsOGE"
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
content-length
98
index.html
www.paypalobjects.com/muse/analytics/ Frame 22EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D191) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16754
content-type
text/html
date
Wed, 21 Aug 2024 06:54:27 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"64f25363-dacc"
expires
Wed, 21 Aug 2024 07:54:27 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
67dc4f7b36e22
server
ECAcc (nyd/D191)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-000000000000000000067dc4f7b36e22-70a4acea0c5a0d84-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202406.1.0/ 		451 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Aug 2024 06:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7I5y/rp4ODu7ul89ty+epQ==
age
30461
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
112027
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:20:01 GMT
server
cloudflare
etag
0x8DCA5E56F667161
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c05e064f-501e-009c-79cf-d7e837000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b68b63ebf2e41d5-EWR
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.205.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-205-143.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cq-client-id
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type, x-cq-tenant, x-cq-client-id
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
content-length
0
date
Wed, 21 Aug 2024 06:54:27 GMT
server
envoy
strict-transport-security
max-age=15552000; includeSubdomains
x-envoy-upstream-service-time
1
en.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/01909d38-8581-7f38-8582-64f06fd2d8da/ 		116 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/01909d38-8581-7f38-8582-64f06fd2d8da/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08d5c82c4bc35207047dff10aa2f8899e8d244aede8f8a7928af40d8600071f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Aug 2024 06:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
65717
content-md5
e6ANqLynSU+xYWEdL/uvuA==
content-length
23882
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jul 2024 18:36:26 GMT
server
cloudflare
etag
0x8DCA10F34B5E1DC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8505f782-501e-00d8-05f8-d2345b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b68b63f0f3a8c1d-EWR
expires
Thu, 22 Aug 2024 06:54:27 GMT
ts
t.paypal.com/ 		42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Cosmetic%20Criminals%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1724223267706&g=600&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Wed, 21 Aug 2024 06:54:27 GMT
date
Wed, 21 Aug 2024 06:54:27 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
261ff6acfed48
server-timing
"traceparent;desc="00-0000000000000000000261ff6acfed48-c5707128887f5bf7-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-iad-kcgs7200088-IAD, cache-lga21949-LGA
pragma
no-cache
correlation-id
261ff6acfed48
traceparent
00-0000000000000000000261ff6acfed48-8ce95730ac790cca-01
x-timer
S1724223268.708059,VS0,VE86
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
otFlat.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Aug 2024 06:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
sHJXWIgDpMKY35PyRRy4zQ==
age
65717
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3003
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:19:54 GMT
server
cloudflare
etag
0x8DCA5E56B3084E2
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
efcb78ad-201e-0054-5b76-d87900000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b68b63f4f548c1d-EWR
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Aug 2024 06:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LtDYZmcfPNW39lMw/Yu0RQ==
age
65717
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12723
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:19:56 GMT
server
cloudflare
etag
0x8DCA5E56C7CC8BB
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
120b4659-d01e-00e0-145f-d87502000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b68b63f4f568c1d-EWR
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Aug 2024 06:54:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
HyPJ72TNHxdfOI82cqKVqA==
age
65717
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:20:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4f6177c1-801e-007b-305f-d8f83a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8b68b63f4f578c1d-EWR
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		600 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0c017e1db7453e78fde851def7a22b6844987405cc30b1d839ef4edd7355de1b

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Aug 2024 06:54:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
36055
x-ms-lease-status
unlocked
last-modified
Mon, 19 Aug 2024 18:44:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
18c2091d-901e-004d-3905-f35568000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8b68b63f7f9941d5-EWR
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Aug 2024 06:54:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
30554
x-ms-lease-status
unlocked
last-modified
Mon, 19 Aug 2024 18:44:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9d4e2cb8-b01e-0078-2bc2-f2fb3d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8b68b63f8f6a8c1d-EWR
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Aug 2024 06:54:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
55192
content-length
4036
x-ms-lease-status
unlocked
last-modified
Mon, 19 Aug 2024 18:44:04 GMT
server
cloudflare
etag
0x8DCC07EE642F43B
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d02be89f-901e-006f-026e-f23b5e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b68b63fbfb341d5-EWR
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Aug 2024 06:54:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
46305
x-ms-lease-status
unlocked
last-modified
Mon, 19 Aug 2024 18:44:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
41ec14f0-601e-0094-376b-f2f344000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8b68b63fbfb541d5-EWR
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/11801/static/img/flag-icons/ 		717 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/11801/static/img/flag-icons/gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:54:27 GMT
via
1.1 de33a243d95a626772ee38d6f5849f96.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
ORD52-C2
age
1166285
x-yottaa-optimizations
ob/1001 si/26D1cc028389-1723051800-3035101170 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
829241
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
11801
x-yottaa-forcecache
true
last-modified
Wed, 07 Aug 2024 18:55:34 GMT
etag
"74509e9d9bd1f88852e582159d2d481d"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
2621cc8d5879/[33,23,-] 26D1cc028389/[hit]
x-amz-cf-id
xIIO2ZsVfkSUKXnIdbJKk5NECXDQVdVhICD_saEmXIJXFsEYEpYCaQ==
baskets
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/baskets
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
8909052be3938ace81c640ad5d7fd8d63f5d593a5a9b19c85a5ac3b9d0f270e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4MmIyMGQwYy04YjUzLTRjMjQtYmUzMy1jMjIwMjdlYmMyZjciLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjE5YTFmMjA1LTAxNzAtNDNhNC1iOTI5LTllY2IwZjQ2YTQ3OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MjQyMjMyMzcsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFia3JKRmt1d1drYnNSa2JjMWthWVlrMGNZOjpjaGlkOmVsZi1ldSIsImV4cCI6MTcyNDIyNTA2NywiaWF0IjoxNzI0MjIzMjY3LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMyODk4MDQ0MDUyMDI4NzczIn0.dVh9osaj3nPdJSrC2185ERDN9drmtBlj_hpbHXTNheJGSOkHXmB9H9giOgHgWPtVOU0o-HQpicnuAp2Qlqr02Q
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Aug 2024 06:54:28 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 17256fd1010bade0d64432a8527fd53c.cloudfront.net (CloudFront)
x-yottaa-metrics
2621cc028334/[120,117,-] 26D1cc028389/[-,123.951]
x-amz-cf-pop
ORD52-C2
age
0
x-yottaa-optimizations
ob/1000 si/26D1cc028389-1724190792-5238514749 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
content-encoding
gzip
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
989
pragma
no-cache
etag
25b47fcc6548b621fcad5f42477f30df8c55e884dc519cd924d80906c46ef79c
allow
OPTIONS,POST
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
x-dw-resource-state
25b47fcc6548b621fcad5f42477f30df8c55e884dc519cd924d80906c46ef79c
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/baskets
accept-ranges
bytes
cf-ray
8b68b640a8b9cf3e-CMH
x-dw-request-base-id
cD0meiOPxWYBAAB_
x-amz-cf-id
sNgzHgVhDuPaYWdQoiB634b2NCybA6AQlokDc_y7lHxQ0k-S-s5omA==
x-yottaa-os
200
expires
Thu, 01 Dec 1994 16:00:00 GMT
NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:23::1730:e044 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 21 Aug 2024 06:54:28 GMT
server
Unknown
x-amz-server-side-encryption
AES256
x-amp-srv
A
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
5378
icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:23::1730:e044 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 21 Aug 2024 06:54:28 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
996
icon-noun-drop-1235517%201
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:23::1730:e044 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
f366287eaa5627dc7ee48d1fcb79d20bceae8238ee2f1dd772f059685fe9c799

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 21 Aug 2024 06:54:28 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
838
700232
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/products/ 		77 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/products/700232?siteId=elf-eu&locale=en-GB&currency=GBP&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.131.137 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
94cca4acadbd268af43328cd145103ce3cae13f8580b74c114f0d161a037340d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

c_x-pwa-request
true
cache-control
no-cache
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Aug 2024 06:54:28 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
via
1.1 28858a97d9085a1c936c63ea0b2b4b46.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
x-yottaa-optimizations
ob/1000 si/26D1cc028389-1724190792-5238514752 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 21 Aug 2024 06:54:28 GMT
allow
GET,HEAD,OPTIONS
vary
accept-encoding
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/products/700232?siteId=elf-eu&locale=en-GB&currency=GBP&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
x-yottaa-metrics
2621cc0283f1/[325,323,-] 26D1cc028389/[-,328.318]
cf-ray
8b68b6427906cf79-CMH
x-dw-request-base-id
cD0reiSPxWYBAAB_
x-amz-cf-id
hlYj22l-Juhgk77s1V2x4AKXVaXndmwMIyBbA6eYKHmlqdx_plxrxw==
script-tag.js
cdn-scripts.signifyd.com/api/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-40.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:41:51 GMT
content-encoding
gzip
via
1.1 6104f765cfecf9c49eb7195c359eea46.cloudfront.net (CloudFront)
last-modified
Tue, 23 Apr 2024 14:51:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
758
x-amz-server-side-encryption
AES256
etag
W/"73ca6f23f3e08738233832c7a7a0c30c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
2VLKHbaQ_4egOBUaOmd0oWphnM1Y1gFa9FPH0cOF0mBFRx2jEinG5Q==
company_toolkit.js
cdn-scripts.signifyd.com/api/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-40.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:41:53 GMT
content-encoding
gzip
via
1.1 6104f765cfecf9c49eb7195c359eea46.cloudfront.net (CloudFront)
last-modified
Tue, 30 May 2023 10:18:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
756
x-amz-server-side-encryption
AES256
etag
W/"2c3950f122b3977df61b0e077aaa92c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
tekHGwuSkAM_wwHFmoibGPmO2aUgapoBWzsUAhU_WveLUUhlGkhp_Q==
rpl7q4td1t8ncjbj.js
imgs.signifyd.com/ 		96 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/rpl7q4td1t8ncjbj.js?d3w0vdbiknyggxjo=w2txo5aa&6jn3e9jq8qgfdrli=LzM0ODc5OTYxOTVlNDMzMTI0OTlmZTE3NzZk
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
66307ca32dbe56cf351ebf43d320778f44b647e2b8876e1bd1a0c20dc4c3a406
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 06:54:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP=IVAa PSAa
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bL8ifGtl3SMMG0-d
imgs.signifyd.com/ Frame 446E 		301 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/rpl7q4td1t8ncjbj.js?d3w0vdbiknyggxjo=w2txo5aa&6jn3e9jq8qgfdrli=LzM0ODc5OTYxOTVlNDMzMTI0OTlmZTE3NzZk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
0eb9597ce007f6bb159f05e2c12e8301d7844c59c43faaddf2b598da82911df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 06:54:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
3987ebfc2332474f
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sdcXl3fQZxxJwNxy
imgs.signifyd.com/ Frame 446E 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/sdcXl3fQZxxJwNxy?96f2d6f1d22f6b07=c0kw0C6R_ZmtYge_NJFbnTmmjF1C1EBRSVRGXRlPNPjJ3JWnYRj4pt_PQiiDQLfjkWqrdC_0iE3rrzyOVFWF87aXGKQ42KqCMiVPoA0BUffYPER0wwvTr2OXZ3P0qMvU_eDQBPQJTMOMm2zlH6CCgWYb4QPFN5X6h284r3I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Aug 2024 06:54:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
WFzjZ-gtatUzwQV3
imgs.signifyd.com/ Frame 446E 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/WFzjZ-gtatUzwQV3?8f1e2dad44e096f0=8hK_7VXLHOKMsl6gc4BSOUutjuEDPD1hqNjvGIBdLPSD4Pqx8eAQ2nWJcpYHO0eiWgNmjOml-AY5Cz6IAqvNAkxdMUjpqUWFml7xcS7jjiFZS9xSbGCjRHTU4bI0PKCukQt6Q6ZSjKjfnrNOCyoODDg58GS6MbZTKT23vKs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Aug 2024 06:54:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
imgs.signifyd.com/fp/ Frame 446E 		81 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, w2txo5aa/3987ebfc2332474flzm0odc5otyxotvlndmzmti0otlmzte3nzzk
Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 06:54:29 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 21 Aug 2024 06:54:29 GMT
Server
Apache
Etag
03242064c20d4a2285268690ab9b0c38
Content-Type
image/png
Access-Control-Allow-Origin
https://www.elfcosmetics.co.uk
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Mon, 20 Aug 2029 06:54:29 GMT
mXP2CnL2EF2nv7l1
imgs.signifyd.com/ Frame 7B1E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/mXP2CnL2EF2nv7l1?be59c25ae15a56b7=iraInaNZbTV185CCTyscornIXz1rv-g3uo7lKXgmlw6D5K27Hn6hHc-sn6lZwOoldVVQJODOGC1u-RUHPtUORlIqMrNP19W6hH8KCzp75sQvCNeSmOpHcikq9FT_1OjyXG57PuexVbJkq6nM4PnNfc0eulxep41ilEai1J3-SgGtoftJaLHlvGd0FXwf1HRkCZA6frBpiV35nIIxB_I
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 21 Aug 2024 06:54:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
GSKDZ3N6305-igY2
imgs.signifyd.com/ Frame 446E 		0
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/GSKDZ3N6305-igY2?2890a47f63a10b10=R_Wm17lnoQxtZdLxAnlI9QzZvw_CDI81RSqFdCVHHu87oE_wSl9yVdkcM65syqJ0aJQaDOPmGZze_-VVpuB43XZ4qi1Um8n5z2YhHv5vyUNjw-MMhYmr69xBXLlA5WgxtByYScEeXcwVNjoAVs_MVjN-aDg&jb=3b3c2e6c79613f3932356d3d6f61373d6e333f3e6c396b386b383e3a6c66643b3f3d3d3a6b6969
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Aug 2024 06:54:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
U5nUYWPyrBkYUh3V
imgs.signifyd.com/ Frame 446E 		134 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/U5nUYWPyrBkYUh3V?e17e6a464eb0f2ff=Kh1ueHbg2NLQbVN7ioUVWfytMVPLAFUABu5JpP2QswYGqkXbL3cJVmlRRueVZbyLCj2SZh-wa24A9HtdMxPz94GONA8IDkvze3Ql1_JTUa2i22bhOdc0MbDnP6KGbPjf0Nw-nUwRVaV2lHmsbQ6GlA
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
c4982b44979c962585720010adeb9b214f0789bc75fdd92589d04053631b6908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Aug 2024 06:54:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
u3clOD_DblY_XYmI
h.online-metrix.net/ Frame A833 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/u3clOD_DblY_XYmI?cee6c482c42039b9=AcDpSAdzKRy58_vPXpdQOEP6QU_7Yjyrh_xYXTCr80SW9OY1hygbsj51nzXALuD-npacMUXt0kuKMRTYv33fQOnTLt89W_ZDesqryH1BcMZxDXsHkq11f2QruN0Nw0LxOOLbQ7omkxrcq6yecmnCq-j_OvGybX4FlORozA9iKYDZzQLLSpc5yMv5Vykhgg8cJKJPdhbBiJWlN2haaXgF
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 21 Aug 2024 06:54:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
Hx9-r7077NE_abXx
imgs.signifyd.com/ Frame 3B12 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/Hx9-r7077NE_abXx?ec23c55bde3217d0=9TEww9qQcZ8dE26S-2dL5XxSqbMlkMO4NQGkF94M0gQWCDA8-vlG5gQAsSbsDUBeW7mxqRl_Qv-cRkLl4FgVfF0C5dd4cIs-ZjqNAHd6u7UR5O8jrMWSCkdrCaKHcLX4KSFnnFo71JC5snqI_MtXowoNhEoJurT30nBojdVDfd880tU2fPgf3DNitc4Yt_Nb7QJY_oUYrAc-iHqHxCjc
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 21 Aug 2024 06:54:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
xJRLTQMWf1pUJXHj
h64.online-metrix.net/ Frame 446E 		0
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h64.online-metrix.net/xJRLTQMWf1pUJXHj?2d10c774aa12c4e9=N3xwzToysBvoi8HJOihoAB9fjMMw-d1eiDHXxaLS9GJIer8zPb91SxMKoFNWVX8tYqp86lnEyEzZueMBrVeo5Nin903xyqStSYi4HOEZuXACyNCrvoVDzfFjs6CcLBIlnjJRLTCNzLELV60n3YrOBUfOtMA7aQOM
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2620:f3:0:14:b401:8ee8:4321:ad82 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Aug 2024 06:54:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
GSKDZ3N6305-igY2
imgs.signifyd.com/ Frame 446E 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/GSKDZ3N6305-igY2?2890a47f63a10b10=R_Wm17lnoQxtZdLxAnlI9QzZvw_CDI81RSqFdCVHHu87oE_wSl9yVdkcM65syqJ0aJQaDOPmGZze_-VVpuB43XZ4qi1Um8n5z2YhHv5vyUNjw-MMhYmr69xBXLlA5WgxtByYScEeXcwVNjoAVs_MVjN-aDg&ja=3a3a39362c26613d273638382c7a3f382c66353b3e3038783b3238382c61663f3b3c3a3a703b3a303a267178733d3f387237322e6e707a37392c39363a3024393830302e3b3c3a3a243b3a303a2c33363a302439383032243b36383a24313a383f2c3f3826373024677e37383f6c3d316e33333433653e6a6c32323168363e686c3330376830696e39633424676437382e796b6437323626666835607e74727b2f33492f3a462d324c777f7f24656c64696579676d7e6163792e616f2475632d384667646c2d6b657b6d6d746363256b78696d6b646b66792e7a643d3f26726837653038386464693f353d3b31336e346f626d3033393367683e6b33313831306e266a6837346e3e3a343a386e646d6f3a373e346b643f3c3a6139356b396b3b6a3a6c323c266873653d446164757a2e60736a374b687a6f67652d3a3a3132352c6079657d37446964757a2660736a7d37436a7a656d6d2c66686b3d3b362e666e6d3d3a2c64677e783738267e7a663d5a616b616c69612d38464065666f647566752e656b746870373e3a3a3b6e3963386267633a326d3e6963373e3a303038696439353f3438396c64343732323b3e396e3e656b6130346e63313c6b66606c3d323b3b3b3131366b266c7a376874767a792f39492f3a462f3244777d77266d66666167796d6d7e61637b2e696f267d612532446f666c276b657b6d6f746b6327637a6167696c6966732e7a357064756d6966576c6c6171622f3f4f6e6b64736f21726c7f67616655776b666e6f7f79576d6d646361577866617967782f3f4f6e6b64736f21726c7f676166556166676865576b6b7267626b742d3d4f66616e796f2b7a647f6f69645f73756363637c636d672d3f456e6b64736d217a6c7d6f636e5f71626569617f6b7e652f3547666b6c7b6d2b706e7d6d6966557a65696c7a6c69716f7225374f6c6b667b6f297066756569645f7e64695f72646b796d782d354d666b6c7b6d2b706c776d6364556c6f7e61667670253f456e69667367297a6c7d6d616e57737c67577e63657767782f3f4f6e6b64736f21726c7f676166556a637e6b253d4f6e6164736f266f6455633d756f686d665f6f6a47462530303b2e382d38302a477a65664d44253a304f532d3a3a322e322f383a496078676d63756f295d656a4f462530384d4c5b462d32384559253a383b2e3027383a2245786f6647462530304f532d3a3a474e5b46253a3a4d532d323a3126382f32304162786567617f65295d65604b63745f6d684b6b7c2f32385d6d624f4c4b4e4f444f5f696c797e6b646b6f6c5f6b72706173732d3b482530384f585c556a6c6d6e6e5f6561646d617a2f39482f3a3a4d585e5f616c6370576b656e767a656c2d394a253a304f585c57696f6c6d7855687f6e6c6d725568636c6c5f6e646561762d39422d383845505455646d787e685f61666b677a2d394a25383047585e5f6e6465617657686c6d646c253b422f32384d52545f64786b6d556c6f7874622531422f32384d52545d78656c716d676e576f6c667b6d7e5f636e6b677a2f3b482d323a455a54557360696e6570577e65707e7d726d5f666f6c2d394225303a4f525e577e6d787e757065556367657a72677b796967645762787469253b4a2f323047525e557e6d727c7578655d63656d787a6f737161656e57786f746b2539422d3a3a455856557e6f727c7f7a6555666b6c7e657a576b6e6b7b65747a6578696b2539422d3a3a455856557e6f727c7f7a65556d6b72786f7a57696c63657a5f7c6557656c676f253b4a2f323047525e55795a4d4a25394227323a4f4d5b55656e6d6765667e576966646f78577d636e742739482f3838454d535566606f55726d666e6570576769786769702d3348253a384545535d797e6b646c6b7a64556467726376697c6376677b2f334a2f3a304745595f7c6d727475706f556c66676b7c25394227323a4f4d5b557467707e757a6f5766646f6b745764636e6563782f39482d38384f4f535d746f787c7d78655d606b6c6e556e6c67617e253b4a2f32304d4f59557e6d727c7578655d686b6c6e576c6c6d697e5f6463666569722f334a2d38304f4759557c6f7a7e6d78556170726b795767686a676b7e253b482d3238574f424f4455636f6e657855687d6c6e65785f646c65617c2d3942273a3a574d484f4c5763656d787a6f7373676e557e6f707e7d726f5f63737e632d3b482530385d454a4d445f6b6f67707a6d79736566557e6f727c7f7a65556576632f334a2d3830554d484744556b6f657078657b7b6f645f766f727e7f7a6f57657e63332539422d3a3a57474a4d4c5769676d78726f737b6d6e5f7467727e7f786d557b337e63273348253a385d45404f465f6b6565707a6579736d6c5574657a7e7f786f57793b74695f71726d622d3b482530385d454a4d445f6c6568756f5778656e666f786f7857636666652531422f32385f4f42454455646d687d67577362616c6d78732531482f383a5f4f4a47465f66657a7460577e657a7c7f726d2f3b422d323a574d4a4d4c5f66786b7d556a7f6e666f72712539422d3a3a57474a4d4c576667736d5f696f667c6f78742739482f38385d4d424d4c5d6d7f6c7c61556470697d253b482d3238574f424f4455706f6e736d6564576767646f3134266d6c57603738346e3963303e69383f316834306d6b6438363c336b6e3c6b3f623f633430326230696e3537393c267f6d6476354964746d642f32304b6469242c7f6d647237496c746f6c2d3a3a49706179253a3a47706d6e4d4c2d3a3a456e6563646f2c6b696c3d38&jb=39393c2666713f4d657a61646661273a4c35263a2d3238285231392d394225303a4663647d722d323a783a3655363c212f3232497a70646f5f656a4b63742d3a4c35333524393c2f3a3a204b42544f4c2f324b2d38306e6161652d3838476d63616f212d3830436a7865676f2d384e3138372c30243026382f32325b6b66697861253a463f333f263936
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 06:54:29 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Type
text/javascript;charset=UTF-8
ODVIZL1ud3PNAQgB
w2txo5aa4ketvjvxont2m4ancbqjyhtuf3vojyfj3987ebfc2332474fsac.d.aa.online-metrix.net/ Frame 446E 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2txo5aa4ketvjvxont2m4ancbqjyhtuf3vojyfj3987ebfc2332474fsac.d.aa.online-metrix.net/ODVIZL1ud3PNAQgB?12ba0dd73e36304a=4VUFnae4wwbMI-_6ROVSvAF7--yzJjgWh-LAKIfVvtawbfO5tr0me-7mvtrm1f0g9kpNL_h8Bs2CVC0OvdiklVm_qQYKkEhNdj_j5IN_hYE45lRKMFiMkGxt_vGMZOvDq6VFvM_u5brChC7HJVuCkIPUS1fnUznsQ7Yy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.158.3 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Aug 2024 06:54:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
V2cUnte_mcFb9mxA
imgs.signifyd.com/ Frame 446E 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/V2cUnte_mcFb9mxA?625fb48033af3d4b=6lj6ahhVU6x6drkbANNvxZLFvuOKpU-vhiCZY9L2PRFa4-HHARNQO17Pn0vlFCi9LCKe3CujSw2e4bY7_B_fK73A5ermlGckEmhS-FJhWnDEdyyEYPQ0OJqbf66m3RAXE5rAjCl9Vf4kV75Ylv-XMtnisrLoED3Mm75W8r3OVD2WDowtwHrp0mQJcST1IkhpTNtCbCvWbvbFuqjzpBI&jac=1&je=303e2e266765666837283b2d3843332d38433b2f3a433132683230693332343a3a3b3b6b6b3c69373332666469656a6b3c6532393b306c3b31666e623f306b303a336367333c3d396b3830316b31603733393a3b3b642b
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 06:54:29 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Type
text/javascript;charset=UTF-8
YCXNIKHJuLwIqHo6
imgs.signifyd.com/ Frame 446E 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/YCXNIKHJuLwIqHo6?b0212a11cf309d21=HzeWtxIbKVQ2qSRgEet7hxwOlWm0ysnYj9Fsqhuznq5HLc2SVY43yKmbij-5yoLILF--lC9iKIEGOHKuHhC3vtNKygQtsaraSotLkgk8py3ZkHs119EaEd6-5M7x1ohs0b5YiZXqBMmQhxzFv1Bvs0snS4RZ5HPXvojheleUFMGMm6jZRBD4YE4i-NY0fUaZQKiP_kyUdDIYXL8-NWw&jf=3c3b3e267969665f786e6c357e647057463270495244676c41313d7a436f4c492c79636e576e69746f3d333738343a3a393234312c73616e577471706f3d7f6d683a65616e796b2c7b636c5f61657b3d39303d313930333b3a36383d3a6130363e386b6d396430303a3b3a3c38323a613236363869653b6c3a3332393a3738393c3238303a3431316e653961326e6e3d383c6a376c3167623e313f6c3261366e383830693e616c3239313c3a326466673f3d3a6939383e32693632316b346e6a3f38606c6b666d6b3b323b643d396d6c3b6265333c3d3239696f39383362356233633f383d3563306e623f6f3f343d346c666e6a6f343634336c6f336b3e38383e6467393e352e7b63645d7b6367353938343d303832383c3b336636693d3f6f3c3f6c396b6131393c356a313e35363b3937696b3a6431363f386b393e6237646b3f68396a3c3c333839373532643c6e3336643a3e66693a3a3239303a666d3b6f3431673a3f3e39693839363c3236313c626b3b6b61356e696439696b313a653b376b306b3464663f3e3e3f3c6b3c326863303133636b393c64673132267b636e723530
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Aug 2024 06:54:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
GSKDZ3N6305-igY2
imgs.signifyd.com/ Frame 446E 		0
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/GSKDZ3N6305-igY2?2890a47f63a10b10=R_Wm17lnoQxtZdLxAnlI9QzZvw_CDI81RSqFdCVHHu87oE_wSl9yVdkcM65syqJ0aJQaDOPmGZze_-VVpuB43XZ4qi1Um8n5z2YhHv5vyUNjw-MMhYmr69xBXLlA5WgxtByYScEeXcwVNjoAVs_MVjN-aDg&jac=1&je=3d3331262c776b6937313f3a243135263a2e3c26393026313838263a243133247d6f63373d2439383b2e30333e2e393b3e2675613c3d3a6b386432353c30383238343a333f3a3a30393a3931303131636c3a303b6b3738396939382c786d356e65266a697e73743f2f3d482f3a3864657c656e2538322d3b4b312c383a253a492d323a737e617c7d792532302f394b2f3a386b686b72656964672d3a3825354c2c617d6e603d6b613d62316d3c65363a3b69696b6b3c6e326b3761313332313b3c33363e68356b393937313668346c306e64343a3c3a3a39306c6d346c3031666964303c3f39246d7233356939336b346f303d316f3831663a3d3d6c3b6c6c623a643a383d6131303e34633068656b396b336a267f6160352f37422738386b786b6261746f63767578652d3a382531492f323a2f3a322d3249253a3a6869746c6f79792f3a382d334b2530322f323a2d3843273a38627a6b66647b2538322d3b4b2535402f3f4e2f3a492d323866776c66566d7a79696d6646697b7e2d323a2539412d3d482535462f38492f3a38656f68696e652f323a2d3941646966736d2f3a432d32386d676c6f6c2530382f394b2d383a253832273249253a3a7a6c637c6c6f7a672d323a2539412d3a382532302f38492f3a38786c6b74646f786d5e6d78736b6764253a382d33492538322d3a382532412f38387d677d3e342f32302539416e696673672d3d442e7f696c35253d422d3a38627263646e792f3a382d334b2537422f354c2d3843273a386d6768616c6d2538322d3b4b66616e796f2f384b2f3a327a6c63746c6f7a652f32302d39412d383a253a322f374c
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/bL8ifGtl3SMMG0-d?38ef7f936f16ce71=Oytyhs2298pfTaJn2HZXzpG3aOoQtR4Qk3tXZE-zvARuOjGq0y9vKRoMaVqL6K0yncO1k21ywbVwTwaqsKsEOOTKSjDDC05yzHnUn4sDEazFwBdIof8vCDfZ2RCJ55xT7u8aXSz2MhcTdTw_UTV9S1FFtnAQSHJJYItyZxm6GI5qR9uWSA46KGzLb_DZcpWsVT44MB1hp9X3ElXo&jb=3d3a2e2660736d75374c61667f782462796f3546616e7d782c6a7b6a7f3d436a7865676f2e607b6237436a72656d6d2d3830333a3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Aug 2024 06:54:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host string| _pxAppId function| $ function| jQuery object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| ytCCPlayer object| ytBTSPlayer function| onYouTubePlayerAPIReady function| onCCPlayerReady function| onBTSPlayerReady object| content object| __LOADABLE_LOADED_CHUNKS__ function| _ object| regeneratorRuntime function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive object| viewedProductIdsForPage object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otIsInitialized function| OptanonWrapper object| DYcustom object| PXXT4Gy2ig object| PX object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust boolean| otLastAcceptAllValue function| a0_0x3eec function| a0_0x20c7 object| sigScriptLoader object| SIG_SCRIPT_DEBUG object| threatmetrix function| tmx_post_session_params_fixed function| tmx_run_page_fingerprinting boolean| tmx_profiling_started

18 Cookies

Domain/Path Name / Value
www.elfcosmetics.co.uk/ Name: _pxhd
Value: WHplZIA/xGBSV8JdnKQVLnGlOUWfWl8QbQwfIeYdFrB28rmHsVQq5CDI5nK78RTA2PitUHz-mTsrDkj09bAx5Q==:SEGA/dTFcCyzefyAR0-82tFXtC3GhZgN1B35WZfdyhMAW/fv4Arq61XGk5KPadmd-i9hKoTVv-BHWf9lUUDFSZzrtazm1mgXKMEDsrM7qV4=
.youtube.com/ Name: YSC
Value: cj2VmNKQ4_g
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: WrKpkH4FYN8
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgWw%3D%3D
.vimeo.com/ Name: vuid
Value: pl1847874785.1193095271
.vimeo.com/ Name: __cf_bm
Value: dF6knqFUpH9XET9Qh0ahfpX1u3StpNmIQ.KutOhLeCM-1724223265-1.0.1.1-49IKgR3l.GGREJrQDFXiyY2XJjH.VOi6O8PUMKuMap6yI4Olhvdp2UofP0wUUWw5
.vimeo.com/ Name: _cfuvid
Value: ERKXxBunFhcMOrDQO8390T5MgB9q8.vAVYXed3XZSwU-1724223265618-0.0.1.1-604800000
www.elfcosmetics.co.uk/ Name: initAuthComplete
Value: true
.elfcosmetics.co.uk/ Name: ab.storage.sessionId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: g%3A84651bbb-77bd-f3d5-2c0d-51bf6be3da60%7Ce%3A1724225066376%7Cc%3A1724223266376%7Cl%3A1724223266376
.elfcosmetics.co.uk/ Name: ab.storage.deviceId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: g%3A507a4a2f-5a20-56c3-d285-9fb1f5a3a6fa%7Ce%3Aundefined%7Cc%3A1724223266379%7Cl%3A1724223266379
.elfcosmetics.co.uk/ Name: pxcts
Value: 34ed6696-5f8a-11ef-9ced-113515672435
.elfcosmetics.co.uk/ Name: _pxvid
Value: 32997842-5f8a-11ef-b03e-e919196858d0
www.elfcosmetics.co.uk/ Name: dwanonymous_d0d57f92086b8d4216742497990aeda2
Value: abkrJFkuwWkbsRkbc1kaYYk0cY
www.elfcosmetics.co.uk/ Name: dwsid
Value: BO1QtyjVQZVJ82exMhMBoBZtvtQpt8ifeJI4TYM4NRkAcT5h9sqCRkcxIhn-LELzhxEaA2WBYTUsnp3pcKgx9w==
.elfcosmetics.co.uk/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Aug+20+2024+20%3A54%3A27+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202406.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=af6b549c-64a4-4fae-b987-2b71bc6602b3&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&groups=1%3A1%2C2%3A1%2C3%3A1%2COSSTA_BG%3A1%2C4%3A1%2C5%3A1
.elfcosmetics.co.uk/ Name: _px3
Value: 630ced57d065589d1fb7597a803b79124defbf6bab0e71d7d0e71e84b6bd97f5:pFk6OAHvBQZivYTUYVwR0N7sB7sWJz09P0a6cy6g/fHujFtkkd29pkGa5o4emdeCuAPEyXu5KOj7dg+K/kURiQ==:1000:TYWw3LtVs/IPMmvw34qhny9h60I0dSr41JJkQlhGjhjKtOmkJIBUeIlz4onEavKtNXvf4kO1qhyAyPadFid2HTZTM++BQU7x/48jMO+P8FVDk7PoKuzj/RoWPDHv211q4A8iadCKAQ+IZvrmPbWzStcgEtUXPtIqKZMJcZk4kU3p/xSCECJW8uPmWbaFMJY1HX55Z1cc9Lh713N2iTz6MSmSQns+9yqXQNu0TsQNz0c=
imgs.signifyd.com/ Name: thx_guid
Value: 8a633ccd8359349ed53a25bb236dfd16
imgs.signifyd.com/ Name: tmx_guid
Value: AAy1eX4fPvBwMEOiGzk7bxbvAgDpFaX4t0ZToLiMFixz0KiBO-TTsBjO42M3yzpvcGZQ0wAYHggnIbtXhyDmTf-Kp4O52A

11 Console Messages

Source Level URL
Text
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 359)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 359)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 359)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
javascript error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Access to image at 'https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=y_' from origin 'https://www.elfcosmetics.co.uk' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=y_
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11801/vendor.js?yocs=y_A_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cquotient.com
api.ipify.org
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.cookielaw.org
cdn.media.amplience.net
cdn.static.amplience.net
code.jquery.com
collector-pxxt4gy2ig.px-cloud.net
cosmeticcriminals.co.uk
elfcosmetics.a.bigcontent.io
geolocation.onetrust.com
h.online-metrix.net
h64.online-metrix.net
imgs.signifyd.com
player.vimeo.com
sdk.iad-05.braze.com
t.paypal.com
w2txo5aa4ketvjvxont2m4ancbqjyhtuf3vojyfj3987ebfc2332474fsac.d.aa.online-metrix.net
www.elfcosmetics.co.uk
www.paypal.com
www.paypalobjects.com
www.youtube.com
cdn-fsly.yottaa.net
104.18.87.42
104.26.13.205
108.138.106.40
151.101.1.21
151.101.193.21
151.101.194.133
151.101.66.137
151.101.67.1
162.159.138.60
172.217.165.142
172.64.149.149
172.64.155.119
192.225.157.157
192.225.158.1
192.225.158.3
192.229.210.155
204.2.131.137
204.2.138.107
23.48.224.13
23.48.224.6
2600:141b:1c00:23::1730:e044
2620:f3:0:14:b401:8ee8:4321:ad82
35.190.10.96
44.209.205.143
024331496292688a08ddab09c072445da1af4bdbd2b3c36e77ef6be1edd082c3
0c017e1db7453e78fde851def7a22b6844987405cc30b1d839ef4edd7355de1b
0eb9597ce007f6bb159f05e2c12e8301d7844c59c43faaddf2b598da82911df3
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
3463c623dd03e4b83435abcf0bf4c82c2bd3631bde91913879f41e21a7a87fc2
37d207a7297589d062c2af128ee513190a9297959cb24c68078f68d64b899c98
38fb4e2b3b27b248bb8577f60f5959e0affc160c2ad395db627daf2ece17ab6b
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
47964e6ef73b9e710211b640795701da41f9ebad7b0686c09ec0e47ebc053874
4a2e8fd4b96e51ccf6f83def36ea3fa300ffe936f638750d97246bb86fed479e
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4ae7d857dd8d096a5198b1e8280de9f929ca88d690e445731b6ffdffbf2b8383
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
5388dd253b656385d492a852116fb2f5aedf3412f51bd2986ae4d9b5d8d2a023
573bf20738a24dff3470e7ee724e8c433f5b85460659c502de261ca9d24b3b4a
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
66307ca32dbe56cf351ebf43d320778f44b647e2b8876e1bd1a0c20dc4c3a406
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
794b9f4fa15362394d9913554121b956f2ee5f5dc368540a8cc761dc9c7668f1
7a0204422805f76d793709204fd52e753cb059e5dd5099e41781499c8072e726
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
8909052be3938ace81c640ad5d7fd8d63f5d593a5a9b19c85a5ac3b9d0f270e8
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8cb2ac35adc7dee4b051d05a7ffc844c9f61eb67b3ce350a16a552f98ffc4172
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
94cca4acadbd268af43328cd145103ce3cae13f8580b74c114f0d161a037340d
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97288c12b80b1296fe10c5d60c188d495fd900eae4d95c41038de6e7bd002bab
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
aa1ca7a298c05fcd0b150c05da0bfaae7c50d2a762631fcaaefb0c40b4806767
aca990e4ea5c882dcfe05c1b6de93300cc4e0ed49fe61d511422b67c9953ec0d
b3efc48717edad187198d0a608a3b3a8195f0e5b6b6b41f27b78824796cbd61e
b64b52a2bdf96baa45c806725c3e922d6e415c234dd685809ba04f1d3e26bd05
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb378098ee9eb555df3b46abb37f65c770427b74147322c7707da6f623b28144
c4982b44979c962585720010adeb9b214f0789bc75fdd92589d04053631b6908
c680a2e50f0465f89895615a4db8f2b148dd4d0f5964a73c8cc649f2018f6fd6
cd2387aa7fce3761291afcefea9a7bcb85652ffd781ba6a2c0afb22c1ac00fe1
cdbeef0b146607f5137f8f5434eeab8625ee0801da2af33e045528d191e512d0
d09b9c8ab95948d9e0ca57cbccfe7e2bbbbab2922a7e06f11f2a413a78f377b8
d1c837b83e593f154428f1615709ad1146a51818f6973ad5ea0d24c2bb619670
d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
d7d6f2d3cc5c5e3b057e899b45fb372d18890b7b61e0df9ced47891f9bbf0061
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
e08d5c82c4bc35207047dff10aa2f8899e8d244aede8f8a7928af40d8600071f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79dea9b0707ff2fa615359bdb9683037505ddb2a00daae13de4ae1a80055adf
e7d1e8605f37a6e5db0bfd2e5df26604b7e1475484f9d51f8373344cc3f1aaf2
e9dca3e1405640ba65996828612b9186c7e481644a75bac9ecaa9529afbbebd5
f29ea5eb4e212aa52055e918e85726b96910782af4755d88249de37336872877
f366287eaa5627dc7ee48d1fcb79d20bceae8238ee2f1dd772f059685fe9c799