urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmetics.co.uk Open in urlscan Pro
140.174.12.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cosmeticcriminals.co.uk/
Effective URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Submission: On April 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 17 domains to perform 96 HTTP transactions. The main IP is 140.174.12.229, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.co.uk. The Cisco Umbrella rank of the primary domain is 724976.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time www.elfcosmetics.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 140.174.14.85 393259 (YOTTAA-AS-1)
1 19 140.174.12.229 393259 (YOTTAA-AS-1)
2 16 2a02:26f0:310... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
3 151.101.2.133 54113 (FASTLY)
12 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.67.74.152 13335 (CLOUDFLAR...)
5 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 151.101.1.21 54113 (FASTLY)
1 151.101.129.21 54113 (FASTLY)
2 151.101.193.35 54113 (FASTLY)
2 192.229.221.25 15133 (EDGECAST)
2 35.190.10.96 15169 (GOOGLE)
2 52.215.4.161 16509 (AMAZON-02)
3 2a02:26f0:310... 20940 (AKAMAI-ASN1)
2 108.138.26.127 16509 (AMAZON-02)
12 91.235.133.113 30286 (THM)
1 91.235.132.130 30286 (THM)
1 91.235.134.131 30286 (THM)
96 23
1    140.174.14.85 (Frankfurt am Main, Germany)

ASN393259 (YOTTAA-AS-1, US)
cosmeticcriminals.co.uk
19    140.174.12.229 (United States)

ASN393259 (YOTTAA-AS-1, US)
www.elfcosmetics.co.uk
16    2a02:26f0:3100::1735:2afa (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.media.amplience.net
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a02:26f0:3100::1735:2b28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.static.amplience.net
3    151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn-fsly.yottaa.net
12    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
5    2606:4700:4400::6812:25a1 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    151.101.193.35 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
2    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxxt4gy2ig.px-cloud.net
2    52.215.4.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-4-161.eu-west-1.compute.amazonaws.com
api.cquotient.com
3    2a02:26f0:3100::210:6e29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
elfcosmetics.a.bigcontent.io
2    108.138.26.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-127.fra56.r.cloudfront.net
cdn-scripts.signifyd.com
12    91.235.133.113 (United States)

ASN30286 (THM, US)
imgs.signifyd.com
1    91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net
h.online-metrix.net
1    91.235.134.131 (United States)

ASN30286 (THM, US)
w2txo5aaaworl7tt3b3xewmw7nlp7em7jyk6mtvgb90bd58a4847bd9aam1.e.aa.online-metrix.net
Apex Domain
Subdomains		 Transfer
19 elfcosmetics.co.uk
www.elfcosmetics.co.uk — Cisco Umbrella Rank: 724976
368 KB
18 amplience.net
cdn.media.amplience.net — Cisco Umbrella Rank: 14404
cdn.static.amplience.net — Cisco Umbrella Rank: 42889
6 MB
14 signifyd.com
cdn-scripts.signifyd.com — Cisco Umbrella Rank: 8294
imgs.signifyd.com — Cisco Umbrella Rank: 7079
69 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 306
214 KB
5 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2924
t.paypal.com — Cisco Umbrella Rank: 3505
123 KB
5 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 3156
985 B
4 youtube.com
www.youtube.com — Cisco Umbrella Rank: 66
69 KB
3 bigcontent.io
elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 140856
8 KB
3 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 24651 Failed
1 MB
2 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 2489
w2txo5aaaworl7tt3b3xewmw7nlp7em7jyk6mtvgb90bd58a4847bd9aam1.e.aa.online-metrix.net
438 B
2 cquotient.com
api.cquotient.com — Cisco Umbrella Rank: 41702
520 B
2 px-cloud.net
collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 189618
1 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2623
16 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2959
229 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 535
295 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 767
24 KB
1 cosmeticcriminals.co.uk
cosmeticcriminals.co.uk
328 B
96 17
Domain Requested by
19 www.elfcosmetics.co.uk 1 redirects www.elfcosmetics.co.uk
cdn-fsly.yottaa.net
16 cdn.media.amplience.net 2 redirects www.elfcosmetics.co.uk
12 imgs.signifyd.com www.elfcosmetics.co.uk
imgs.signifyd.com
12 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
www.elfcosmetics.co.uk
5 sdk.iad-05.braze.com cdn-fsly.yottaa.net
4 www.youtube.com www.elfcosmetics.co.uk
3 elfcosmetics.a.bigcontent.io
3 www.paypal.com www.elfcosmetics.co.uk
www.paypal.com
3 cdn-fsly.yottaa.net www.elfcosmetics.co.uk
2 cdn-scripts.signifyd.com www.elfcosmetics.co.uk
2 api.cquotient.com cdn-fsly.yottaa.net
2 collector-pxxt4gy2ig.px-cloud.net www.elfcosmetics.co.uk
2 www.paypalobjects.com www.elfcosmetics.co.uk
2 t.paypal.com
2 api.ipify.org cdn-fsly.yottaa.net
2 cdn.static.amplience.net www.elfcosmetics.co.uk
1 w2txo5aaaworl7tt3b3xewmw7nlp7em7jyk6mtvgb90bd58a4847bd9aam1.e.aa.online-metrix.net
1 h.online-metrix.net imgs.signifyd.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 code.jquery.com www.elfcosmetics.co.uk
1 cosmeticcriminals.co.uk 1 redirects
96 21
Subject Issuer Validity Valid
*.elfcosmetics.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2023-09-25 -
2024-10-25		 a year crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2023-09-13 -
2024-10-14		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
ipify.org
GTS CA 1P5		 2024-03-21 -
2024-06-19		 3 months crt.sh
sdk.iad-05.braze.com
E1		 2024-04-19 -
2024-07-18		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-15 -
2024-09-13		 a year crt.sh
*.cquotient.com
Amazon RSA 2048 M02		 2024-03-05 -
2025-04-03		 a year crt.sh
*.bigcontent.io
GeoTrust TLS RSA CA G1		 2024-04-02 -
2025-05-03		 a year crt.sh
cdn-scripts.signifyd.com
Amazon RSA 2048 M01		 2023-07-03 -
2024-07-31		 a year crt.sh
imgs.signifyd.com
Go Daddy Secure Certificate Authority - G2		 2023-10-20 -
2024-11-20		 a year crt.sh
online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2023-10-20 -
2024-10-21		 a year crt.sh
*.aa.online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2023-10-20 -
2024-10-21		 a year crt.sh

This page contains 9 frames:

Primary Page: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Frame ID: 6C0476DBD4BF07B9DE1C6D18895BC8E6
Requests: 79 HTTP requests in this frame

Frame: https://www.youtube.com/embed/bxGKZ6lfJ7A?enablejsapi=1
Frame ID: FAA9E68CD733FCA9F3593EA668205387
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/rZPCKoUReO0?enablejsapi=1
Frame ID: B09FF7B00D2F2E2158C3B88E49851494
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.63.0&integrationType=SDK
Frame ID: 647DC7B73A93D79B24DF84DD396A10A7
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 100BDB9ECA7CB2E6D0731A70B70EF58A
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/9E9EzmDejMzySsOd?dcce84d791df469b=_LmV3iEMiVxcpR-aAPKtRBUvI6K_j6VCxbUhjIM-eGlE_4NZ2AZ2JVul9It3s1WrirwA7FVn_znE_Bc8tTKAPveSyG5ZeDU08Bxs5p6-ajJ6eK4l8Q9yAz8Rc6JqZNJz043102eonAVH02YgRWqMgRB_OVsPHJwrCad3Tay4MApdmEo1KGRLZGLHxc3sE3lQTbbC6Iz05YS5Aqvf&jb=3d332e2e60716f7d355569666e6d7d7b2c62736d355f696c6e6d75792f3a3833392e687b6a7f354b62706f656d246a7b683f496078676d672d3a30333836
Frame ID: BB34AE500F09569EA1667E806B15F965
Requests: 10 HTTP requests in this frame

Frame: https://imgs.signifyd.com/M9TR30BF8BDnVR-6?9102778aa6764315=qqj8CKyMBrbpWW1vIWmxGoupT5GXwam5cbtoZ-KNiXwJs1RMCk0u6hGvzd9JOvDopwNPsi9rNPYXqy4K0-nIaF-f6ZJxstHrFi4vNPjcaIIsm2A6Jeabz1r1Uo6WHQ5jj4R_nNZXAbQ-4deXLh5TAnMgw1nrUhi7jFCpgVkNrriHljzpcDCpkB8hBFCOJktLJvECxC3GDr7ZFmayCIg
Frame ID: 2E95E0AB820D8DFFE977C8D43DA96BE7
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/CzJ-uRi-BRqbKUhA?af7ae8be3663026c=yPXMbFNbG82i8TEAl-uWo7Wh0dLdWI4OZZoF-WbB2XgotwkBeXLPnwV-HvYqxqm6zR-ERi9_0B8v0zbuNeg5hCIU3RXYSuA8RxNnPhfUxHRAIY6SLLjm3iigtIet59R6u0zLbbFDPI92u0KKIKvZ582kk9iDzRSjcnGi2ekaP87ZzrYq74VVAQeLKrxtHj_4YyyyQ-HRLsDwkMWhtZeV
Frame ID: 93F0F6FD5D9670049C1DD0318C6A7203
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/VkpmUo0GJPvYx0kx?e30408e1f917d75a=j0k2WhJZ8KAkZmxioEknjddLwsPeAzhP5nY8G2NSiYbC9JJ81E80pr83umsjg87pykIDTmInO42Gx5oZYSxZVXCpgAr6J7BWox14ai1Vhzg_l6Iyrw0P7aA6FenCgTlSMVofbHq7AQ9g_YjlPRtr6kakSt4E3j_zj9VSqPPV3tz8HXT52ObWnxrNbHkwtKqgSwF9wbA51CfOvqoWo6lr
Frame ID: 98DBAC4C345B6F4628DC4214DD762422
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cosmetic Criminals | e.l.f. Cosmetics

Page URL History Show full URLs

  1. https://cosmeticcriminals.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/elf-cosmetic-criminals Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

93 %
HTTPS

39 %
IPv6

17
Domains

21
Subdomains

23
IPs

3
Countries

8462 kB
Transfer

15742 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cosmeticcriminals.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/elf-cosmetic-criminals Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_CRIMESCENE_VID/mp4_720p HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
Request Chain 20
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_COSMETIC_CRIMINALS_VID/mp4_720p HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
Request Chain 34
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=1tr-iMOtlVhMQ4e7OcnNTgSOkUEi4t_qfZHSbc2tyh0 HTTP 303
  • https://www.elfcosmetics.co.uk/callback?usid=ebb0d83b-e7fb-432f-95cd-70a9a5f471fb&code=at0rRw2cTkvMe7gL41V2jyFkPses51n4w0e7OKVtsc4

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request elf-cosmetic-criminals
www.elfcosmetics.co.uk/
Redirect Chain
  • https://cosmeticcriminals.co.uk/
  • https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
945 KB
237 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
10fead09c1bef07f81bced1a1cc6adc8abbc292f3da49b151352ab6b79964a69
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
public, must-revalidate, s-maxage=900
content-encoding
gzip
content-length
241833
content-type
text/html; charset=utf-8
date
Sun, 28 Apr 2024 08:49:21 GMT
etag
W/"ceca6-FlMmMNBybgg/M0N04Ii77B9a+a0"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 538cf444f0c6dac6454a3baf06f65b9e.cloudfront.net (CloudFront)
x-amz-apigw-id
W7cOnHR2iYcEMhQ=
x-amz-cf-id
Xfu0yM-CO6HIo-YADvqAmIe_YYpMXeVyJbE3LHp7_SQ5PT7lQ1ag0w==
x-amz-cf-pop
ATL58-P7
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
847014
x-amzn-remapped-date
Sun, 28 Apr 2024 08:49:21 GMT
x-amzn-requestid
259d85a0-dc19-4d4f-b272-af175a1b53da
x-amzn-trace-id
Root=1-662e0d90-1be4d33a4f1519f04c3846d6;Parent=2bc185866f6be2ac;Sampled=0;lineage=dcd1e669:0
x-cache
Miss from cloudfront
x-yottaa-metrics
33218cae0ced/[1489,1450,-] 33D18cae0ce5/[-,1529.675]
x-yottaa-optimizations
ob/1000000100001000 si/33D18cae0ce5-1714069497-8879694274 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-yottaa-os
200

Redirect headers

age
0
content-length
1197
content-type
text/html; charset=utf-8
date
Sun, 28 Apr 2024 08:49:19 GMT
location
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
vary
User-Agent
x-yottaa-fw
fb/100000 tid/658f1f27d931403bb4ae5240 rid/658f266dd931403bb4ae60ab stid/5ad7b08e2bb0ac0c5ba3d38c
x-yottaa-metrics
36D18cae0e55/[-,0.151]
x-yottaa-optimizations
ob/0 si/36D18cae0e55-1714069497-8594979281 tts/1714294159468 ti/0 ai/658f1f27d931403bb4ae5240
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
PWT_STORY_HEADER_DESKTOP_BG-min
cdn.media.amplience.net/i/elfcosmetics/ 		630 KB
630 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_BG-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
nHCweV-KL,l4p5bDg2e,2orsu9Nt2,k4NPUWi7z
x-req-id
CJP8Wscuez
content-length
644728
x-xss-protection
1; mode=block
x-amp-source-height
1249
server
Unknown
x-frame-options
DENY
x-amp-source-width
3199
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
PWT_STORY_HEADER_DESKTOP_CC-min
cdn.media.amplience.net/i/elfcosmetics/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_CC-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
jV7FvZ5S2,l4p5bDg2e,HwG53bbZp,UyB2-aY-L
x-req-id
f1h5fn74u-
content-length
209440
x-xss-protection
1; mode=block
x-amp-source-height
340
server
Unknown
x-frame-options
DENY
x-amp-source-width
800
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin
https://www.elfcosmetics.co.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin
https://www.elfcosmetics.co.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
bxGKZ6lfJ7A
www.youtube.com/embed/ Frame FAA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/bxGKZ6lfJ7A?enablejsapi=1
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-8RBKr6UFOiaKrMxVAJfeCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Apr 2024 08:49:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
rZPCKoUReO0
www.youtube.com/embed/ Frame B09F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/rZPCKoUReO0?enablejsapi=1
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Apr 2024 08:49:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
PWT_STORY_SOCIALLISTENING_DESKTOP_5-blurred-min
cdn.media.amplience.net/i/elfcosmetics/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_SOCIALLISTENING_DESKTOP_5-blurred-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
cdbeef0b146607f5137f8f5434eeab8625ee0801da2af33e045528d191e512d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
kHZIc2XA6,l4p5bDg2e,hUXp-ygcH,UyB2-aY-L
x-req-id
3z7iU3mG57
content-length
2085695
x-xss-protection
1; mode=block
x-amp-source-height
1484
server
Unknown
x-frame-options
DENY
x-amp-source-width
3080
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 03 Jan 2024 21:02:28 GMT
PWT_STORY_DETECTIVES_DESKTOP_6-min
cdn.media.amplience.net/i/elfcosmetics/ 		330 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_DETECTIVES_DESKTOP_6-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
8cb2ac35adc7dee4b051d05a7ffc844c9f61eb67b3ce350a16a552f98ffc4172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
IkLmMsz2d,l4p5bDg2e,q-jdDBY1E,k4NPUWi7z
x-req-id
eter1kfvSF
content-length
338113
x-xss-protection
1; mode=block
x-amp-source-height
1062
server
Unknown
x-frame-options
DENY
x-amp-source-width
2806
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 27 Dec 2023 17:21:33 GMT
PWT_STORY_ON_THE_CASE_DESKTOP_BTS-min
cdn.media.amplience.net/i/elfcosmetics/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_ON_THE_CASE_DESKTOP_BTS-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
7a0204422805f76d793709204fd52e753cb059e5dd5099e41781499c8072e726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
r_hJXD8VE,l4p5bDg2e,O8QiTHpoz,k4NPUWi7z
x-req-id
MyNCxafAGx
content-length
184181
x-xss-protection
1; mode=block
x-amp-source-height
1108
server
Unknown
x-frame-options
DENY
x-amp-source-width
1952
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Fri, 29 Dec 2023 07:51:47 GMT
PWT_STORY_CRIME_TAPE_DESKTOP_7-min
cdn.media.amplience.net/i/elfcosmetics/ 		614 KB
614 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CRIME_TAPE_DESKTOP_7-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
37d207a7297589d062c2af128ee513190a9297959cb24c68078f68d64b899c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
7QyXPqcNv,l4p5bDg2e,N2xhcEEJW,UyB2-aY-L
x-req-id
OVwjvLxZow
content-length
628288
x-xss-protection
1; mode=block
x-amp-source-height
525
server
Unknown
x-frame-options
DENY
x-amp-source-width
3200
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 28 Dec 2023 16:15:28 GMT
jquery-3.7.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.slim.min.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5710035
x-cache
HIT, HIT
content-length
24036
x-served-by
cache-lga21942-LGA, cache-fra-etou8220042-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1714294163.896455,VS0,VE0
etag
W/"28feccc0-11278"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
10574, 490
PWT_STORY_HEADER_DESKTOP_BG-min
cdn.media.amplience.net/i/elfcosmetics/ 		630 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_BG-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
nHCweV-KL,l4p5bDg2e,2orsu9Nt2,k4NPUWi7z
x-req-id
CJP8Wscuez
content-length
644728
x-xss-protection
1; mode=block
x-amp-source-height
1249
server
Unknown
x-frame-options
DENY
x-amp-source-width
3199
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
PWT_STORY_HEADER_DESKTOP_CC-min
cdn.media.amplience.net/i/elfcosmetics/ 		205 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_CC-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
jV7FvZ5S2,l4p5bDg2e,HwG53bbZp,UyB2-aY-L
x-req-id
f1h5fn74u-
content-length
209440
x-xss-protection
1; mode=block
x-amp-source-height
340
server
Unknown
x-frame-options
DENY
x-amp-source-width
800
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
player_api
www.youtube.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58b5dc860e534eea49f5699b8c57c053ce73458f9d39b6b8697756ea71448fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sun, 28 Apr 2024 08:49:22 GMT
8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_CRIMESCENE_VID/mp4_720p
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Server
2a02:26f0:3100::1735:2b28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b3efc48717edad187198d0a608a3b3a8195f0e5b6b6b41f27b78824796cbd61e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Apr 2024 08:49:23 GMT
last-modified
Fri, 22 Dec 2023 15:50:27 GMT
etag
"dd3676819bd88a250c875a11e38c307d"
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1060947/1060948
x-amp-srv
A
accept-ranges
bytes
x-amp-route
ak-s1
Content-Length
1060948

Redirect headers

date
Sun, 28 Apr 2024 08:49:23 GMT
x-content-type-options
nosniff
server
Unknown
x-frame-options
DENY
x-amp-srv
A
cache-tag
-8l9n7ahO,l4p5bDg2e,bgWw7nQ29
access-control-allow-origin
*
location
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
content-type
text/html; charset=UTF-8
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_COSMETIC_CRIMINALS_VID/mp4_720p
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Server
2a02:26f0:3100::1735:2b28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ae7d857dd8d096a5198b1e8280de9f929ca88d690e445731b6ffdffbf2b8383

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Apr 2024 08:49:23 GMT
last-modified
Fri, 22 Dec 2023 17:43:50 GMT
etag
"91a2cbc7ca143aac79d0312d84bb77fb"
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1262366/1262367
x-amp-srv
A
accept-ranges
bytes
x-amp-route
ak-s1
Content-Length
1262367

Redirect headers

date
Sun, 28 Apr 2024 08:49:23 GMT
x-content-type-options
nosniff
server
Unknown
x-frame-options
DENY
x-amp-srv
A
cache-tag
UEOPGp6Ym,l4p5bDg2e,fH6Lo3_5e
access-control-allow-origin
*
location
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
content-type
text/html; charset=UTF-8
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
vendor.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/ 		2 MB
620 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2e0bde8a120edcd0e126c139ff4c62dc420e43a86bb9e22c92044fdda3fc3ef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:23 GMT
via
1.1 1e0f88a39289286be3e03ff93487da80.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P8
age
913342
x-yottaa-optimizations
ob/1000 si/36118cae0e23-1706737520-696787089 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
731233
content-length
634413
x-amz-meta-bundle
11110
x-served-by
cache-fra-etou8220112-FRA
x-yottaa-forcecache
true
last-modified
Wed, 17 Apr 2024 19:04:22 GMT
server
AmazonS3
x-timer
S1714294163.014801,VS0,VE2
etag
W/"2dc27cce0c8ffe9fbe44ad1e265768c6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e41/[167,136,-] 36118cae0e23/[-,299.938]
accept-ranges
bytes
x-amz-cf-id
2V9Wf3uQkBpcLMs-wUAN7wfjC_AriBPkio_zuKrEe3KJoESKzMVwlQ==
x-cache-hits
0
main.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/ 		2 MB
485 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/main.js?yocs=o_q_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48eac18ec8b1c06a5b11f38fbf38abf0d52f42b46f0c17a6250872645845dd82

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:23 GMT
via
1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P8
age
913458
x-yottaa-optimizations
ob/1000 si/36118cae0e20-1706737520-459169264 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
731233
content-length
495549
x-amz-meta-bundle
11110
x-served-by
cache-fra-etou8220112-FRA
x-yottaa-forcecache
true
last-modified
Wed, 17 Apr 2024 19:04:22 GMT
server
AmazonS3
x-timer
S1714294163.014946,VS0,VE1
etag
W/"e11da6efaf00697b75f2341ba60f1cc3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e42/[202,173,-] 36118cae0e20/[-,291.916]
accept-ranges
bytes
x-amz-cf-id
0cPM4CuLt-dHrAEO8-9xHnRHcyF0iqoWprHnjjFiJkkZlwEUjJhgEA==
x-cache-hits
0
pages-product-list-product-list-page.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/pages-product-list-product-list-page.js?yocs=o_q_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2461f7629a9751a8ce13d4fa6465bd4dade527356dedaa1e07be6712694ec4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:23 GMT
via
1.1 1e0f88a39289286be3e03ff93487da80.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P8
age
911084
x-yottaa-optimizations
ob/1100 si/36118cae0e22-1706737520-1366272429 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
731233
content-length
11877
x-amz-meta-bundle
11110
x-served-by
cache-fra-etou8220112-FRA
x-yottaa-forcecache
true
last-modified
Wed, 17 Apr 2024 19:04:22 GMT
server
AmazonS3
x-timer
S1714294163.014795,VS0,VE1
etag
W/"ca7a7404adea939845778aaeb96f1df0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e3f/[3,-,1713381128539] 36118cae0e22/[-,5.898]
accept-ranges
bytes
x-amz-cf-id
SXMKqQs18ciXVKT6PPPb7i7wlcB3jMgnMzISwZLoDZVqkMcni-0Z8w==
x-cache-hits
0
PWT_STORY_CAROUSEL_DESKTOP_3_OLIVIA-min
cdn.media.amplience.net/i/elfcosmetics/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CAROUSEL_DESKTOP_3_OLIVIA-min?fmt=auto
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
c75a0f7c4104d907f8419aeb5f87467a90bce54ef633af1e8a05c6c585c9994d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:23 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
LeqZ2T1R9,l4p5bDg2e,5-jG4GMEO,WepA0szpz
x-req-id
JsS20-4p_z
content-length
74537
x-xss-protection
1; mode=block
x-amp-source-height
1303
server
Unknown
x-frame-options
DENY
x-amp-source-width
855
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 21 Dec 2023 20:12:24 GMT
PWT_STORY_CAROUSEL_DESKTOP_3_PRODUCT_OFACE-min
cdn.media.amplience.net/i/elfcosmetics/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CAROUSEL_DESKTOP_3_PRODUCT_OFACE-min?fmt=auto
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
d7d6f2d3cc5c5e3b057e899b45fb372d18890b7b61e0df9ced47891f9bbf0061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:23 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
c6UK1oZku,l4p5bDg2e,QvpKILV5P,DtzGFM5oJ
x-req-id
8lGjG5iKAZ
content-length
16698
x-xss-protection
1; mode=block
x-amp-source-height
2000
server
Unknown
x-frame-options
DENY
x-amp-source-width
2000
access-control-allow-origin
*
content-type
image/webp
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 21 Dec 2023 20:12:23 GMT
PWT_STORY_CAROUSEL_DESKTOP_3_CHARLOTTE-min
cdn.media.amplience.net/i/elfcosmetics/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CAROUSEL_DESKTOP_3_CHARLOTTE-min?fmt=auto
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
32aaeee96fd5d4ee55d785e181d136b89e21de673bd8b6e89f4731412ba5aba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:23 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
1GTcnJLML,l4p5bDg2e,h1qKNVnZ0,WepA0szpz
x-req-id
sQAyPevctv
content-length
52930
x-xss-protection
1; mode=block
x-amp-source-height
1324
server
Unknown
x-frame-options
DENY
x-amp-source-width
862
access-control-allow-origin
*
content-type
image/avif
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 21 Dec 2023 20:12:24 GMT
PWT_STORY_CAROUSEL_DESKTOP_3_PRODUCT_H20PROOF-min
cdn.media.amplience.net/i/elfcosmetics/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CAROUSEL_DESKTOP_3_PRODUCT_H20PROOF-min?fmt=auto
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
e79dea9b0707ff2fa615359bdb9683037505ddb2a00daae13de4ae1a80055adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:23 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
M0ESz1ddA,l4p5bDg2e,nb-u70u49,DtzGFM5oJ
x-req-id
tCOvF6cNAI
content-length
20738
x-xss-protection
1; mode=block
x-amp-source-height
2400
server
Unknown
x-frame-options
DENY
x-amp-source-width
2400
access-control-allow-origin
*
content-type
image/webp
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 21 Dec 2023 20:12:23 GMT
PWT_STORY_HEADER_DESKTOP_BG-min
cdn.media.amplience.net/i/elfcosmetics/ 		630 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_BG-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
nHCweV-KL,l4p5bDg2e,2orsu9Nt2,k4NPUWi7z
x-req-id
CJP8Wscuez
content-length
644728
x-xss-protection
1; mode=block
x-amp-source-height
1249
server
Unknown
x-frame-options
DENY
x-amp-source-width
3199
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
PWT_STORY_HEADER_DESKTOP_CC-min
cdn.media.amplience.net/i/elfcosmetics/ 		205 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_CC-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2afa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:22 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
jV7FvZ5S2,l4p5bDg2e,HwG53bbZp,UyB2-aY-L
x-req-id
f1h5fn74u-
content-length
209440
x-xss-protection
1; mode=block
x-amp-source-height
340
server
Unknown
x-frame-options
DENY
x-amp-source-width
800
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/main.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zgTRIDojRJmnmBTwUyI2Vw==
age
43806
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Thu, 25 Apr 2024 20:00:12 GMT
server
cloudflare
etag
0x8DC6562513BC785
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
73ddc489-601e-005b-02f4-9700b8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87b5cc85d96d9745-FRA
/
api.ipify.org/ 		22 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c99190b8d37e8fb2b6324eb7d320bec6dfcadba4114ce999c2d9bbc9cad16180

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
87b5cc85d99b3aa3-FRA
content-length
22
/
api.ipify.org/ 		22 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c99190b8d37e8fb2b6324eb7d320bec6dfcadba4114ce999c2d9bbc9cad16180

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
87b5cc86fad83aa3-FRA
content-length
22
/
sdk.iad-05.braze.com/api/v3/data/ 		334 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebc31c445d550135a64e30d101613cb01783abaf666056c01ce1cc689b27a261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
f63994e6-44e3-4837-995b-b2b398edd13a
x-runtime
0.171828
server
cloudflare
etag
W/"ebc31c445d550135a64e30d101613cb0"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1714294167
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
87b5cc8739d171dc-FRA
x-ratelimit-remaining
495.0
callback
www.elfcosmetics.co.uk/
Redirect Chain
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client...
  • https://www.elfcosmetics.co.uk/callback?usid=ebb0d83b-e7fb-432f-95cd-70a9a5f471fb&code=at0rRw2cTkvMe7gL41V2jyFkPses51n4w0e7OKVtsc4
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/callback?usid=ebb0d83b-e7fb-432f-95cd-70a9a5f471fb&code=at0rRw2cTkvMe7gL41V2jyFkPses51n4w0e7OKVtsc4
Protocol
H2
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Apr 2024 08:49:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 b5c159ab1e3d68034f359064c18c720a.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
x-amz-cf-pop
ATL58-P7
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
07b29ef9-b533-4dbd-8dcf-e4e7dcaeb2b0
x-yottaa-optimizations
ob/1000 si/33D18cae0ce5-1714069497-8879694290 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
W7cPkFEUiYcEAgw=
content-length
0
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-662e0d96-5e4112cd6f2a64b1656e5af5;Parent=4737135722385c50;Sampled=0;lineage=dcd1e669:0
content-type
application/json
cache-control
public, max-age=604800
x-yottaa-os
200
x-yottaa-metrics
33218cae0c30/[179,177,-] 33D18cae0ce5/[-,181.208]
x-amzn-remapped-date
Sun, 28 Apr 2024 08:49:26 GMT
x-amz-cf-id
TLktHDmwIVD3PzOHib_pxd_oFQBSHo81-944lANSpNRCLA6ZKGk1qA==

Redirect headers

date
Sun, 28 Apr 2024 08:49:26 GMT
x-correlation-id
87b5cc8b2c0c05e6
via
1.1 b0d9885fa66f307673d2636510f36b60.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ATL58-P7
age
0
x-yottaa-optimizations
ob/0 si/33D18cae0ce5-1714069497-8879694289 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-ratelimit-1m-remaining
23579, 1963793
x-ratelimit-1m-reset
33716, 33716
x-ratelimit-1m-limit
24000, 2000000
vary
Accept-Encoding
location
https://www.elfcosmetics.co.uk/callback?usid=ebb0d83b-e7fb-432f-95cd-70a9a5f471fb&code=at0rRw2cTkvMe7gL41V2jyFkPses51n4w0e7OKVtsc4
cache-control
no-store
x-yottaa-os
303
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=1tr-iMOtlVhMQ4e7OcnNTgSOkUEi4t_qfZHSbc2tyh0
x-yottaa-metrics
33218cae0c31/[91,88,-] 33D18cae0ce5/[-,92.865]
cf-ray
87b5cc8b2c0c05e6-IAD
x-amz-cf-id
r3iOAIIZGyzRHaKojXc6oqFTsKg5sZNLpWurheCBrhaChqUmLFGHww==
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
87b5cc85d80671dc-FRA
content-encoding
gzip
date
Sun, 28 Apr 2024 08:49:25 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
25840211-e69f-428e-bb3b-0787cffdf0e8.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/25840211-e69f-428e-bb3b-0787cffdf0e8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949062629321267f5e4f5d183435ab758ad7898afe2b31dc262b6b164167ffa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
FgAuBFiP8zSeAA1ZcGm5bQ==
content-length
1495
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 17:32:15 GMT
server
cloudflare
etag
0x8DADD2FFA203B7A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
41c2cfdd-501e-006f-78e6-1d3370000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87b5cc867c2f920e-FRA
expires
Mon, 29 Apr 2024 08:49:25 GMT
init.js
www.elfcosmetics.co.uk/XT4Gy2ig/ 		168 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
9368d4a817e37c9f22c58be4fd36a560978343736494be8302aad1d7b98144c0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:25 GMT
content-encoding
gzip
etag
"2a0c4-K4r9hXrQrQIRJycuE4/8zq+U0wU"
active-cdn
Akamai
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
x-yottaa-metrics
33D18cae0ce5/[-,3.099]
x-px-hash
ZmNjZDQ0ODkyNTQwZjJkYmQwMDEzY2VmYjljYzE5YjJlZTA5ZDBjNmY2OGU5YmViYjMyOGY4MmMwY2ZmYjllMQ==
x-yottaa-optimizations
ob/0 si/33D18cae0ce5-1714069497-8879694287 tts/1714294165596 ti/0 ai/5dbb1b434f1bbf5af87e10a5
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept
application/json
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
87b5cc87388839ce-FRA
access-control-allow-headers
Content-Type
favicon.ico
www.elfcosmetics.co.uk/ 		34 KB
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:25 GMT
via
1.1 5f686ddb41ef48cff6539e4b9313916a.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
34494
x-amz-cf-pop
ATL58-P7
age
287
x-amzn-remapped-connection
close
x-amzn-requestid
748e803a-f8ab-4a99-b402-474608a9cab1
x-yottaa-optimizations
ob/0 si/33D18cae0ce5-1714069497-8879694288 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront
x-amz-apigw-id
W1u8rFDZCYcEtiw=
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
last-modified
Thu, 25 Apr 2024 19:20:46 GMT
x-amzn-trace-id
Root=1-662bc51d-6e33814c7bb3b18535c4be0d;Parent=64d9cf617201126a;Sampled=0;lineage=dcd1e669:0
etag
W/"86be-18f16b3feb0"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=600, s-maxage=600
x-yottaa-os
200
x-yottaa-metrics
33218cae0c32/[56,53,-] 33D18cae0ce5/[-,57.037]
x-amzn-remapped-date
Fri, 26 Apr 2024 15:15:41 GMT
x-amz-cf-id
3IBYfFCDDdtBbhLTHS2mbQwrVjSC-0NRjU9NY9cY9abnBZrEU-NrVw==
www-widgetapi.js
www.youtube.com/s/player/652ba3a2/www-widgetapi.vflset/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/652ba3a2/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fab1dbe30e8ff5b2b88f3175638cee6011f8c5ec952a555216436ca3045cd5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 06:39:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
7772
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68202
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 04:20:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 28 Apr 2025 06:39:53 GMT
js
www.paypal.com/sdk/ 		419 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8fd5e6962bde33408bdd66280bbd176a5dac01576e07ab1c1bad79ec4848e5ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ive4QFTPwzfqApM9N9HEDEsslj0plbb2b2pknaiKobc6L5RW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ive4QFTPwzfqApM9N9HEDEsslj0plbb2b2pknaiKobc6L5RW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ive4QFTPwzfqApM9N9HEDEsslj0plbb2b2pknaiKobc6L5RW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ive4QFTPwzfqApM9N9HEDEsslj0plbb2b2pknaiKobc6L5RW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sun, 28 Apr 2024 08:49:25 GMT
age
10141
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f270131d7a971
server-timing
"traceparent;desc="00-0000000000000000000f270131d7a971-51799cedfeae3887-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
117885
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f270131d7a971-a1b320fcf852fcfb-01
x-timer
S1714294166.716589,VS0,VE5
etag
W/"1cc7d-X3h+08pfcZF1+b9JnoyuIlxKqpY"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202211.2.0/ 		383 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uPFqyxtrxGqJsyAvB7RnSg==
age
57949
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
93482
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:45 GMT
server
cloudflare
etag
0x8DADC66BDFA5EC7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a5ea234d-301e-0069-6d88-1700cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87b5cc879b269745-FRA
en.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/6e10e834-96b1-4572-80d7-3109ba160fd7/ 		73 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/6e10e834-96b1-4572-80d7-3109ba160fd7/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71bd66530457656271aa253073fb867cdc9068586f7af54e341667687162909e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
FVTe+XzL+4tWjb2VPxjyIQ==
content-length
15363
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 17:32:16 GMT
server
cloudflare
etag
0x8DADD2FFAAA3EC3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
73e8b48e-b01e-0058-5103-24e1dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87b5cc87fd51920e-FRA
expires
Mon, 29 Apr 2024 08:49:25 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		399 KB
57 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3090ce882e677a39d0f6814ce87422a8211b50a20b19057153bdac2655e74a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
HUSHxuq+kA7yVQjSM3eVFQ==
age
82754
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
58172
x-ms-lease-status
unlocked
last-modified
Sat, 27 Apr 2024 03:29:29 GMT
server
cloudflare
etag
0x8DC666A3F56106D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e2fe1af4-601e-005b-3754-9800b8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87b5cc87fd53920e-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/202211.2.0/ 		68 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/otTCF.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jNSx0jAViofB7ggqqp6FUQ==
age
53286
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15011
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:44 GMT
server
cloudflare
etag
0x8DADC66BD0C2AD7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e8c255f1-801e-001e-27e6-1dd55b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87b5cc87fb8d9745-FRA
local
www.paypal.com/credit-presentment/experiments/ Frame 647D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.63.0&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
51828
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1524
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Sun, 28 Apr 2024 08:49:25 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-ufo1wUhVJ2zUz5eA/uYPtxnh9AM"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f951750eb3ff7
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f951750eb3ff7-95a0489529d3f7a7-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f951750eb3ff7-8c976ce0dd7f433d-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
7186, 0
x-served-by
cache-fra-etou8220159-FRA, cache-fra-etou8220159-FRA
x-timer
S1714294166.891879,VS0,VE5
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.co.uk&t=xo&v=5.0.434&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf9ae4203c12a3d4d710c92bc74e2d6b32f4ff6e1dc83d98748f9739b7ee4223
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-zRtenGyA6f9vGXzmGqPZyQr5AG1VN8S3QXisyDMDyCgy/U35' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-zRtenGyA6f9vGXzmGqPZyQr5AG1VN8S3QXisyDMDyCgy/U35' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Apr 2024 08:49:25 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
280
x-cache
HIT, MISS
paypal-debug-id
f4400109789c1
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4798
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f4400109789c1-ab2786362c8438c6-01
x-timer
S1714294166.839612,VS0,VE5
etag
W/"3695-NbtEkIMJF6Nczchp+lGvqJI78Yc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
ts
t.paypal.com/ 		42 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Cosmetic%20Criminals%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1714294165859&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 28 Apr 2024 08:49:26 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
2916688dcc330
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220156-FRA
pragma
no-cache
correlation-id
2916688dcc330
traceparent
00-00000000000000000002916688dcc330-7c3c15352a94a7c1-01
x-timer
S1714294166.026985,VS0,VE145
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 08:49:26 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vO8A/abKpoPacUrvSk9OSw==
age
59882
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:35 GMT
server
cloudflare
etag
0x8DADC66B7AF38D0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
716fea89-301e-0069-5c71-2200cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87b5cc890e20920e-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ 		61 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
mBGnk7IXt0USbYmXZQhmOw==
age
59882
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12540
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:37 GMT
server
cloudflare
etag
0x8DADC66B90C98A8
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9d14a6e7-501e-0032-2e08-7c39f4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87b5cc890e21920e-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
58a0ec20-b01e-0058-05af-0be1dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
87b5cc890e22920e-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
532 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
66850
x-ms-lease-status
unlocked
last-modified
Thu, 25 Apr 2024 20:00:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
63c2e639-701e-0025-3d8c-9790ff000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
87b5cc89cea9920e-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
62148
content-length
4036
x-ms-lease-status
unlocked
last-modified
Thu, 25 Apr 2024 20:00:15 GMT
server
cloudflare
etag
0x8DC656252E5AA10
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
cb45c8db-f01e-0004-5289-97b484000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87b5cc89edd09745-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 28 Apr 2024 08:49:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
30708
x-ms-lease-status
unlocked
last-modified
Thu, 25 Apr 2024 20:00:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e7b30062-501e-008b-7b0c-983dee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
87b5cc89edd29745-FRA
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
7e8a399aebca4
dc
ccg11-origin-www-1.paypal.com
content-length
16355
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (frc/4CA9)
traceparent
00-00000000000000000007e8a399aebca4-4dc0782d7a7ccdb5-01
etag
"64f25363-daa8+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 28 Apr 2024 09:49:26 GMT
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		540 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
8188d155912c33d48b8da73863209b8920572ce230b01229c22757df4c71091e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 28 Apr 2024 08:49:25 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
540
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		59 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ed64ba1a0f1af7b481c5ae8ea4124175048757a70b7e2defa1038edf0c8cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://www.elfcosmetics.co.uk/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
f01897de-2967-475e-86a6-c803178402fd
x-runtime
0.025978
server
cloudflare
etag
W/"56ed64ba1a0f1af7b481c5ae8ea41241"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1714294167
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
87b5cc8b8eed71dc-FRA
x-ratelimit-remaining
493.0
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
87b5cc8a7da171dc-FRA
content-encoding
gzip
date
Sun, 28 Apr 2024 08:49:26 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
index.html
www.paypalobjects.com/muse/analytics/ Frame 100B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16754
content-type
text/html
date
Sun, 28 Apr 2024 08:49:26 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc+gzip"
expires
Sun, 28 Apr 2024 09:49:26 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
4a5cd2311e831
server
ECAcc (frc/4CBF)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000004a5cd2311e831-bbd00fbdfe56334c-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
token
www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
890a43e24bee1b017e33677e05f7a8d2653becdcb113977c9b8412e2d1ffad6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:26 GMT
content-encoding
gzip
x-correlation-id
87b5cc8f29113b4a
cf-cache-status
DYNAMIC
via
1.1 dd50d82eb44c5dac221e5595321dc69e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ATL58-P7
age
0
x-yottaa-optimizations
ob/1000 si/33D18cae0ce5-1714069497-8879694291 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-ratelimit-1m-remaining
23569, 1962781
x-ratelimit-1m-reset
33069, 33068
vary
Accept-Encoding, User-Agent
x-ratelimit-1m-limit
24000, 2000000
content-type
application/json
cache-control
no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics
33218cae0c2f/[124,104,-] 33D18cae0ce5/[-,125.997]
cf-ray
87b5cc8f29113b4a-IAD
x-amz-cf-id
QX_1bT55gTdM-NU8_Vqn2NmJ9FH2VKBypO6Q3PAX3QyvrhTtV1CdOw==
ts
t.paypal.com/ 		42 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Cosmetic%20Criminals%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1714294166721&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 28 Apr 2024 08:49:26 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
f2d6f85dd2cae
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220156-FRA
pragma
no-cache
correlation-id
f2d6f85dd2cae
traceparent
00-0000000000000000000f2d6f85dd2cae-10ac77cbb8d85b92-01
x-timer
S1714294167.734631,VS0,VE144
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 08:49:26 GMT
sessions
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/sessions
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4MzFkYTk4OS01NGU2LTQwYjUtYTI5OC0wZDQxYjc1ZjdiMWUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmViYjBkODNiLWU3ZmItNDMyZi05NWNkLTcwYTlhNWY0NzFmYiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTQyOTQxMzYsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFieHVoR2tlbzJrMGdSeHJCS3dHWVlrWGhLOjpjaGlkOiAiLCJleHAiOjE3MTQyOTU5NjYsImlhdCI6MTcxNDI5NDE2NiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMTUyMjI5ODI3ODIwODQ4MSJ9.FIcOYLZKaHjo-yFXZWTOme3r_Mexl32kpJzj-tgUTE91MOOxrAHo6ipqy3nIOoNKSAx3-3vT11cbbn9J_gWvPw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
via
1.1 b27acef8f82d05ea139bb88da71a2520.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
ATL58-P7
age
0
x-yottaa-optimizations
ob/0 si/33D18cae0ce5-1714069497-8879694292 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
allow
OPTIONS,POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
33218cae0c28/[118,117,-] 33D18cae0ce5/[-,119.459]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/sessions
accept-ranges
bytes
cf-ray
87b5cc914bbc8029-IAD
x-dw-request-base-id
qbDf6pcNLmYBAAB_
x-amz-cf-id
YELGagIhTC30UdlfUh2uydPaEeeoAT3MQ2qyn2HfWvSkUJlIw31Jrg==
x-yottaa-os
204
expires
Thu, 01 Dec 1994 16:00:00 GMT
shoppercontext
www.elfcosmetics.co.uk/api/v1/ 		57 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/api/v1/shoppercontext?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4MzFkYTk4OS01NGU2LTQwYjUtYTI5OC0wZDQxYjc1ZjdiMWUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmViYjBkODNiLWU3ZmItNDMyZi05NWNkLTcwYTlhNWY0NzFmYiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTQyOTQxMzYsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFieHVoR2tlbzJrMGdSeHJCS3dHWVlrWGhLOjpjaGlkOiAiLCJleHAiOjE3MTQyOTU5NjYsImlhdCI6MTcxNDI5NDE2NiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMTUyMjI5ODI3ODIwODQ4MSJ9.FIcOYLZKaHjo-yFXZWTOme3r_Mexl32kpJzj-tgUTE91MOOxrAHo6ipqy3nIOoNKSAx3-3vT11cbbn9J_gWvPw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 b76498b6ac7fd194024e4e5c7f2fb4d8.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
57
content-encoding
gzip
x-amz-cf-pop
ATL58-P7
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
8a24d8f0-757b-44db-9649-30c7818f3611
x-yottaa-optimizations
ob/1000 si/33D18cae0ce5-1714069497-8879694293 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
W7cPqHZSiYcEnVA=
content-length
79
alt-svc
h3=":443"; ma=86400
etag
W/"39-LgPw152VfElAKHYfDt/MyAcU00g"
x-amzn-trace-id
Root=1-662e0d97-7c621199613f0423585b2af0;Parent=74f36656c11e4bd7;Sampled=0;lineage=dcd1e669:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
33218cae0c29/[698,697,-] 33D18cae0ce5/[-,699.609]
x-amzn-remapped-date
Sun, 28 Apr 2024 08:49:27 GMT
x-amz-cf-id
5Pa-hIe5LM-6-ZZL_RepXifPeVLSuuURvyH-lUqNPze4XfXn6Koyyg==
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		59 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ed64ba1a0f1af7b481c5ae8ea4124175048757a70b7e2defa1038edf0c8cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://www.elfcosmetics.co.uk/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
a25154ab-9598-4ca1-9ebc-4aeb2119e843
x-runtime
0.028362
server
cloudflare
etag
W/"56ed64ba1a0f1af7b481c5ae8ea41241"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1714294170
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
87b5cc901b4771dc-FRA
x-ratelimit-remaining
498.0
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=84.19.175.183
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 c21cc2dcbb86a72ada5c844ca6f58e42.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P7
x-yottaa-optimizations
ob/1000 si/33D18cae0ce5-1714069497-8879694295 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=84.19.175.183
x-yottaa-metrics
33218cae0c27/[202,200,-] 33D18cae0ce5/[-,203.161]
cf-ray
87b5cc91e932398b-IAD
x-dw-request-base-id
DRC9gZcNLmYBAAB_
x-amz-cf-id
SZuZDnVw_nF0sXemT8YUVBPb7yt5S1rCdl02JNXnn7xCQyrZ1Q6-rA==
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=84.19.175.183
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 c1c5f30ec36893780d7ac5375f29bb8c.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P7
x-yottaa-optimizations
ob/1000 si/33D18cae0ce5-1714069497-8879694297 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=84.19.175.183
x-yottaa-metrics
33218cae0c6b/[192,191,-] 33D18cae0ce5/[-,193.586]
cf-ray
87b5cc94eda42048-IAD
x-dw-request-base-id
HVrj0ZcNLmYBAAB_
x-amz-cf-id
TiPeOoqWh0aX9vvhu-WhC782Og6frowNwEGHmm3Um6c_TqPc63n5Hg==
baskets
www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abxuhGkeo2k0gRxrBKwGYYkXhK/ 		11 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abxuhGkeo2k0gRxrBKwGYYkXhK/baskets?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4MzFkYTk4OS01NGU2LTQwYjUtYTI5OC0wZDQxYjc1ZjdiMWUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmViYjBkODNiLWU3ZmItNDMyZi05NWNkLTcwYTlhNWY0NzFmYiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTQyOTQxMzYsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFieHVoR2tlbzJrMGdSeHJCS3dHWVlrWGhLOjpjaGlkOiAiLCJleHAiOjE3MTQyOTU5NjYsImlhdCI6MTcxNDI5NDE2NiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMTUyMjI5ODI3ODIwODQ4MSJ9.FIcOYLZKaHjo-yFXZWTOme3r_Mexl32kpJzj-tgUTE91MOOxrAHo6ipqy3nIOoNKSAx3-3vT11cbbn9J_gWvPw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
sfdc_customization
HOOK
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
87b5cc924f3168ee
x-content-type-options
nosniff
via
1.1 b0d9885fa66f307673d2636510f36b60.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P7
x-yottaa-optimizations
ob/1000 si/33D18cae0ce5-1714069497-8879694294 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=w4so6vjETwsUBK1T64C39D3zAnnsAFWlwPPRGWdbCGM-1714294167-1.0.1.1-2fl1f..43iI4SUjrCMFO8NwuWFS8nu5fszOXfpdVe6Z5CzhQDV3iFOUWHHMm9WwLeyCVqMX5F2lUYlGR2_EBAwOjZ7pMqZFaMcNHiC_r3ZiT2bOHH3CPMLCfSeRwW2hoNyyMpNTui0CvfZVzvtsGCqNmYHVqPzDrdm2CFVTU5QX87cNpPhgiSW.Rc2U9ByTo; report-to cf-csp-endpoint
x-cache
Miss from cloudfront
age
0
content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
37
allow
GET,HEAD,OPTIONS
x-ratelimit-remaining
999
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
sfdc_load
2
x-yottaa-metrics
33218cae0c26/[135,133,-] 33D18cae0ce5/[-,136.872]
cache-control
max-age=0,no-cache,no-store
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abxuhGkeo2k0gRxrBKwGYYkXhK/baskets?siteId=elf-eu
x-ratelimit-limit
99999
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=w4so6vjETwsUBK1T64C39D3zAnnsAFWlwPPRGWdbCGM-1714294167-1.0.1.1-2fl1f..43iI4SUjrCMFO8NwuWFS8nu5fszOXfpdVe6Z5CzhQDV3iFOUWHHMm9WwLeyCVqMX5F2lUYlGR2_EBAwOjZ7pMqZFaMcNHiC_r3ZiT2bOHH3CPMLCfSeRwW2hoNyyMpNTui0CvfZVzvtsGCqNmYHVqPzDrdm2CFVTU5QX87cNpPhgiSW.Rc2U9ByTo"}],"group":"cf-csp-endpoint","max_age":86400}
accept-ranges
bytes
cf-ray
87b5cc924f3168ee-IAD
x-amz-cf-id
pT8x2bRrtdQgzdgNsytqx4LH5xh1GMxpVlbKVpvRv694HuL4K-VyBg==
x-yottaa-os
200
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ 		98 B
520 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/main.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.4.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-4-161.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
c26aef4e0bca0520692775bd0dea9175719fa3a5e255830e1de1901d3c98f278
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-cq-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.elfcosmetics.co.uk/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
strict-transport-security
max-age=15552000; includeSubdomains
server
envoy
etag
W/"62-Jwo1ByhAVyyA+CBIAOE6VQaFKMw"
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
content-length
98
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.4.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-4-161.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cq-client-id
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type, x-cq-tenant, x-cq-client-id
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
content-length
0
date
Sun, 28 Apr 2024 08:49:27 GMT
server
envoy
strict-transport-security
max-age=15552000; includeSubdomains
x-envoy-upstream-service-time
1
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		600 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
435609c37b09b94d54da06e59b4ecde1dcf8e016e4c924798a8b9e07567f6392

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 28 Apr 2024 08:49:26 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
baskets
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/baskets
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
bec1e3a5f68e911cb57b9ecd272c41b156ff60586874073d0024ffffdae1913e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4MzFkYTk4OS01NGU2LTQwYjUtYTI5OC0wZDQxYjc1ZjdiMWUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmViYjBkODNiLWU3ZmItNDMyZi05NWNkLTcwYTlhNWY0NzFmYiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTQyOTQxMzYsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFieHVoR2tlbzJrMGdSeHJCS3dHWVlrWGhLOjpjaGlkOiAiLCJleHAiOjE3MTQyOTU5NjYsImlhdCI6MTcxNDI5NDE2NiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMTUyMjI5ODI3ODIwODQ4MSJ9.FIcOYLZKaHjo-yFXZWTOme3r_Mexl32kpJzj-tgUTE91MOOxrAHo6ipqy3nIOoNKSAx3-3vT11cbbn9J_gWvPw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 b76498b6ac7fd194024e4e5c7f2fb4d8.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P7
age
0
x-yottaa-optimizations
ob/1000 si/33D18cae0ce5-1714069497-8879694296 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
content-encoding
gzip
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
986
pragma
no-cache
etag
6469499108aaca2e2de5b24c18c98bc59e83e34e3cd8e2c4457e1dd136ec9a6f
allow
OPTIONS,POST
content-type
application/json;charset=UTF-8
x-dw-resource-state
6469499108aaca2e2de5b24c18c98bc59e83e34e3cd8e2c4457e1dd136ec9a6f
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
33218cae0c2e/[142,141,-] 33D18cae0ce5/[-,143.188]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/baskets
accept-ranges
bytes
cf-ray
87b5cc940d758029-IAD
x-dw-request-base-id
qbDn6pcNLmYBAAB_
x-amz-cf-id
p5-9f0nbJZJE371OA-5WttPoJ5naw1WJfaLTa_z5wycP5Ed_28qZpA==
x-yottaa-os
200
expires
Thu, 01 Dec 1994 16:00:00 GMT
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/11110/static/img/flag-icons/ 		717 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/11110/static/img/flag-icons/gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
via
1.1 86f2f193aa2ea128cb06e1f9e32be874.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
ATL58-P7
age
913466
x-yottaa-optimizations
ob/1001 si/33D18cae0ce5-1713268806-9942965799 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
731233
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
11110
x-yottaa-forcecache
true
last-modified
Wed, 17 Apr 2024 19:04:22 GMT
etag
"16dfdbf49f70333477dcc4574e45c19e"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
33218cae0ca3/[5,2,-] 33D18cae0ce5/[hit]
x-amz-cf-id
rYDnyGip5kt5UsI7V8vVxqtl5a4PY2HBb8dyDr5T1LPPXlMSwHUUFg==
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/11110/static/img/flag-icons/ 		717 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/11110/static/img/flag-icons/gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
via
1.1 86f2f193aa2ea128cb06e1f9e32be874.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
ATL58-P7
age
913466
x-yottaa-optimizations
ob/1001 si/33D18cae0ce5-1713268806-9942965799 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
731233
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
11110
x-yottaa-forcecache
true
last-modified
Wed, 17 Apr 2024 19:04:22 GMT
etag
"16dfdbf49f70333477dcc4574e45c19e"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
33218cae0ca3/[5,2,-] 33D18cae0ce5/[hit]
x-amz-cf-id
rYDnyGip5kt5UsI7V8vVxqtl5a4PY2HBb8dyDr5T1LPPXlMSwHUUFg==
NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::210:6e29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Sun, 28 Apr 2024 08:49:28 GMT
server
Unknown
x-amz-server-side-encryption
AES256
x-amp-srv
A
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
5378
icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::210:6e29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Sun, 28 Apr 2024 08:49:28 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
996
icon-noun-drop-1235517%201
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::210:6e29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
f366287eaa5627dc7ee48d1fcb79d20bceae8238ee2f1dd772f059685fe9c799

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Sun, 28 Apr 2024 08:49:28 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
838
300240
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/products/ 		49 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/products/300240?siteId=elf-eu&locale=en-GB&currency=GBP&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
15bab3410ec9ca94a0e7a2b790c844c628387b3156deaef83b03b97cdb742030
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
cache-control
no-cache
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:28 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
via
1.1 538cf444f0c6dac6454a3baf06f65b9e.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P7
x-yottaa-optimizations
ob/1000 si/33D18cae0ce5-1714069497-8879694299 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 28 Apr 2024 08:49:28 GMT
allow
GET,HEAD,OPTIONS
vary
accept-encoding
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/products/300240?siteId=elf-eu&locale=en-GB&currency=GBP&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
x-yottaa-metrics
33218cae0c6c/[206,204,-] 33D18cae0ce5/[-,207.383]
cf-ray
87b5cc975c6c398b-IAD
x-dw-request-base-id
DRDQgZgNLmYBAAB_
x-amz-cf-id
pciPQQsBvcP-FzyHujadxwrszAwVCSdJewy9mxB3aMICeNkQYtJ2zg==
script-tag.js
cdn-scripts.signifyd.com/api/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-127.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:47:56 GMT
content-encoding
gzip
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
last-modified
Tue, 23 Apr 2024 14:51:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
93
x-amz-server-side-encryption
AES256
etag
W/"73ca6f23f3e08738233832c7a7a0c30c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
l9bYcAgKvD4-TiTlEwIVR5nS6lGaXkFCRsRnpfM3V0aLwIRtciD4uw==
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/11110/static/img/flag-icons/ 		717 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/11110/static/img/flag-icons/gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
via
1.1 86f2f193aa2ea128cb06e1f9e32be874.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
ATL58-P7
age
913466
x-yottaa-optimizations
ob/1001 si/33D18cae0ce5-1713268806-9942965799 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
731233
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
11110
x-yottaa-forcecache
true
last-modified
Wed, 17 Apr 2024 19:04:22 GMT
etag
"16dfdbf49f70333477dcc4574e45c19e"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
33218cae0ca3/[5,2,-] 33D18cae0ce5/[hit]
x-amz-cf-id
rYDnyGip5kt5UsI7V8vVxqtl5a4PY2HBb8dyDr5T1LPPXlMSwHUUFg==
promotions
www.elfcosmetics.co.uk/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-eu&ids=2024-04-gwp-%C2%A335&locale=en-GB
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
4694668aab8688436e35d4621e6ec00fe13a57ecfbf7052278ddcff48bad3d57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4MzFkYTk4OS01NGU2LTQwYjUtYTI5OC0wZDQxYjc1ZjdiMWUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmViYjBkODNiLWU3ZmItNDMyZi05NWNkLTcwYTlhNWY0NzFmYiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTQyOTQxMzYsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFieHVoR2tlbzJrMGdSeHJCS3dHWVlrWGhLOjpjaGlkOiAiLCJleHAiOjE3MTQyOTU5NjYsImlhdCI6MTcxNDI5NDE2NiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMTUyMjI5ODI3ODIwODQ4MSJ9.FIcOYLZKaHjo-yFXZWTOme3r_Mexl32kpJzj-tgUTE91MOOxrAHo6ipqy3nIOoNKSAx3-3vT11cbbn9J_gWvPw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:28 GMT
content-encoding
gzip
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
87b5cc9abffa8248
x-content-type-options
nosniff
via
1.1 6c3f0c3452643fca1b8580e04f18c2d8.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P7
x-yottaa-optimizations
ob/1000 si/33D18cae0ce5-1714069497-8879694300 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
vary
accept-encoding
content-type
application/json;charset=UTF-8
x-ratelimit-remaining
999
sfdc_load
2
cache-control
private,max-age=58
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-eu&ids=2024-04-gwp-%C2%A335&locale=en-GB
x-ratelimit-limit
99999
accept-ranges
bytes
cf-ray
87b5cc9abffa8248-IAD
x-amz-cf-id
8pv3o_1SeYmZDcc6EM9-f3dagjfv3BmxKnea33t21Orjbj-ECIcJXw==
x-yottaa-metrics
33218cae0c6d/[163,161,-] 33D18cae0ce5/[-,164.920]
company_toolkit.js
cdn-scripts.signifyd.com/api/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-127.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:31:38 GMT
content-encoding
gzip
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
last-modified
Tue, 30 May 2023 10:18:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
1071
x-amz-server-side-encryption
AES256
etag
W/"2c3950f122b3977df61b0e077aaa92c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
rNhX_0SFwh3RtK7nul0WHdvu2Wstv46YD9GfezhnDT12QWIbQy0Uuw==
cmapqtcusxo6qxnd.js
imgs.signifyd.com/ 		96 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/cmapqtcusxo6qxnd.js?58bk9rndb5so1rdr=w2txo5aa&49uoqdl3r3rk5hrw=LzIyOWQxY2QyOWZiNmEwYmU3NWVjNmY3MmRm
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
c0f45f6c4aff8514c5194d93844a85a90bd7fd9c6ada4ebb879004fddea7defe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 28 Apr 2024 08:49:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP=IVAa PSAa
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
9E9EzmDejMzySsOd
imgs.signifyd.com/ Frame BB34 		278 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/9E9EzmDejMzySsOd?dcce84d791df469b=_LmV3iEMiVxcpR-aAPKtRBUvI6K_j6VCxbUhjIM-eGlE_4NZ2AZ2JVul9It3s1WrirwA7FVn_znE_Bc8tTKAPveSyG5ZeDU08Bxs5p6-ajJ6eK4l8Q9yAz8Rc6JqZNJz043102eonAVH02YgRWqMgRB_OVsPHJwrCad3Tay4MApdmEo1KGRLZGLHxc3sE3lQTbbC6Iz05YS5Aqvf&jb=3d332e2e60716f7d355569666e6d7d7b2c62736d355f696c6e6d75792f3a3833392e687b6a7f354b62706f656d246a7b683f496078676d672d3a30333836
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/cmapqtcusxo6qxnd.js?58bk9rndb5so1rdr=w2txo5aa&49uoqdl3r3rk5hrw=LzIyOWQxY2QyOWZiNmEwYmU3NWVjNmY3MmRm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
fc1a0b34ca99430b0714dab47ef3414c18b342a4b1a9c10ed3972c0c20a5bf3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 28 Apr 2024 08:49:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
b90bd58a4847bd9a
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
I2t6ZLJjSaMKDoDG
imgs.signifyd.com/ Frame BB34 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/I2t6ZLJjSaMKDoDG?607b4987992cfa08=4Tm-PM_fKg1FNEX5KvbyGEklHmuZrxivSLR81sNr1fy1WUOJNgO9VxrJJnBvkedQzAdgMqG_wLgcj1HS1ehZtUlKFH1WIPZHTldpJ2D-V52OS-55ZQbRbeI8-7kWc1zWzl6Ou-DuUCEbSWkDuH8WeV8vbwA2SJNxxW081ME
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 28 Apr 2024 08:49:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
_i_l4yswkOQOCPRi
imgs.signifyd.com/ Frame BB34 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/_i_l4yswkOQOCPRi?a290ccddaf3c4523=Pghx36xzsQnkdoUIGF_jPTGQDb88-e9c7l5t0hiGjm6zS769DDy3rPRRHKnuZOfjxKnq98ccyrvStlhqzmbh4-i0j40eVC5-v4Vtl03QKhxnkvJoZwHwG45baX6mq_f6gD9Y1rRC6ynbP39TurNMy2Kpc5wUP-iYkhNx-X0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 28 Apr 2024 08:49:28 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/11110/static/img/flag-icons/ 		717 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/11110/static/img/flag-icons/gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:49:27 GMT
via
1.1 86f2f193aa2ea128cb06e1f9e32be874.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
ATL58-P7
age
913466
x-yottaa-optimizations
ob/1001 si/33D18cae0ce5-1713268806-9942965799 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
731233
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
11110
x-yottaa-forcecache
true
last-modified
Wed, 17 Apr 2024 19:04:22 GMT
etag
"16dfdbf49f70333477dcc4574e45c19e"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
33218cae0ca3/[5,2,-] 33D18cae0ce5/[hit]
x-amz-cf-id
rYDnyGip5kt5UsI7V8vVxqtl5a4PY2HBb8dyDr5T1LPPXlMSwHUUFg==
productratings
www.elfcosmetics.co.uk/api/v1/ 		85 B
870 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/api/v1/productratings
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11110/main.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.229 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
42a32262ac54aec469447702fe3e247ab6f17ffcbcd266d76a75cf6b9fd59a86
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 28 Apr 2024 08:49:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 c2eb082c7c9da19c441d80e4c661fea8.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
85
content-encoding
gzip
x-amz-cf-pop
ATL58-P7
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
a5643923-3efd-43a6-8d7a-17247a65bf03
x-yottaa-optimizations
ob/1000 si/33D18cae0ce5-1714069497-8879694301 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
W7cP-HSEiYcEcTA=
content-length
107
alt-svc
h3=":443"; ma=86400
etag
W/"55-ff2hxw+X3hu8ZfhDslqWeAkJIDE"
x-amzn-trace-id
Root=1-662e0d99-7309c6c01ccd82a40ac9ef8e;Parent=185426934bd4edea;Sampled=0;lineage=dcd1e669:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
33218cae0c6e/[494,492,-] 33D18cae0ce5/[-,495.070]
x-amzn-remapped-date
Sun, 28 Apr 2024 08:49:29 GMT
x-amz-cf-id
ytpfe1nKWokQNT4sHRBoM0Kn8MR2AfO8fvjKSuvHCutV1Mu2_H1vew==
clear.png
imgs.signifyd.com/fp/ Frame BB34 		81 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/9E9EzmDejMzySsOd?dcce84d791df469b=_LmV3iEMiVxcpR-aAPKtRBUvI6K_j6VCxbUhjIM-eGlE_4NZ2AZ2JVul9It3s1WrirwA7FVn_znE_Bc8tTKAPveSyG5ZeDU08Bxs5p6-ajJ6eK4l8Q9yAz8Rc6JqZNJz043102eonAVH02YgRWqMgRB_OVsPHJwrCad3Tay4MApdmEo1KGRLZGLHxc3sE3lQTbbC6Iz05YS5Aqvf&jb=3d332e2e60716f7d355569666e6d7d7b2c62736d355f696c6e6d75792f3a3833392e687b6a7f354b62706f656d246a7b683f496078676d672d3a30333836
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*, w2txo5aa/b90bd58a4847bd9alziyowqxy2qyowzinmewymu3nwvjnmy3mmrm
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 28 Apr 2024 08:49:29 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Sun, 28 Apr 2024 08:49:29 GMT
Server
Apache
Etag
d92a8ca4a31a4ab09bd41d887ff5ca1f
Content-Type
image/png
Access-Control-Allow-Origin
https://www.elfcosmetics.co.uk
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Fri, 27 Apr 2029 08:49:29 GMT
M9TR30BF8BDnVR-6
imgs.signifyd.com/ Frame 2E95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/M9TR30BF8BDnVR-6?9102778aa6764315=qqj8CKyMBrbpWW1vIWmxGoupT5GXwam5cbtoZ-KNiXwJs1RMCk0u6hGvzd9JOvDopwNPsi9rNPYXqy4K0-nIaF-f6ZJxstHrFi4vNPjcaIIsm2A6Jeabz1r1Uo6WHQ5jj4R_nNZXAbQ-4deXLh5TAnMgw1nrUhi7jFCpgVkNrriHljzpcDCpkB8hBFCOJktLJvECxC3GDr7ZFmayCIg
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/9E9EzmDejMzySsOd?dcce84d791df469b=_LmV3iEMiVxcpR-aAPKtRBUvI6K_j6VCxbUhjIM-eGlE_4NZ2AZ2JVul9It3s1WrirwA7FVn_znE_Bc8tTKAPveSyG5ZeDU08Bxs5p6-ajJ6eK4l8Q9yAz8Rc6JqZNJz043102eonAVH02YgRWqMgRB_OVsPHJwrCad3Tay4MApdmEo1KGRLZGLHxc3sE3lQTbbC6Iz05YS5Aqvf&jb=3d332e2e60716f7d355569666e6d7d7b2c62736d355f696c6e6d75792f3a3833392e687b6a7f354b62706f656d246a7b683f496078676d672d3a30333836
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Apr 2024 08:49:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
sjitbR3DO9_VXzhM
imgs.signifyd.com/ Frame BB34 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/sjitbR3DO9_VXzhM?00c80965a24f0fb3=XjLLj7bAXteKNHtIl7yFPfUr3xq3BnKi3ZlP11PaF62O0qnv5rdjiD_YQ3jkljlgFekj3JzxkJkOo4RnVl4VFPcD3b6xN5THZwDlSOizctnNJH2OfFomsHukrhS13_yTo6-BS0YiOkO5m4M_NeY-DCzX07Y&jb=3b3c2e6479633d3c3933343d6b633f3f683030363f6a65633a30643a3b3f6e61383e33393f3c6c
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/9E9EzmDejMzySsOd?dcce84d791df469b=_LmV3iEMiVxcpR-aAPKtRBUvI6K_j6VCxbUhjIM-eGlE_4NZ2AZ2JVul9It3s1WrirwA7FVn_znE_Bc8tTKAPveSyG5ZeDU08Bxs5p6-ajJ6eK4l8Q9yAz8Rc6JqZNJz043102eonAVH02YgRWqMgRB_OVsPHJwrCad3Tay4MApdmEo1KGRLZGLHxc3sE3lQTbbC6Iz05YS5Aqvf&jb=3d332e2e60716f7d355569666e6d7d7b2c62736d355f696c6e6d75792f3a3833392e687b6a7f354b62706f656d246a7b683f496078676d672d3a30333836
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 28 Apr 2024 08:49:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
CzJ-uRi-BRqbKUhA
h.online-metrix.net/ Frame 93F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/CzJ-uRi-BRqbKUhA?af7ae8be3663026c=yPXMbFNbG82i8TEAl-uWo7Wh0dLdWI4OZZoF-WbB2XgotwkBeXLPnwV-HvYqxqm6zR-ERi9_0B8v0zbuNeg5hCIU3RXYSuA8RxNnPhfUxHRAIY6SLLjm3iigtIet59R6u0zLbbFDPI92u0KKIKvZ582kk9iDzRSjcnGi2ekaP87ZzrYq74VVAQeLKrxtHj_4YyyyQ-HRLsDwkMWhtZeV
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/9E9EzmDejMzySsOd?dcce84d791df469b=_LmV3iEMiVxcpR-aAPKtRBUvI6K_j6VCxbUhjIM-eGlE_4NZ2AZ2JVul9It3s1WrirwA7FVn_znE_Bc8tTKAPveSyG5ZeDU08Bxs5p6-ajJ6eK4l8Q9yAz8Rc6JqZNJz043102eonAVH02YgRWqMgRB_OVsPHJwrCad3Tay4MApdmEo1KGRLZGLHxc3sE3lQTbbC6Iz05YS5Aqvf&jb=3d332e2e60716f7d355569666e6d7d7b2c62736d355f696c6e6d75792f3a3833392e687b6a7f354b62706f656d246a7b683f496078676d672d3a30333836
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Apr 2024 08:49:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
VkpmUo0GJPvYx0kx
imgs.signifyd.com/ Frame 98DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/VkpmUo0GJPvYx0kx?e30408e1f917d75a=j0k2WhJZ8KAkZmxioEknjddLwsPeAzhP5nY8G2NSiYbC9JJ81E80pr83umsjg87pykIDTmInO42Gx5oZYSxZVXCpgAr6J7BWox14ai1Vhzg_l6Iyrw0P7aA6FenCgTlSMVofbHq7AQ9g_YjlPRtr6kakSt4E3j_zj9VSqPPV3tz8HXT52ObWnxrNbHkwtKqgSwF9wbA51CfOvqoWo6lr
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/9E9EzmDejMzySsOd?dcce84d791df469b=_LmV3iEMiVxcpR-aAPKtRBUvI6K_j6VCxbUhjIM-eGlE_4NZ2AZ2JVul9It3s1WrirwA7FVn_znE_Bc8tTKAPveSyG5ZeDU08Bxs5p6-ajJ6eK4l8Q9yAz8Rc6JqZNJz043102eonAVH02YgRWqMgRB_OVsPHJwrCad3Tay4MApdmEo1KGRLZGLHxc3sE3lQTbbC6Iz05YS5Aqvf&jb=3d332e2e60716f7d355569666e6d7d7b2c62736d355f696c6e6d75792f3a3833392e687b6a7f354b62706f656d246a7b683f496078676d672d3a30333836
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Apr 2024 08:49:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
sjitbR3DO9_VXzhM
imgs.signifyd.com/ Frame BB34 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/sjitbR3DO9_VXzhM?00c80965a24f0fb3=XjLLj7bAXteKNHtIl7yFPfUr3xq3BnKi3ZlP11PaF62O0qnv5rdjiD_YQ3jkljlgFekj3JzxkJkOo4RnVl4VFPcD3b6xN5THZwDlSOizctnNJH2OfFomsHukrhS13_yTo6-BS0YiOkO5m4M_NeY-DCzX07Y&ja=3a3a3a3d2c2463353e32267237343a2e6c353134383878333832322c6b6e35333e383270393838382c7178713533353872333f382c6c707035392c333c3232263b3a3832243934383826393a3a322c393e3230243b303a3826393632382431303a322e3b3f3824333d3824657c373a3f6c37316c3b3334316f34686e383839603e3e6266393a35683a696e316b3c246566373a2e796164353a362664623f627c7e7873273b4925304c27304c7d7f7f2c6d64646b6779656d7e6b637b26616f267f692f3a4c6d6c64256b6f716767766369256b7061656b6669667b2e7a6e3d3d2e7268356f3a3a3a6e6e61373d3d313b3964366f686d303b313b676a3c6b3131383b306c2e6a68356c61323f3f6e64303b6d37673d3b3068696939333a3d306e3d6f3e396e3531392e687367375563666e6777712d3a30333b24687968354b6a7a676f6d2d383839383626627b6d75355d6b646c657f7324627b627737416a7865656d2466606135393d2e666e6f3d302e6c6d7c7a3f3a2e7e72643f4d7d726d7a6727384c4a6d7064616c2e656b7c60783f3438383164396930686d693832673e6b63373c32323238696c333d3d3638396c6c3c3f3a38393c33643e6f636b3a3e6c633b3c6966606e3530393b3b393b3e69246c7a37607c7e72732d3b43253a4c27384e7d7f772c6d64666165716f6f7e616b71266b6d267d612d3a4c676c6e25616f7b67677e61692563706165696c6b6e712c7a35786e7d6f6b66576c6469796a253d4d64616479672b78667d676b6657776b64666d7d795765676c616357786669716f70253d4d64616479672b78667d676b66576166656067556b6b7a6d6a69762d3d4f6e6966716529786e756f636c55797f6163697c616d672f37476c6b647b6729786e7d6f636657796a6f6b6375617e6f273f4d6c696c716d29706e7f656b64557a6d6364786e69716f7a2d3f476669647165297a6e7f6f63665f74646b5f7266637b6f782d3d476e696e7b6d2b78647f6569665766657e6b6e7c7a2f3d4564696473672b726e7f6d61665d7b7e65577e636d7f6f70253d4d64616479672b78667d676b66576a637c63273f4f6e696e7b6d246f64556b357d67626f6455656a4d4e2f3a3a392e322d3a302a457267644d442d30384d512d3a3a3a263a2732384b6a7267676b7f65235f65604f4425303a454e59462d3a324d5b273a383b26382f303020477265664d4e2f3a3a4d53273a38474e594e27383a4d5b273a383326382f3a38496a7267656b756523556f6a416174556d6a4b6b7e27303a5d6d6a4544494c4f444f5761647174696661656c5563787a6b7173273b4a25303a475a5e556a6467666c5d65616465697227334a2d30304d5256556b6661705d6b676e76786d6e2f394a2d30384d5a5c5769676465705f6a7d64666d785d6269666e5f64646761762f31402f38384d5a5c57666d787e6057696e61657827334a2f303a4d525c5f646467617655606e6f646c2d314a2d30384d525c576c70616f576665787e6a2f3b482d32324d50545d7a6d6e736d67665d676e647b6d7e576b66636d782d31422d38324f505e57736a696c6570557667727e7d7a6757646d6c2d394a2d383245505c5d746d72767f7a6f57636d6578726779716b6564576a727c6b273b4a2f3a384f5a54577c67787c7f706f5769676d727a6d7371636d6c55786f7c612d3b402d3a3a4d505e5d746d7076757a6f5d6c61667c657057696e6b796d7678657861612d3b402d3a3a4d505e5d746d7076757a6f5d6761787a6f70576b6c6367725d7e65576d666f6d273b4a2f3a384f5a54577b50474a2f31482d38384f475b57656e6f6f67647e57616c6c6d7a577d63667c2f31422d3a324f4d595d6c6a65577267666c6570556f6b7a676978273b4a273a38454d5b557174696666617a6e5d6e6d786176637c617667792731482f3a384d4d5b5d7c6d727c7d78675f6e646d617c2f31482d38384f475b577467727677786f576e6e676976576463666d6b70253b4a273238454759577e6d78767d7a655d62636e6c556e646d697c273b4a2f3a38454753577c67787c7f706f5762696c64576e6c6d6b765d6663666d637a2d314a2d3838474f515f7e6d70746d725d6b7a7869795d676a6a6769762739482d3a325f4d404f44556b67666d72576a77666e6f70556e666761762d3b42273832554f484f445d6b676f787a6f7b7b6f665f7c6d7a747d78675569797c63273b4a25303a5547484d4457616765727a6d797b6d6e5d746d7076757a6f5d6f7c692d33402d3a30554f404546556b676f787a677b7b6f6c577e67787c7d7065576f7669392f3b42273a38574748454e55696765727a6d717b6d6e577c6f7a747d7a675f7b3976692d394a2530385f45404d4e5d69656578706d7b716d6c557c6d7276757a6d5d733b7e61557b786f62273b4a25303a5547484d4457666d6a776f57786d666e67726d7a5d69666c6d2f3b482d32325f4d4245465d666f687d6f5d7b60636c6d787b2d3940253a3855454a4d4e556c6f78746a577c657a7e77706f2f3b4a273a38554d4a4d44576e70617f5760756e6c67787b2f3b42273a38574748454e5566677b67576b6d667c6f707c2f31422d3a32574d48454657677d6c76615764706b752739482d3a325f4d404f44557867667b6767665d6d676e673b3e2c6f6c5d603538346c3161323e693035396a36306d6b6c303e3439696c36613f6837693e3a30623a696c35373b34247d6d647e3f4166766d642f3a38436c63262e756764783f43667e6d6c273a384970637127383a477867664f4e2d3a3a4d666d6b6e6d2e61636c3733&jb=393f382e66733d456778696466632f3a4c3d2e322d3a302a5d6b6c6e657f7b273a384c5c2d3838393a2c302d3b40253a3a5563663c3c25314a2d3232723436232f3a384378786e6d5f6f6a436376253a4e37333f24313c2d38382849405c4d4e2f30412f3838646b636d273a384d6d6b616d292d3a324360786d676d2f3a46333a3c2e3224322c3a2f3a3851696e637a612f3a4e3f3137263b34
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/9E9EzmDejMzySsOd?dcce84d791df469b=_LmV3iEMiVxcpR-aAPKtRBUvI6K_j6VCxbUhjIM-eGlE_4NZ2AZ2JVul9It3s1WrirwA7FVn_znE_Bc8tTKAPveSyG5ZeDU08Bxs5p6-ajJ6eK4l8Q9yAz8Rc6JqZNJz043102eonAVH02YgRWqMgRB_OVsPHJwrCad3Tay4MApdmEo1KGRLZGLHxc3sE3lQTbbC6Iz05YS5Aqvf&jb=3d332e2e60716f7d355569666e6d7d7b2c62736d355f696c6e6d75792f3a3833392e687b6a7f354b62706f656d246a7b683f496078676d672d3a30333836
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 28 Apr 2024 08:49:29 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Type
text/javascript;charset=UTF-8
lNHC6exUlTMPldWz
w2txo5aaaworl7tt3b3xewmw7nlp7em7jyk6mtvgb90bd58a4847bd9aam1.e.aa.online-metrix.net/ Frame BB34 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2txo5aaaworl7tt3b3xewmw7nlp7em7jyk6mtvgb90bd58a4847bd9aam1.e.aa.online-metrix.net/lNHC6exUlTMPldWz?b7f5edc6630e35db=68UIjoLydDHISMq1HRtayU9GA2FhmH7UU3i2RyXTvP3azHOJ72V_Vf8VitGz8a4d335X4QH-PHIV0TjY_-hsIIKc_DH2WAgWTWkJd41otQy1Mjk8edEy2G-tjiGhXSz0DI8HJHSZybNSO2wh9FWAC30y8-hCTqUkAyzI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.134.131 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 28 Apr 2024 08:49:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
C_Fsnw--jmzp3Ijz
imgs.signifyd.com/ Frame BB34 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/C_Fsnw--jmzp3Ijz?5c877fc6470d3693=9Ha9xVoUainOEBwoGpz4CpilMiw_LOQ7mgryV16PjySCWu7qmmowihuQlD_d0mS2fWibNNygqeyjrIdr-wcbehm-DNywzNK3xf8McykAppoBMS3JBunwSBPV0nDZXtZFFW_hM6UslbNNk2ruiBj-AkLHtS2zfQ6rUyOiLJ6TEFqhr8EeqwbBf4Z50Kcq42dmudq1TQWb7gzgP3nHI3U&jac=1&je=303e2e2e67676460352a332d38413b2d384b33273a4b323b3c3460386c6e6e646c31303b693b38393f31326d303a373e32343f6c3a3d6434396935356c61366e38393d373031346d3e693e6c3932316e3f64666a3f6723
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/9E9EzmDejMzySsOd?dcce84d791df469b=_LmV3iEMiVxcpR-aAPKtRBUvI6K_j6VCxbUhjIM-eGlE_4NZ2AZ2JVul9It3s1WrirwA7FVn_znE_Bc8tTKAPveSyG5ZeDU08Bxs5p6-ajJ6eK4l8Q9yAz8Rc6JqZNJz043102eonAVH02YgRWqMgRB_OVsPHJwrCad3Tay4MApdmEo1KGRLZGLHxc3sE3lQTbbC6Iz05YS5Aqvf&jb=3d332e2e60716f7d355569666e6d7d7b2c62736d355f696c6e6d75792f3a3833392e687b6a7f354b62706f656d246a7b683f496078676d672d3a30333836
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 28 Apr 2024 08:49:29 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Type
text/javascript;charset=UTF-8
4MlY4d7WG7MeRTo1
imgs.signifyd.com/ Frame BB34 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/4MlY4d7WG7MeRTo1?8dc06d0e7f75c38a=4mJnosHnpZdboK_2cYZcKrxle3jXqOhpoovn2xqLp4GCyksUpmpx94-y1as5SnF7S9AdqQgynfcGmjmOVJIa4g7yXshRqd-Dirwm5q5G6ILb8cc6FyKEpXVO-rXw7G2KQF_ACkfYJ73Q1kOPL1afCdB41D2IZNVC24g626Z1ZH4z3VGlhxl1Rx_Tl2bPGUdcyQGw8C-NnalmDbxZFqo&jf=3c3b3c2e796b64577a6c64357e6678575c5a7068404b6e744140537c6f3e6a522e7b6b6c576e697c6f3f313f393632313e333c312c7b6966577c79726f3f756f68326d616c7b632e7b636c57616779353b32353139323b3b3a3e30353a6938343e3a616f396c38303839323e38323a69323434306b67336c3a313a393a3f30313c3a30323a36603f3d6e30643c3a3b3a6e3a6e6b6b64333e3035326b33306c30336c33603e3138366e6461393d3a39303c6a3b69383b6e6e3f66346c3a6039316e603e38693e31336a3f626333353b6f3c6c6b663e6b673b6e39303a6964656d6b6038316b3b6f6a326d653338313431326061323c6a3033396d3b6c696c6a3d3a34323e6e36267b6366557b636f3d31383c34323830323d3f6b3e30386c356b3d3838693b64306a6c32623e6e663b3d3a3a62323e3d32643f356033326e6c616a3c60393b3b6b6a333b6669316435396f646c3d323b66323a3a30356b36376c6e386a64316a343b30396b313f3b643f6e66636d3a3a3d3c3e3b61313a3836643b3330396b3c3f3b3e3f3b3f3a3839386c3462316a60643c6837392e796166703538
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 28 Apr 2024 08:49:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sjitbR3DO9_VXzhM
imgs.signifyd.com/ Frame BB34 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/sjitbR3DO9_VXzhM?00c80965a24f0fb3=XjLLj7bAXteKNHtIl7yFPfUr3xq3BnKi3ZlP11PaF62O0qnv5rdjiD_YQ3jkljlgFekj3JzxkJkOo4RnVl4VFPcD3b6xN5THZwDlSOizctnNJH2OfFomsHukrhS13_yTo6-BS0YiOkO5m4M_NeY-DCzX07Y&jac=1&je=39383d392c247761613f313f382c3b3f24382e33382431322433303324392630312e756d6137303c24333926393535263b3a392e7d61363f3a3830333033603c3a3239323938383a323b3839383832316b613a3e383439323d6932612e786d3f646d24686b7c7b76352d354a2d383a646f7465642d30322d39433b263a3825304b2d32307976637e7f7b2d303a2d31492d383a6b6263726f616c672d38302f3f4e2e61776c603d616b3560336f3e6d343039616b69693e6e3863376b393b32313934393c3c6a35613b39373b3c60366e326c6c36303e32383b326e6d3e64303b6e6164303e37332e6f70333f6b3933613e67323f336d30336c38353f6e396e6c683264303035613132363e69326a65613b6b33602c776362372d3f402d3a30697a6960617e67637c7d70652d38302f3b4b2d32307030362738302738492d3a306a6176666d797b2d3830253b4927323a3c362f3a382d32412d3a326078636c6e792d3a302d3b432d3d482d3f4827323a6a7061666e27383a2f3b41273a3a476d65656e6f2f3a3841607a6d656d2f3a3a2f30432d3a30766d78716367642d32302d3b4127383033383e2d3a302d3f462d3a492d3f4827323a6a7061666e27383a2f3b41273a3a4e6d7e27314b4b254a706966662d3a382d3a4927323a7e67727b636d642d383a2531492d3230322730382f3f4c273a4b273f4a2f3a3a687061666c27323a2f314b2d383a436a7a676d6b7f6f2738382d3a412d3a307e6d787b61656c253a3a2733492f303839383c25303a2d37462f37462f384b2d303a6e7764645c6d7a796b6f66446b737c2f30382d394925374a2d37402f303068786966662d3a302d3b4b2d3a3841687a676f697d6727383a2f3a43273a3a766778716b65642d3a302d3b432d3a38393a3e2c30263e31363f2435322d383a25354c2d32412f35402f383a6a706966662d3a382d3b4b27323a4f6d6f6f66672f3a3a4b68706765652738302738492d3a307e6d707b6165662d3830253b4927323a3b303e263a2636313e3f2e35322730382f3f4c273a4b273f4a2f3a3a687061666c27323a2f314b2d383a4e6d7c25412c487063646e2d3a302d3a412d3a387e6d787169676627323a2f314b2d383a393b26382e3224322738382d3f462d3d462d3a492d3a386f6f6a616e652d38302f3b4b6e616e7b6d25304927303867676c67642d303a2d39492d3830253a3a27324b2f30387866697464677a6d27383027394b2d3a305f616c3b3a2f3a3a2f30432d3a3070646b766c67786556677a7b696d642730382f3b49273a3a3338263a26382f30322d3a41253a3875657f3c3c25303a2d33436c636e796f2d3f462e7d6364352f3f4a2f30326a7a636e6c7927383a2f3b41273d4a253548273038687a696c6c2d303a2d39492d3830476767656c6d2f303a4b627a6f6f6d2d32302f30412f383a7e677a7b6b67662f3a3a2f31412d3a30313a3e27383a2f3f44273a4b253548273038687a696c6c2d303a2d39492d38304e677c2733494b2f487a6b6664273a3a2530492730387c6d7a7161676c2d3a382d3b4b27323a3027323a2f354e2d384b25354a2d3230687063646e2d3a302d3b432d3a384b60786d6d617d6f253a3827384b2f3a32746d7a736b656c2738382d3b432d3a30393a3e2d3a3827374c2d37442d38412f3a38656f6061646527383027394b6e696e7b6d273a4b2f3a3a7a6e617c6e6d72652f30382d394925303a5f696c39302738382d3f46
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/9E9EzmDejMzySsOd?dcce84d791df469b=_LmV3iEMiVxcpR-aAPKtRBUvI6K_j6VCxbUhjIM-eGlE_4NZ2AZ2JVul9It3s1WrirwA7FVn_znE_Bc8tTKAPveSyG5ZeDU08Bxs5p6-ajJ6eK4l8Q9yAz8Rc6JqZNJz043102eonAVH02YgRWqMgRB_OVsPHJwrCad3Tay4MApdmEo1KGRLZGLHxc3sE3lQTbbC6Iz05YS5Aqvf&jb=3d332e2e60716f7d355569666e6d7d7b2c62736d355f696c6e6d75792f3a3833392e687b6a7f354b62706f656d246a7b683f496078676d672d3a30333836
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 28 Apr 2024 08:49:29 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host string| _pxAppId function| $ function| jQuery object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableIframeDefaultReferrerPolicy function| onYTReady object| ytCCPlayer object| ytBTSPlayer function| onYouTubePlayerAPIReady function| onCCPlayerReady function| onBTSPlayerReady object| content object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime function| _ function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive boolean| __HYDRATING__ object| viewedProductIdsForPage object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otSPAPathChange boolean| otIsInitialized function| OptanonWrapper object| DYcustom object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| __tcfapi object| otStubData object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs object| otTCF object| otIabModule object| paypalDDL string| PaypalOffersObject function| ppq object| Optanon object| OneTrust boolean| otLastAcceptAllValue object| PXXT4Gy2ig object| PX undefined| _XT4Gy2ighandler object| __post_robot_10_0_44__ object| PAYPAL function| a0_0x3eec function| a0_0x20c7 object| sigScriptLoader object| SIG_SCRIPT_DEBUG object| threatmetrix function| tmx_run_page_fingerprinting boolean| tmx_profiling_started function| tmx_post_session_params_fixed

15 Cookies

Domain/Path Name / Value
www.elfcosmetics.co.uk/ Name: _pxhd
Value: K87e-sKhkYXlSy4/1kn-17RmjPXZ9C1gye0msGuGLs3zGw6siCCM-qIpA0Z3GHoV6vzqWUHM1i8tt7IbxpCOSg==:9duh/XGScgAoERUQpJQy5NRZcznLSTunSxfjo0mB04WU9lNYkXndSDkRgPVM8IDU7xe0t4KTnNT4teu/8dg8dwtV31jZBufqy9nnOYkpBCI=
.youtube.com/ Name: YSC
Value: 8wP8IC-zYHM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: x6fx4vZUOZU
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgEQ%3D%3D
www.elfcosmetics.co.uk/ Name: initAuthComplete
Value: true
.elfcosmetics.co.uk/ Name: ab.storage.sessionId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: %7B%22g%22%3A%2217c4f423-e49b-45ea-d5de-3a4dcf07f9fc%22%2C%22e%22%3A1714295965177%2C%22c%22%3A1714294165177%2C%22l%22%3A1714294165177%7D
.elfcosmetics.co.uk/ Name: ab.storage.deviceId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: %7B%22g%22%3A%22494126a7-cec1-9491-cb99-d2984b1ab09c%22%2C%22c%22%3A1714294165180%2C%22l%22%3A1714294165180%7D
.elfcosmetics.co.uk/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sun+Apr+28+2024+10%3A49%3A26+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202211.2.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2CSTACK42%3A0
.elfcosmetics.co.uk/ Name: pxcts
Value: 37d32571-053c-11ef-aa2d-2f5ad97887c4
.elfcosmetics.co.uk/ Name: _pxvid
Value: 3426ac4e-053c-11ef-baa3-0a8a766daa89
www.elfcosmetics.co.uk/ Name: scapi
Value: prd:ebb0d83b-e7fb-432f-95cd-70a9a5f471fb:eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4MzFkYTk4OS01NGU2LTQwYjUtYTI5OC0wZDQxYjc1ZjdiMWUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmViYjBkODNiLWU3ZmItNDMyZi05NWNkLTcwYTlhNWY0NzFmYiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTQyOTQxMzYsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFieHVoR2tlbzJrMGdSeHJCS3dHWVlrWGhLOjpjaGlkOiAiLCJleHAiOjE3MTQyOTU5NjYsImlhdCI6MTcxNDI5NDE2NiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMTUyMjI5ODI3ODIwODQ4MSJ9.FIcOYLZKaHjo-yFXZWTOme3r_Mexl32kpJzj-tgUTE91MOOxrAHo6ipqy3nIOoNKSAx3-3vT11cbbn9J_gWvPw
www.elfcosmetics.co.uk/ Name: dwanonymous_d0d57f92086b8d4216742497990aeda2
Value: abxuhGkeo2k0gRxrBKwGYYkXhK
www.elfcosmetics.co.uk/ Name: dwsid
Value: 7GoCUcuHyBANXMphJtIedXzSM5wGYYza9bVjoPJDTA-gRf6JyZkfQ0gaBMiFRywQWpQQwUD7Z7QgN2ILGvw-Cw==
.elfcosmetics.co.uk/ Name: _px3
Value: b9a59daab09cd3fd2ae5bf23a4d1f58bac0eac213fffc3c0c29306d0de7a2ba8:d0/XmHb8d/NTvYK8vlFh1FhH100PFvFR0YQct9WpB1nJEWOWe2tvz5erRSTxl3IkzHP9UX5UftE1e+HeOMErCg==:1000:B6ya3gEkhg4v1BuLTwmyesjOX6aN61h46fP63y4nSjpnE537A+i9vvIRSghfmTXZmKlZANGfM7BQ3pIMNryj+pYbdMELG3oioAPIpjXAg8zsY38X2PoHNNg7TZrbGX4pxRluco3oJa+3kx0r1CS+61V6M312YY7pKEa7aRIgGN175aqrOuflZ8osL7Gv5voscd6hSzbXeFcHxeM64TIwtq0BQ+3qylSyiT/k1c13GRA=
imgs.signifyd.com/ Name: thx_guid
Value: d8bdbd4bd9be4c944c278359358badbc

56 Console Messages

Source Level URL
Text
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 294)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 294)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 294)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
javascript error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 359)
Message:
Access to image at 'https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=o_' from origin 'https://www.elfcosmetics.co.uk' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=o_
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cquotient.com
api.ipify.org
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.cookielaw.org
cdn.media.amplience.net
cdn.static.amplience.net
code.jquery.com
collector-pxxt4gy2ig.px-cloud.net
cosmeticcriminals.co.uk
elfcosmetics.a.bigcontent.io
geolocation.onetrust.com
h.online-metrix.net
imgs.signifyd.com
sdk.iad-05.braze.com
t.paypal.com
w2txo5aaaworl7tt3b3xewmw7nlp7em7jyk6mtvgb90bd58a4847bd9aam1.e.aa.online-metrix.net
www.elfcosmetics.co.uk
www.paypal.com
www.paypalobjects.com
www.youtube.com
cdn-fsly.yottaa.net
108.138.26.127
140.174.12.229
140.174.14.85
151.101.1.21
151.101.129.21
151.101.193.35
151.101.2.133
172.67.74.152
192.229.221.25
2606:4700:4400::6812:25a1
2606:4700:4400::ac40:9b77
2606:4700::6813:b134
2a00:1450:4001:803::200e
2a00:1450:4001:82a::200e
2a02:26f0:3100::1735:2afa
2a02:26f0:3100::1735:2b28
2a02:26f0:3100::210:6e29
2a04:4e42:400::649
35.190.10.96
52.215.4.161
91.235.132.130
91.235.133.113
91.235.134.131
10fead09c1bef07f81bced1a1cc6adc8abbc292f3da49b151352ab6b79964a69
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
15bab3410ec9ca94a0e7a2b790c844c628387b3156deaef83b03b97cdb742030
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
32aaeee96fd5d4ee55d785e181d136b89e21de673bd8b6e89f4731412ba5aba9
37d207a7297589d062c2af128ee513190a9297959cb24c68078f68d64b899c98
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
42a32262ac54aec469447702fe3e247ab6f17ffcbcd266d76a75cf6b9fd59a86
435609c37b09b94d54da06e59b4ecde1dcf8e016e4c924798a8b9e07567f6392
4694668aab8688436e35d4621e6ec00fe13a57ecfbf7052278ddcff48bad3d57
48eac18ec8b1c06a5b11f38fbf38abf0d52f42b46f0c17a6250872645845dd82
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4ae7d857dd8d096a5198b1e8280de9f929ca88d690e445731b6ffdffbf2b8383
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
4fab1dbe30e8ff5b2b88f3175638cee6011f8c5ec952a555216436ca3045cd5b
56ed64ba1a0f1af7b481c5ae8ea4124175048757a70b7e2defa1038edf0c8cf1
58b5dc860e534eea49f5699b8c57c053ce73458f9d39b6b8697756ea71448fbe
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
71bd66530457656271aa253073fb867cdc9068586f7af54e341667687162909e
7a0204422805f76d793709204fd52e753cb059e5dd5099e41781499c8072e726
8188d155912c33d48b8da73863209b8920572ce230b01229c22757df4c71091e
890a43e24bee1b017e33677e05f7a8d2653becdcb113977c9b8412e2d1ffad6c
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8cb2ac35adc7dee4b051d05a7ffc844c9f61eb67b3ce350a16a552f98ffc4172
8fd5e6962bde33408bdd66280bbd176a5dac01576e07ab1c1bad79ec4848e5ae
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9368d4a817e37c9f22c58be4fd36a560978343736494be8302aad1d7b98144c0
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
949062629321267f5e4f5d183435ab758ad7898afe2b31dc262b6b164167ffa0
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9f2461f7629a9751a8ce13d4fa6465bd4dade527356dedaa1e07be6712694ec4
a3090ce882e677a39d0f6814ce87422a8211b50a20b19057153bdac2655e74a3
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
b2e0bde8a120edcd0e126c139ff4c62dc420e43a86bb9e22c92044fdda3fc3ef
b3efc48717edad187198d0a608a3b3a8195f0e5b6b6b41f27b78824796cbd61e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bec1e3a5f68e911cb57b9ecd272c41b156ff60586874073d0024ffffdae1913e
c0f45f6c4aff8514c5194d93844a85a90bd7fd9c6ada4ebb879004fddea7defe
c26aef4e0bca0520692775bd0dea9175719fa3a5e255830e1de1901d3c98f278
c75a0f7c4104d907f8419aeb5f87467a90bce54ef633af1e8a05c6c585c9994d
c99190b8d37e8fb2b6324eb7d320bec6dfcadba4114ce999c2d9bbc9cad16180
cdbeef0b146607f5137f8f5434eeab8625ee0801da2af33e045528d191e512d0
cf9ae4203c12a3d4d710c92bc74e2d6b32f4ff6e1dc83d98748f9739b7ee4223
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
d7d6f2d3cc5c5e3b057e899b45fb372d18890b7b61e0df9ced47891f9bbf0061
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79dea9b0707ff2fa615359bdb9683037505ddb2a00daae13de4ae1a80055adf
ebc31c445d550135a64e30d101613cb01783abaf666056c01ce1cc689b27a261
f366287eaa5627dc7ee48d1fcb79d20bceae8238ee2f1dd772f059685fe9c799
fc1a0b34ca99430b0714dab47ef3414c18b342a4b1a9c10ed3972c0c20a5bf3f