urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmetics.co.uk Open in urlscan Pro
204.2.133.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cosmeticscriminals.co.uk/
Effective URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Submission: On March 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 2 countries across 17 domains to perform 92 HTTP transactions. The main IP is 204.2.133.97, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.co.uk.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time www.elfcosmetics.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 204.2.133.237 393259 (YOTTAA-AS-1)
1 17 204.2.133.97 393259 (YOTTAA-AS-1)
2 8 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42::649 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
3 151.101.2.133 54113 (FASTLY)
12 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.26.12.205 13335 (CLOUDFLAR...)
6 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 151.101.1.21 54113 (FASTLY)
2 35.190.10.96 15169 (GOOGLE)
1 151.101.193.21 54113 (FASTLY)
2 3.223.161.36 14618 (AMAZON-AES)
3 151.101.129.35 54113 (FASTLY)
2 192.229.210.155 15133 (EDGECAST)
4 172.64.145.183 13335 (CLOUDFLAR...)
2 108.138.106.40 16509 (AMAZON-02)
12 192.225.157.157 30286 (THM)
1 192.225.158.1 30286 (THM)
1 192.225.158.3 30286 (THM)
92 23
1    204.2.133.237 (United States)

ASN393259 (YOTTAA-AS-1, US)
cosmeticscriminals.co.uk
17    204.2.133.97 (United States)

ASN393259 (YOTTAA-AS-1, US)
www.elfcosmetics.co.uk
8    2606:4700:4400::6812:205a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.media.amplience.net
2    2606:4700:4400::6812:26d1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.static.amplience.net
2    2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
3    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
cdn-fsly.yottaa.net
12    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
6    2606:4700:4400::ac40:9a28 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
4    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxxt4gy2ig.px-cloud.net
1    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    3.223.161.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-161-36.compute-1.amazonaws.com
api.cquotient.com
3    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
2    192.229.210.155 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
4    172.64.145.183 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
elfcosmetics.a.bigcontent.io
2    108.138.106.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-40.jfk50.r.cloudfront.net
cdn-scripts.signifyd.com
12    192.225.157.157 (United States)

ASN30286 (THM, US)
imgs.signifyd.com
1    192.225.158.1 (United States)

ASN30286 (THM, US)
h.online-metrix.net
1    192.225.158.3 (United States)

ASN30286 (THM, US)
w2txo5aaieenp6e43ivga4qnk3b345atnkvfm2bn125ae7cb0b476240sac.d.aa.online-metrix.net
Apex Domain
Subdomains		 Transfer
17 elfcosmetics.co.uk
www.elfcosmetics.co.uk
373 KB
14 signifyd.com
cdn-scripts.signifyd.com — Cisco Umbrella Rank: 9971
imgs.signifyd.com — Cisco Umbrella Rank: 7735
68 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 457
214 KB
10 amplience.net
cdn.media.amplience.net — Cisco Umbrella Rank: 12311
cdn.static.amplience.net — Cisco Umbrella Rank: 50487
6 MB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3053
t.paypal.com — Cisco Umbrella Rank: 3585
123 KB
6 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 3168
1020 B
4 bigcontent.io
elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 105562
21 KB
4 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
69 KB
3 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 27333 Failed
1 MB
2 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 3559
w2txo5aaieenp6e43ivga4qnk3b345atnkvfm2bn125ae7cb0b476240sac.d.aa.online-metrix.net
438 B
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2559
16 KB
2 cquotient.com
api.cquotient.com — Cisco Umbrella Rank: 46223
517 B
2 px-cloud.net
collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 145191
1 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2846
229 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 899
315 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1216
24 KB
1 cosmeticscriminals.co.uk
cosmeticscriminals.co.uk
329 B
92 17
Domain Requested by
17 www.elfcosmetics.co.uk 1 redirects www.elfcosmetics.co.uk
cdn-fsly.yottaa.net
12 imgs.signifyd.com www.elfcosmetics.co.uk
imgs.signifyd.com
12 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
www.elfcosmetics.co.uk
8 cdn.media.amplience.net 2 redirects www.elfcosmetics.co.uk
6 sdk.iad-05.braze.com cdn-fsly.yottaa.net
5 www.paypal.com www.elfcosmetics.co.uk
www.paypal.com
4 elfcosmetics.a.bigcontent.io
4 www.youtube.com www.elfcosmetics.co.uk
3 t.paypal.com
3 cdn-fsly.yottaa.net www.elfcosmetics.co.uk
2 cdn-scripts.signifyd.com www.elfcosmetics.co.uk
2 www.paypalobjects.com www.elfcosmetics.co.uk
2 api.cquotient.com cdn-fsly.yottaa.net
2 collector-pxxt4gy2ig.px-cloud.net www.elfcosmetics.co.uk
2 api.ipify.org cdn-fsly.yottaa.net
2 cdn.static.amplience.net www.elfcosmetics.co.uk
1 w2txo5aaieenp6e43ivga4qnk3b345atnkvfm2bn125ae7cb0b476240sac.d.aa.online-metrix.net
1 h.online-metrix.net imgs.signifyd.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 code.jquery.com www.elfcosmetics.co.uk
1 cosmeticscriminals.co.uk 1 redirects
92 21
Subject Issuer Validity Valid
*.elfcosmetics.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2023-09-25 -
2024-10-25		 a year crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2023-09-13 -
2024-10-14		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
ipify.org
GTS CA 1P5		 2024-03-21 -
2024-06-19		 3 months crt.sh
sdk.iad-05.braze.com
E1		 2024-03-05 -
2024-06-03		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-15 -
2024-09-13		 a year crt.sh
*.cquotient.com
Amazon RSA 2048 M02		 2024-03-05 -
2025-04-02		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
*.bigcontent.io
GeoTrust TLS RSA CA G1		 2023-03-14 -
2024-04-13		 a year crt.sh
cdn-scripts.signifyd.com
Amazon RSA 2048 M01		 2023-07-03 -
2024-07-31		 a year crt.sh
imgs.signifyd.com
Go Daddy Secure Certificate Authority - G2		 2023-10-20 -
2024-11-20		 a year crt.sh
online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2023-10-20 -
2024-10-21		 a year crt.sh
*.aa.online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2023-10-20 -
2024-10-21		 a year crt.sh

This page contains 9 frames:

Primary Page: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Frame ID: 31A9D43C4D5327ECD26416ECB31ED3EC
Requests: 73 HTTP requests in this frame

Frame: https://www.youtube.com/embed/bxGKZ6lfJ7A?enablejsapi=1
Frame ID: 3FC9F925E9D41C9347CA7E7667D1B617
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/rZPCKoUReO0?enablejsapi=1
Frame ID: 522822993447D63820AEC062A2B48C1C
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.59.0&integrationType=SDK
Frame ID: F974985AB9AC711F288A4CAD1C226CAD
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 9728DA150111DCC1CB6CE4A30731DC22
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/KJGkLxc5TlVyiBGz?6657eb38665146a3=jubi03O3ZNEBuXeX1Pz0akUCIRXEqncDz47hxWFov1rf-piX1vWnykDq_5oDvC3aS_vKJKRCjmcENiIY2s_KWCAAxuturBHHxKU5kwG9mKCpt3s9ZngwKAXnx9ubgVhwK6J3clVjoz4kZWPoYZNZP1Ubh5syUmbV9qqR4PJqlssiozGzXoJdsHxa7HNG-Yz4N90vRAP033g_jTlB&jb=3d332e2e60736d7f375563666e6f75732c6a7167375563666e6577732f30383b3b24627b6a7f354b62726d676f24607b683d4168786f6f6d2f303a393839
Frame ID: AB27328206DE2550A5C0E5E1BC9B00D9
Requests: 10 HTTP requests in this frame

Frame: https://imgs.signifyd.com/kAsiCu7s0v95dq9R?12922434d9e68108=y72ztrolwzyy60CwXuRfae_bx8NCC-6IcYBWNvknVbCkN3J98U7h-u2kehhlMgYgKX6Ala1bchH42XBZx1aQ06zLPKE4OCNLP0ZPktswrTYoYMGjgMsGriuY3Dr1GbOVZmlPzIxPT-uezE4w6chZUcD-NlIks879HmtlsXNzQIB9DeExB1EPMxJp57vkzvN0_DRmhQPgJ916szvbqtg
Frame ID: FB425F5A40A08B7D8437BD06AF277B87
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/buFyuCj9HD-SgFRr?0f8782a3058d16d3=Ni1nRefRWOoDC9qQUnBTFsUEvS8-Pqq2uto9ILcOEEtonuX9t05lbhMor0h9_vUDy5B55P7f54KTX3Jh5FMAJlAhfK3BkCU3tIPcghqF7bT_-do2LSAtTvhAb4UaIAjV8aonbXiHsBRRHFviKhPoNCORqcl8gtN_J8PNXWwCAl6QaJ_MWbuRU_f_DHV3ZjxAUK02EKNjP0ZbN7z-ff9e
Frame ID: 8AA10AECC7690BB7B8A4CAB67A678460
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/5N_42D2gfx4K-D78?088a30940d9fbf12=PMvB0yzIg-kEXka2bcJcjKpJr_qJJ7rec3q8Tl2piXkqoxzUxAr-I_OJojwgEWwaOMpjSeHMmCJiz8FVTY55NUyC4s_M49lgkmpRbl1CyH97r3lDXrpDlWVhnP9FU-zmbm7Yd-p3mmbj-mYsQDErQCx-QU_6qreLkYKJcvv-D5Sk4BcDje0_HmVht78SqJhgKz-L14xDmAVwh6aoylUm
Frame ID: 176680F1F7E0AA58DA03F3EB51A97BF4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cosmetic Criminals | e.l.f. Cosmetics

Page URL History Show full URLs

  1. https://cosmeticscriminals.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/elf-cosmetic-criminals Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

92
Requests

91 %
HTTPS

35 %
IPv6

17
Domains

21
Subdomains

23
IPs

2
Countries

8320 kB
Transfer

14036 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cosmeticscriminals.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/elf-cosmetic-criminals Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_CRIMESCENE_VID/mp4_720p HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
Request Chain 17
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_COSMETIC_CRIMINALS_VID/mp4_720p HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
Request Chain 28
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=6nEOtOx73Tf88fnU6P3BQ-EzeM913AQ24lNeJ6i0I2U HTTP 303
  • https://www.elfcosmetics.co.uk/callback?usid=06d85680-e1a6-4a0b-a4c2-91757c22c5ec&code=dyvgX-NCOn-apMyKvwcX5GU5NH8uoVl1X1yMozIXlMI

92 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request elf-cosmetic-criminals
www.elfcosmetics.co.uk/
Redirect Chain
  • https://cosmeticscriminals.co.uk/
  • https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
873 KB
229 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a23d9b1ce0eb9f1be4ef2894d57da07d39ff2ad630f32d53c8b0d84aae1b10a8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 27 Mar 2024 10:09:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 7686ec44f6fa46e832c73ad9c040ca32.cloudfront.net (CloudFront)
x-amz-apigw-id
VSIwSFRiiYcEVCA=
x-amz-cf-id
FkbiGCv19KYBqhASPKrLVk-K4DjMWyH7AssqulWOVz-50iWPxcIlMQ==
x-amz-cf-pop
SFO53-P5
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
771891
x-amzn-remapped-date
Wed, 27 Mar 2024 10:01:18 GMT
x-amzn-requestid
b393bcd6-a5ab-4d61-aeb6-47f55e94f82a
x-amzn-trace-id
Root=1-6603ee67-5575cb6f52c9ddd33b66ea96;Parent=3bf9dc4cac85f207;Sampled=0;lineage=dcd1e669:0
x-cache
Miss from cloudfront
x-yottaa-metrics
2521cc028a88/[2,-,-] 25D1cc028561/[-,3.967]
x-yottaa-optimizations
ob/1001000000100001100 si/25D1cc028561-1711385391-9504073173 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0

Redirect headers

age
0
content-length
1197
content-type
text/html; charset=utf-8
date
Wed, 27 Mar 2024 10:09:51 GMT
location
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
vary
User-Agent
x-yottaa-fw
fb/100000 tid/658f1ff1d931403bb4ae5dba rid/658f266dd931403bb4ae60ab stid/5ad7b08e2bb0ac0c5ba3d38c
x-yottaa-metrics
25D1cc0285ed/[-,0.158]
x-yottaa-optimizations
ob/0 si/25D1cc0285ed-1711385390-4781161534 tts/1711534191733 ti/0 ai/658f1ff1d931403bb4ae5dba
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
PWT_STORY_HEADER_DESKTOP_BG-min
cdn.media.amplience.net/i/elfcosmetics/ 		630 KB
631 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_BG-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:53 GMT
cf-cache-status
MISS
x-amp-srv
CF
edge-cache-tag
415ug_fp0,l4p5bDg2e,2orsu9Nt2,k4NPUWi7z
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
tqkfx4544N
alt-svc
h3=":443"; ma=86400
content-length
644728
x-xss-protection
1; mode=block
x-amp-source-height
1249
last-modified
Wed, 27 Mar 2024 10:09:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
x-amp-source-width
3199
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
86ae96626b84da77-MIA
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
PWT_STORY_HEADER_DESKTOP_CC-min
cdn.media.amplience.net/i/elfcosmetics/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_CC-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:53 GMT
cf-cache-status
MISS
x-amp-srv
CF
edge-cache-tag
LuBVEFdcs,l4p5bDg2e,HwG53bbZp,UyB2-aY-L
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
ub8g9I-x9_
alt-svc
h3=":443"; ma=86400
content-length
209440
x-xss-protection
1; mode=block
x-amp-source-height
340
last-modified
Wed, 27 Mar 2024 10:09:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
x-amp-source-width
800
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
86ae96626b82da77-MIA
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_CRIMESCENE_VID/mp4_720p
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Server
2606:4700:4400::6812:26d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3efc48717edad187198d0a608a3b3a8195f0e5b6b6b41f27b78824796cbd61e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 27 Mar 2024 10:09:53 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
6SKWYSGMCEBHA78M
age
129967
Content-Range
bytes 0-1060947/1060948
Content-Length
1060948
x-amz-id-2
ViV+SedZBvhup5TmFly6m8QdinGfyU9zNNs9HSNtdrW7bBrPhnx+py9wz214TA4NFiqsYpgfubw=
last-modified
Fri, 22 Dec 2023 15:50:27 GMT
server
cloudflare
etag
"dd3676819bd88a250c875a11e38c307d"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
content-type
video/mp4
cf-ray
86ae96648c7909ba-MIA

Redirect headers

date
Wed, 27 Mar 2024 10:09:53 GMT
cf-cache-status
EXPIRED
x-amp-srv
CF
edge-cache-tag
q0RIzSua3,l4p5bDg2e,bgWw7nQ29
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
cf-ray
86ae96626b80da77-MIA
bxGKZ6lfJ7A
www.youtube.com/embed/ Frame 3FC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/bxGKZ6lfJ7A?enablejsapi=1
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Mar 2024 10:09:53 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
rZPCKoUReO0
www.youtube.com/embed/ Frame 5228 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/rZPCKoUReO0?enablejsapi=1
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Mar 2024 10:09:53 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
PWT_STORY_SOCIALLISTENING_DESKTOP_5-blurred-min
cdn.media.amplience.net/i/elfcosmetics/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_SOCIALLISTENING_DESKTOP_5-blurred-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbeef0b146607f5137f8f5434eeab8625ee0801da2af33e045528d191e512d0
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:53 GMT
cf-cache-status
MISS
x-amp-srv
CF
edge-cache-tag
BII2AOfLX,l4p5bDg2e,hUXp-ygcH,UyB2-aY-L
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
vCXcXD2K5K
alt-svc
h3=":443"; ma=86400
content-length
2085695
x-xss-protection
1; mode=block
x-amp-source-height
1484
last-modified
Wed, 27 Mar 2024 10:09:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
x-amp-source-width
3080
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
86ae96626b81da77-MIA
x-amp-published
Wed, 03 Jan 2024 21:02:28 GMT
PWT_STORY_DETECTIVES_DESKTOP_6-min
cdn.media.amplience.net/i/elfcosmetics/ 		330 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_DETECTIVES_DESKTOP_6-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb2ac35adc7dee4b051d05a7ffc844c9f61eb67b3ce350a16a552f98ffc4172
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:53 GMT
cf-cache-status
MISS
x-amp-srv
CF
edge-cache-tag
YOdGtw2Ga,l4p5bDg2e,q-jdDBY1E,k4NPUWi7z
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
OIDf0f3nK2
alt-svc
h3=":443"; ma=86400
content-length
338113
x-xss-protection
1; mode=block
x-amp-source-height
1062
last-modified
Wed, 27 Mar 2024 10:09:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
x-amp-source-width
2806
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
86ae96626b7cda77-MIA
x-amp-published
Wed, 27 Dec 2023 17:21:33 GMT
PWT_STORY_ON_THE_CASE_DESKTOP_BTS-min
cdn.media.amplience.net/i/elfcosmetics/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_ON_THE_CASE_DESKTOP_BTS-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0204422805f76d793709204fd52e753cb059e5dd5099e41781499c8072e726
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:53 GMT
cf-cache-status
MISS
x-amp-srv
CF
edge-cache-tag
0zOyPJAsw,l4p5bDg2e,O8QiTHpoz,k4NPUWi7z
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
re7dWBTiqB
alt-svc
h3=":443"; ma=86400
content-length
184181
x-xss-protection
1; mode=block
x-amp-source-height
1108
last-modified
Wed, 27 Mar 2024 10:09:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
x-amp-source-width
1952
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
86ae96626b83da77-MIA
x-amp-published
Fri, 29 Dec 2023 07:51:47 GMT
PWT_STORY_CRIME_TAPE_DESKTOP_7-min
cdn.media.amplience.net/i/elfcosmetics/ 		614 KB
614 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CRIME_TAPE_DESKTOP_7-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d207a7297589d062c2af128ee513190a9297959cb24c68078f68d64b899c98
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:53 GMT
cf-cache-status
MISS
x-amp-srv
CF
edge-cache-tag
23Y7FrHyM,l4p5bDg2e,N2xhcEEJW,UyB2-aY-L
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
bkMGdz0-LL
alt-svc
h3=":443"; ma=86400
content-length
628288
x-xss-protection
1; mode=block
x-amp-source-height
525
last-modified
Wed, 27 Mar 2024 10:09:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
x-amp-source-width
3200
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
86ae9663cca1da77-MIA
x-amp-published
Thu, 28 Dec 2023 16:15:28 GMT
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin
https://www.elfcosmetics.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin
https://www.elfcosmetics.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_COSMETIC_CRIMINALS_VID/mp4_720p
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Server
2606:4700:4400::6812:26d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae7d857dd8d096a5198b1e8280de9f929ca88d690e445731b6ffdffbf2b8383

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 27 Mar 2024 10:09:53 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
6SKJYS2XQMATBCDN
age
129967
Content-Range
bytes 0-1262366/1262367
Content-Length
1262367
x-amz-id-2
BRf5e4bFHoOeQena5p0kThk0RYTkW7ym6352b/tQaF1bEDwGMO5ifdaMNTe+qiaZ8zWFFp/l9CY=
last-modified
Fri, 22 Dec 2023 17:43:50 GMT
server
cloudflare
etag
"91a2cbc7ca143aac79d0312d84bb77fb"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
content-type
video/mp4
cf-ray
86ae96648c7709ba-MIA

Redirect headers

date
Wed, 27 Mar 2024 10:09:53 GMT
cf-cache-status
EXPIRED
x-amp-srv
CF
edge-cache-tag
rT1xWfLBp,l4p5bDg2e,fH6Lo3_5e
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
cf-ray
86ae96628ba1da77-MIA
jquery-3.7.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.slim.min.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2950065
x-cache
HIT, HIT
content-length
24036
x-served-by
cache-lga21942-LGA, cache-mia-kmia1760077-MIA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1711534193.145369,VS0,VE0
etag
W/"28feccc0-11278"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
2835, 8767
player_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
213d6d11e61bb7fb4244e5790d6ecc88ed22ea0aad32302f2b425bc8e3196f73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 27 Mar 2024 10:09:53 GMT
vendor.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/ 		2 MB
621 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5c7be3a4c29a08840b0503ad5b5016843c6a056cbe46d7e4c20449319807a9b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
via
1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
date
Wed, 27 Mar 2024 10:09:53 GMT
x-amz-cf-pop
JFK52-P2
age
414707
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1101 si/3811cc023144-1706802496-1758317108 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
710399
content-length
634415
x-amz-meta-bundle
10935
x-served-by
cache-mia-kmia1760029-MIA
x-yottaa-forcecache
true
last-modified
Fri, 22 Mar 2024 14:56:25 GMT
server
AmazonS3
x-timer
S1711534193.058432,VS0,VE3
etag
W/"3cd75a13bb26deb94793036b478e83f7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
3821cc02314d/[23,-,1711119466200] 3811cc023144/[hit]
accept-ranges
bytes
x-amz-cf-id
teB6YmE6wta7c4sj0N1RnNaaaGc0E4gyft6GdJsUtOVvXWNm8vF4cw==
x-cache-hits
1
main.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/ 		2 MB
482 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/main.js?yocs=o_q_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6117ae78f3672ea22324c8ba4a90811effe3c5be5b52fbbf821543654812d319

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
via
1.1 11280d8f37ba4cb1d8f36f9f2a6e4c76.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
date
Wed, 27 Mar 2024 10:09:53 GMT
x-amz-cf-pop
JFK52-P2
age
414023
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1100 si/3811cc023143-1706802497-1360013276 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
710399
content-length
493355
x-amz-meta-bundle
10935
x-served-by
cache-mia-kmia1760029-MIA
x-yottaa-forcecache
true
last-modified
Fri, 22 Mar 2024 14:56:20 GMT
server
AmazonS3
x-timer
S1711534193.058892,VS0,VE3
etag
W/"6d95b7f2b38a965559dace9b9f458723"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
3821cc02315f/[24,-,1711119495697] 3811cc023143/[-,253.189]
accept-ranges
bytes
x-amz-cf-id
5ctrloylDW-28XsqyPXoo5D2hMrgKaBY6npiVOtWLCwOkWrRNqaX9g==
x-cache-hits
1
pages-product-list-product-list-page.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/pages-product-list-product-list-page.js?yocs=o_q_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0e54b6fa2554d460a5d3a13fef3c7faf554e5abb58c5b495cf298812af84b6d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
via
1.1 a4a5018e47c99d5484f43a6eb50bda5e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
date
Wed, 27 Mar 2024 10:09:53 GMT
x-amz-cf-pop
ORD52-C2
age
124912
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1000 si/2611cc028372-1708617476-1417767561 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
710399
content-length
11713
x-amz-meta-bundle
10935
x-served-by
cache-mia-kmia1760029-MIA
x-yottaa-forcecache
true
last-modified
Fri, 22 Mar 2024 14:56:23 GMT
server
AmazonS3
x-timer
S1711534193.058858,VS0,VE53
etag
W/"49ab5c157ca3a97ecf7e5e7f1f1abdd4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
2621cc028366/[16,5,-] 2611cc028372/[-,22.902]
accept-ranges
bytes
x-amz-cf-id
6_ZfWqVdAl5Ynch-xnysHKLUq7UAU9A08ocrs1ijJp9a3urGYff4xw==
x-cache-hits
1
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/main.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Pg1MHDpg+UGdovxhidM4Kg==
age
63175
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6839
x-ms-lease-status
unlocked
last-modified
Mon, 25 Mar 2024 19:35:31 GMT
server
cloudflare
etag
0x8DC4D02BBED1BE7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
051912c6-f01e-0066-7c97-7f76a3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86ae967d2c6c8dd0-MIA
/
api.ipify.org/ 		22 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
605a3023c4c4790b6ffe8f588b564606916069afba8ee481b154e9519014b4bb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
86ae967d2c757446-MIA
content-length
22
/
api.ipify.org/ 		22 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
605a3023c4c4790b6ffe8f588b564606916069afba8ee481b154e9519014b4bb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
86ae967d2c747446-MIA
content-length
22
/
sdk.iad-05.braze.com/api/v3/data/ 		334 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56f2742d7fbf93000ccdecf5a0235f493addcdd1092f7622fb7d5f11b44b7f7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json
accept-language
en-US,en;q=0.9
Referer
https://www.elfcosmetics.co.uk/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
b406e14e-07ce-42f8-9131-597c370788bb
x-runtime
0.229893
server
cloudflare
etag
W/"56f2742d7fbf93000ccdecf5a0235f49"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1711534200
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
86ae96810bb9098e-MIA
x-ratelimit-remaining
499.0
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
86ae967f6b2c098e-MIA
content-encoding
gzip
date
Wed, 27 Mar 2024 10:09:57 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
callback
www.elfcosmetics.co.uk/
Redirect Chain
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client...
  • https://www.elfcosmetics.co.uk/callback?usid=06d85680-e1a6-4a0b-a4c2-91757c22c5ec&code=dyvgX-NCOn-apMyKvwcX5GU5NH8uoVl1X1yMozIXlMI
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/callback?usid=06d85680-e1a6-4a0b-a4c2-91757c22c5ec&code=dyvgX-NCOn-apMyKvwcX5GU5NH8uoVl1X1yMozIXlMI
Protocol
H2
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 27 Mar 2024 10:09:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 545a028fb877bcb33ee64ef7fbf07ec0.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
x-amz-cf-pop
SFO53-P5
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
9a26f6d7-ab17-4882-ba11-e97eec666f61
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1711385391-9504073198 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
VSKClET0CYcEQkg=
content-length
0
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-6603f076-5ab5509305667711179e333a;Parent=498ff45ad54b1cce;Sampled=0;lineage=dcd1e669:0
content-type
application/json
cache-control
public, max-age=604800
x-yottaa-os
200
x-yottaa-metrics
2521cc028537/[247,244,-] 25D1cc028561/[-,248.260]
x-amzn-remapped-date
Wed, 27 Mar 2024 10:09:58 GMT
x-amz-cf-id
dLTn0ZZCK5xLMdPSzCIFGXBZXsIP7uZHVttVa561sEAmqC_wn5O8GA==

Redirect headers

date
Wed, 27 Mar 2024 10:09:58 GMT
x-correlation-id
86ae9683baf130b9
via
1.1 9b3fc559d946648abd0005d8a170b26c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SFO53-P5
age
0
x-yottaa-optimizations
ob/0 si/25D1cc028561-1711385391-9504073192 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-ratelimit-1m-remaining
22620, 1952944
x-ratelimit-1m-reset
1583, 1583
x-ratelimit-1m-limit
24000, 2000000
vary
Accept-Encoding
location
https://www.elfcosmetics.co.uk/callback?usid=06d85680-e1a6-4a0b-a4c2-91757c22c5ec&code=dyvgX-NCOn-apMyKvwcX5GU5NH8uoVl1X1yMozIXlMI
cache-control
no-store
x-yottaa-os
303
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=6nEOtOx73Tf88fnU6P3BQ-EzeM913AQ24lNeJ6i0I2U
x-yottaa-metrics
2521cc02852f/[180,176,-] 25D1cc028561/[-,181.396]
cf-ray
86ae9683baf130b9-SEA
x-amz-cf-id
VFDkMSGagKqtbrZ7htC0k6_93jEMcBTbpzaRlS03j8eKrlPWtwgbDQ==
25840211-e69f-428e-bb3b-0787cffdf0e8.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/25840211-e69f-428e-bb3b-0787cffdf0e8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949062629321267f5e4f5d183435ab758ad7898afe2b31dc262b6b164167ffa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
44748
content-md5
FgAuBFiP8zSeAA1ZcGm5bQ==
content-length
1495
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 17:32:15 GMT
server
cloudflare
etag
0x8DADD2FFA203B7A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
41c2cfdd-501e-006f-78e6-1d3370000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86ae96809d6c4958-MIA
expires
Thu, 28 Mar 2024 10:09:57 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept
application/json
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
86ae96851d3ab3c8-MIA
access-control-allow-headers
Content-Type
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11ddc42673db4bb6f52fa556cf109f565e5cc2bf37e660d1f8e346412caeb241
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://www.elfcosmetics.co.uk/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
bc1a7ef8-ff73-4a53-a5b1-ba081e923f66
x-runtime
0.086416
server
cloudflare
etag
W/"11ddc42673db4bb6f52fa556cf109f56"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1711534200
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
86ae96851dce098e-MIA
x-ratelimit-remaining
498.0
init.js
www.elfcosmetics.co.uk/XT4Gy2ig/ 		167 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
551f3eabcfd7469a1e9d6e701006150cb1afaf08d72b23400b5275abc2bc661b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:58 GMT
content-encoding
gzip
active-cdn
Akamai
x-yottaa-optimizations
ob/0 si/25D1cc028561-1711385391-9504073195 tts/1711534198435 ti/0 ai/5dbb1b434f1bbf5af87e10a5
vary
Accept-Encoding
etag
"29d99-nHZYOHZpQoLpORJgCeezPYYNL1c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
x-yottaa-metrics
25D1cc028561/[-,6.263]
x-px-hash
OGY5OTY4YmU3YmNjNTA1OGY1NGQwNmJjY2E0YzI0MWNhYWM3MDYwZWNkNzdkMjU1OGRiZmMyOTNhNzBlMDU3Nw==
access-control-allow-headers
x-px-cookies
favicon.ico
www.elfcosmetics.co.uk/ 		34 KB
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:58 GMT
via
1.1 d2610666ad934f0664cd719e5472324a.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
34494
x-amz-cf-pop
SFO53-P5
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
be9f1ae1-2ae0-4518-a05f-eb4772264bd5
x-yottaa-optimizations
ob/0 si/25D1cc028561-1711385391-9504073194 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
RefreshHit from cloudfront
x-amz-apigw-id
VM6DBG4YCYcEXvg=
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
last-modified
Fri, 22 Mar 2024 14:56:16 GMT
x-amzn-trace-id
Root=1-6601d6df-35e909f860939dc3543b2316;Parent=72c9590105e16cfc;Sampled=0;lineage=dcd1e669:0
etag
W/"86be-18e66a99e80"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=600, s-maxage=600
x-yottaa-os
200
x-yottaa-metrics
2521cc02858c/[234,231,-] 25D1cc028561/[-,235.436]
x-amzn-remapped-date
Mon, 25 Mar 2024 19:56:15 GMT
x-amz-cf-id
d0iGySZHrX-2GEZSbXKPOamvKEL74VEMstzL8SFr29-FpSPUb0N78A==
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
86ae9683cd4d098e-MIA
content-encoding
gzip
date
Wed, 27 Mar 2024 10:09:58 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
www-widgetapi.js
www.youtube.com/s/player/2923e6f1/www-widgetapi.vflset/ 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/2923e6f1/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839482b4fcc78a5da8c6cd734161625a81e1f1b5e66713d9551dcc9209374304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 18:21:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
56909
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68412
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 04:22:17 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 26 Mar 2025 18:21:29 GMT
js
www.paypal.com/sdk/ 		416 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
10f88fdc68e55098d5a689382b43acbcb5eb012120e05a337f43b8f8947a17ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-2aYOBLmigSkaePLni6oNqS7qi3jETJvqLYoMnlnAT2ALnztp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-2aYOBLmigSkaePLni6oNqS7qi3jETJvqLYoMnlnAT2ALnztp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-2aYOBLmigSkaePLni6oNqS7qi3jETJvqLYoMnlnAT2ALnztp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-2aYOBLmigSkaePLni6oNqS7qi3jETJvqLYoMnlnAT2ALnztp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Wed, 27 Mar 2024 10:09:58 GMT
age
1391
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, HIT, MISS
p3p
true
paypal-debug-id
f796493ce1850
server-timing
"traceparent;desc="00-0000000000000000000f796493ce1850-05733137ac3c9488-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
116549
x-xss-protection
1; mode=block
x-served-by
cache-dfw-kdal2120129-DFW, cache-mia-kmia1760096-MIA, cache-mia-kmia1760096-MIA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f796493ce1850-4009c7c39e1b4a89-01
x-timer
S1711534199.727943,VS0,VE35
etag
W/"1c745-hchJTw130jzH/110iDo9SKr3CKg"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
9, 1, 0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202211.2.0/ 		383 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uPFqyxtrxGqJsyAvB7RnSg==
age
58896
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
93482
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:45 GMT
server
cloudflare
etag
0x8DADC66BDFA5EC7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a5ea234d-301e-0069-6d88-1700cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86ae96863aa38dd0-MIA
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		540 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
fdef446ce73f432a49ab81d3e66205f20f4d4b25d405e21fcdca866a14546b66

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 27 Mar 2024 10:09:58 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
540
token
www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
9f4e54488b5d00233d8d9807497a669f9d27ce6502e2fa1d9fc6fce5def7f9b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:59 GMT
content-encoding
gzip
x-correlation-id
86ae96899ebec4c8
cf-cache-status
DYNAMIC
via
1.1 b0fe3eefa4f21a3a8e8b7f811d05f7b8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SFO53-P5
age
0
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1711385391-9504073203 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-ratelimit-1m-remaining
22601, 1952113
x-ratelimit-1m-reset
644, 644
vary
Accept-Encoding, User-Agent
x-ratelimit-1m-limit
24000, 2000000
content-type
application/json
cache-control
no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics
2521cc02852d/[173,171,-] 25D1cc028561/[-,173.726]
cf-ray
86ae96899ebec4c8-SEA
x-amz-cf-id
oqoX7bTR3EGljds1HUwfw2gT6tc94xbUmyIAjwmqSz-XVna4S6yXwA==
en.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/6e10e834-96b1-4572-80d7-3109ba160fd7/ 		73 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/6e10e834-96b1-4572-80d7-3109ba160fd7/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71bd66530457656271aa253073fb867cdc9068586f7af54e341667687162909e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
FVTe+XzL+4tWjb2VPxjyIQ==
content-length
15363
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 17:32:16 GMT
server
cloudflare
etag
0x8DADD2FFAAA3EC3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
73e8b48e-b01e-0058-5103-24e1dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86ae968949594958-MIA
expires
Thu, 28 Mar 2024 10:09:59 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		399 KB
57 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b215bfaf35cc7e902ea5f8864db9685f88d28c36b5569c742bb0274da5bb40f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
TMg4/3OSrIvugrPmGtEgGA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
58189
x-ms-lease-status
unlocked
last-modified
Wed, 27 Mar 2024 03:23:41 GMT
server
cloudflare
etag
0x8DC4E0D4CD0A27F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6927e31c-801e-0021-13f6-7f1df8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86ae9689495a4958-MIA
otTCF.js
cdn.cookielaw.org/scripttemplates/202211.2.0/ 		68 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/otTCF.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jNSx0jAViofB7ggqqp6FUQ==
age
48384
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15011
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:44 GMT
server
cloudflare
etag
0x8DADC66BD0C2AD7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e8c255f1-801e-001e-27e6-1dd55b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86ae96894cfa8dd0-MIA
local
www.paypal.com/credit-presentment/experiments/ Frame F974 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.59.0&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
156671
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1524
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Wed, 27 Mar 2024 10:09:59 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-DWP2cdgxxp8ZuW96n8gKxTY6NrQ"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f245171a48a44
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f245171a48a44-93731fdee16b3b94-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f245171a48a44-e501d00782d7be0a-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, MISS
x-cache-hits
21959, 19484, 0
x-served-by
cache-dfw-kdfw8210146-DFW, cache-mia-kmia1760063-MIA, cache-mia-kmia1760063-MIA
x-timer
S1711534200.606956,VS0,VE5
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.co.uk&t=xo&v=5.0.430&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba911115d77f90c7446c620602177e80e3852a4d5027f65ef01779e88ca081f4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-5tKlc4PBQWJCeed/rxNbR9bX3feCrLZj/AuYIt3o+9zO4eli' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-5tKlc4PBQWJCeed/rxNbR9bX3feCrLZj/AuYIt3o+9zO4eli' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 27 Mar 2024 10:09:59 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
154947
x-cache
HIT, HIT, MISS
paypal-debug-id
f149228372e80
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4798
x-xss-protection
1; mode=block
x-served-by
cache-dfw-kdfw8210081-DFW, cache-mia-kmia1760096-MIA, cache-mia-kmia1760096-MIA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f149228372e80-15efb7b952066963-01
x-timer
S1711534200.515885,VS0,VE5
etag
W/"3695-hrYTJ6MuZyKgNp3NJbXT/NXrN1Q"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
66, 1, 0
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
86ae968bb881098e-MIA
content-encoding
gzip
date
Wed, 27 Mar 2024 10:09:59 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sessions
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/sessions
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1NWRlMjIyNS1lMmNiLTRmZTctYjZhYS0zNGE1OGFkOTlkZTQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjA2ZDg1NjgwLWUxYTYtNGEwYi1hNGMyLTkxNzU3YzIyYzVlYyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTE1MzQxNjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmNla2N4SW1jczBtY2FSeHJkRmxHWVl3cmJHOjpjaGlkOiAiLCJleHAiOjE3MTE1MzU5OTksImlhdCI6MTcxMTUzNDE5OSwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjg2MTYyODY5NzAwODYzNCJ9.Ofu2TEl4z96mxlC-h3LkXmZFX98umEG4JUzVuXd4Ix9K3YQofWh_K9ABdu4zWZEgldS0lw6GhKy0dJWc5nE_Ag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:00 GMT
via
1.1 c84ddafed7088f377cf7518b7821ae6c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
SFO53-P5
age
0
x-yottaa-optimizations
ob/0 si/25D1cc028561-1711385391-9504073204 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
allow
OPTIONS,POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
2521cc028527/[446,445,-] 25D1cc028561/[-,447.569]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/sessions
accept-ranges
bytes
cf-ray
86ae968c8a55c729-SEA
x-dw-request-base-id
qbB16XjwA2YBAAB_
x-amz-cf-id
uKNfdFBZgVwT06cxjxb3iRChcRfCndb8gH3ZmwujL-ebjvLDmuNqSg==
x-yottaa-os
204
expires
Thu, 01 Dec 1994 16:00:00 GMT
shoppercontext
www.elfcosmetics.co.uk/api/v1/ 		57 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/api/v1/shoppercontext?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1NWRlMjIyNS1lMmNiLTRmZTctYjZhYS0zNGE1OGFkOTlkZTQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjA2ZDg1NjgwLWUxYTYtNGEwYi1hNGMyLTkxNzU3YzIyYzVlYyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTE1MzQxNjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmNla2N4SW1jczBtY2FSeHJkRmxHWVl3cmJHOjpjaGlkOiAiLCJleHAiOjE3MTE1MzU5OTksImlhdCI6MTcxMTUzNDE5OSwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjg2MTYyODY5NzAwODYzNCJ9.Ofu2TEl4z96mxlC-h3LkXmZFX98umEG4JUzVuXd4Ix9K3YQofWh_K9ABdu4zWZEgldS0lw6GhKy0dJWc5nE_Ag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 545a028fb877bcb33ee64ef7fbf07ec0.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
57
content-encoding
gzip
x-amz-cf-pop
SFO53-P5
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
beb77531-ec43-4914-beb5-02a50f9d8007
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1711385391-9504073205 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
VSKCwF42iYcENxw=
content-length
79
alt-svc
h3=":443"; ma=86400
etag
W/"39-LgPw152VfElAKHYfDt/MyAcU00g"
x-amzn-trace-id
Root=1-6603f077-27e2fa710537829368e031e3;Parent=1eb4b21021af76b9;Sampled=0;lineage=dcd1e669:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
2521cc028534/[515,514,-] 25D1cc028561/[-,516.515]
x-amzn-remapped-date
Wed, 27 Mar 2024 10:10:00 GMT
x-amz-cf-id
DuzQ_myl3oOyv4ALPw6lB2_42NG678gzbrdvSaAjx9D3KmGdey-ITA==
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
136905b4ab0c94df39becd34f13b9da04c73cb3c8a981d6cac994c9dd5fa7c26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://www.elfcosmetics.co.uk/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:09:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
21790edc-a6a6-4712-8678-707a222b5950
x-runtime
0.107694
server
cloudflare
etag
W/"136905b4ab0c94df39becd34f13b9da0"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1711534200
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
86ae968ca8ec098e-MIA
x-ratelimit-remaining
497.0
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		196 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=38.132.118.76
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b0ae6ca3caa68945caf45f000efe5b8a052d45d9438cd4ca92221abe5c05e707
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 8fc19d425c5af8e0ecc9f1d76fca1cf0.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P5
age
0
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1711385391-9504073208 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=38.132.118.76
x-yottaa-metrics
2521cc02854b/[515,515,-] 25D1cc028561/[-,516.551]
cf-ray
86ae969189d6c4d7-SEA
x-dw-request-base-id
DRDxyXjwA2YBAAB_
x-amz-cf-id
Vy-Sswz2FvnUE5FIelP9huV7OttQ4yvyj1XG7M7qMpBPGNj-j2RT1Q==
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		196 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=38.132.118.76
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b0ae6ca3caa68945caf45f000efe5b8a052d45d9438cd4ca92221abe5c05e707
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 773f6821b053a13ecc63d604feb07cb4.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P5
age
0
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1711385391-9504073209 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=38.132.118.76
x-yottaa-metrics
2521cc02850e/[615,613,-] 25D1cc028561/[-,616.067]
cf-ray
86ae969169c7c3a2-SEA
x-dw-request-base-id
HVpZHXjwA2YBAAB_
x-amz-cf-id
EUGhOrRIUGbgnm3H49-MY_zbSSbp2bGke7qJa4vgXMGwUMNjBC8r7w==
baskets
www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/cekcxImcs0mcaRxrdFlGYYwrbG/ 		11 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/cekcxImcs0mcaRxrdFlGYYwrbG/baskets?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1NWRlMjIyNS1lMmNiLTRmZTctYjZhYS0zNGE1OGFkOTlkZTQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjA2ZDg1NjgwLWUxYTYtNGEwYi1hNGMyLTkxNzU3YzIyYzVlYyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTE1MzQxNjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmNla2N4SW1jczBtY2FSeHJkRmxHWVl3cmJHOjpjaGlkOiAiLCJleHAiOjE3MTE1MzU5OTksImlhdCI6MTcxMTUzNDE5OSwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjg2MTYyODY5NzAwODYzNCJ9.Ofu2TEl4z96mxlC-h3LkXmZFX98umEG4JUzVuXd4Ix9K3YQofWh_K9ABdu4zWZEgldS0lw6GhKy0dJWc5nE_Ag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:00 GMT
x-correlation-id
86ae96915c9debcf
dnt
0
cf-cache-status
DYNAMIC
via
1.1 15db3cca810568aab246ba24fafd371a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SFO53-P5
age
0
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1711385391-9504073207 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=K1xZ5NOnUlH1wqE7ROtL5519z.t86mXhk9_4OBbCTXc-1711534200-1.0.1.1-OdwPxGZJX7IGD7khBREUMFIJP1rnWwPoz3hILs1xeL.MSldFIOE2SRxTfG4XLB.Qo6ipPGeM7tujQkMOMViUaud1yOed6HoRZetjrxfiW8CxfsomAfJ20.zfRI772gf1JWV9dHfy2hHVFO1iAdvP4JlcmnoSYhk2ajXxQx0I6vo7pwqLX4zUAIfoDqgSAz.b; report-to cf-csp-endpoint
x-cache
Miss from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
37
allow
GET,HEAD,OPTIONS
x-ratelimit-remaining
999
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
sfdc_load
2
x-yottaa-metrics
2521cc02850f/[229,228,-] 25D1cc028561/[-,230.952]
cache-control
max-age=0,no-cache,no-store
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/cekcxImcs0mcaRxrdFlGYYwrbG/baskets?siteId=elf-eu
x-ratelimit-limit
99999
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=K1xZ5NOnUlH1wqE7ROtL5519z.t86mXhk9_4OBbCTXc-1711534200-1.0.1.1-OdwPxGZJX7IGD7khBREUMFIJP1rnWwPoz3hILs1xeL.MSldFIOE2SRxTfG4XLB.Qo6ipPGeM7tujQkMOMViUaud1yOed6HoRZetjrxfiW8CxfsomAfJ20.zfRI772gf1JWV9dHfy2hHVFO1iAdvP4JlcmnoSYhk2ajXxQx0I6vo7pwqLX4zUAIfoDqgSAz.b"}],"group":"cf-csp-endpoint","max_age":86400}
accept-ranges
bytes
cf-ray
86ae96915c9debcf-SEA
x-amz-cf-id
_JKwYGI0wFLHutNYiMDIrmBVqRfE9mNwTpyVlmKfgIEAhWVJDEwW-A==
x-yottaa-os
200
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ 		98 B
517 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/main.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.161.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-161-36.compute-1.amazonaws.com
Software
envoy /
Resource Hash
fd094a74f84929cb7c4d39c64bb6ff549828f9a19f292b7778da12b2dadc5454
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-cq-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.elfcosmetics.co.uk/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:00 GMT
strict-transport-security
max-age=15552000; includeSubdomains
server
envoy
etag
W/"62-OusGEEi5q/75cCLGZiNN9mGutcM"
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
content-length
98
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.161.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-161-36.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cq-client-id
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type, x-cq-tenant, x-cq-client-id
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
content-length
0
date
Wed, 27 Mar 2024 10:10:00 GMT
server
envoy
strict-transport-security
max-age=15552000; includeSubdomains
x-envoy-upstream-service-time
1
ts
t.paypal.com/ 		42 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Cosmetic%20Criminals%20%7C%20e.l.f.%20Cosmetics&dh=600&dw=800&bh=1113&bw=1600&cd=24&sh=600&sw=800&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1711534200394&g=600&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
date
Wed, 27 Mar 2024 10:10:00 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
572650bb0f179
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-dfw-kdal2120063-DFW, cache-mia-kmia1760076-MIA
pragma
no-cache
correlation-id
572650bb0f179
traceparent
00-0000000000000000000572650bb0f179-6fdfbe5a47762b04-01
x-timer
S1711534201.738408,VS0,VE90
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:10:00 GMT
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		600 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
1093e15b57ae40276d54301b2082494a0fee01da9847c760627642b14fa9f90a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 27 Mar 2024 10:10:00 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9AFD) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
6311f9a184f2a
dc
ccg11-origin-www-1.paypal.com
content-length
16355
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (mic/9AFD)
traceparent
00-00000000000000000006311f9a184f2a-174d3f4f683130cc-01
etag
"64f25363-daa8+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 27 Mar 2024 11:10:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vO8A/abKpoPacUrvSk9OSw==
age
44750
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:35 GMT
server
cloudflare
etag
0x8DADC66B7AF38D0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
716fea89-301e-0069-5c71-2200cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86ae96939d1c4958-MIA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ 		61 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
mBGnk7IXt0USbYmXZQhmOw==
age
44750
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12540
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:37 GMT
server
cloudflare
etag
0x8DADC66B90C98A8
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1ffcdf85-701e-00a3-4d57-795c46000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86ae96939d1f4958-MIA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:10:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
age
44750
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
9de2d930-b01e-0005-6a4e-79eb58000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
86ae96939d204958-MIA
NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:01 GMT
x-amz-version-id
null
cf-cache-status
HIT
age
53461
x-amz-server-side-encryption
AES256
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
content-length
5378
last-modified
Tue, 26 Mar 2024 19:19:00 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
86ae969a6d0d74a0-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:02 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
age
58680
x-amz-server-side-encryption
AES256
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 17:52:01 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
cf-ray
86ae969a6d1074a0-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
icon-noun-shine-4881627
elfcosmetics.a.bigcontent.io/v1/static/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-shine-4881627?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-shine-4881627?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-shine-4881627?%24Desktop%24=&fmt=auto%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
102e62a65463f863798406056350b65849b7e7f7d3b543e2c6e9e89542288398

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:01 GMT
x-amz-version-id
null
cf-cache-status
HIT
age
46273
x-amz-server-side-encryption
AES256
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
content-length
13665
last-modified
Tue, 26 Mar 2024 21:18:48 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
86ae969a6d0e74a0-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
icon-noun-shipping-5965850-resized
elfcosmetics.a.bigcontent.io/v1/static/ 		1 KB
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-shipping-5965850-resized?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-shipping-5965850-resized?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-shipping-5965850-resized?%24Desktop%24=&fmt=auto%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd1fb7d50ee35ca25a2f9a2a0f3792e45652d1fc5b114d1145bc60ab52484d2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:01 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
age
35270
x-amz-server-side-encryption
AES256
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 27 Mar 2024 00:22:11 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
cf-ray
86ae969a6d0f74a0-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
700231
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/products/ 		246 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/products/700231?siteId=elf-eu&locale=en-GB&currency=GBP&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1249c2abca71fa44499697b8bfe2959b72d2e3ea32a794346c9968a57013d6f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
cache-control
no-cache
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 5ef053ed5de62b8aa34580e3bd7d802a.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P5
age
0
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1711385391-9504073212 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 27 Mar 2024 10:10:02 GMT
vary
accept-encoding
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/products/700231?siteId=elf-eu&locale=en-GB&currency=GBP&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
x-yottaa-metrics
2521cc028529/[793,792,-] 25D1cc028561/[-,795.244]
cf-ray
86ae9699da5dc3a2-SEA
x-dw-request-base-id
qbCz6XrwA2YBAAB_
x-amz-cf-id
ImGTvxAVZy8syJDmSw4i5_IxMedZsCW0KPzlgWzKnI1HZDz0CsjuAA==
baskets
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/baskets
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
bc94604331832280bf50698a3b1d94a145849f24d46c6c107c5eb85e9a9d02bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1NWRlMjIyNS1lMmNiLTRmZTctYjZhYS0zNGE1OGFkOTlkZTQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjA2ZDg1NjgwLWUxYTYtNGEwYi1hNGMyLTkxNzU3YzIyYzVlYyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTE1MzQxNjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmNla2N4SW1jczBtY2FSeHJkRmxHWVl3cmJHOjpjaGlkOiAiLCJleHAiOjE3MTE1MzU5OTksImlhdCI6MTcxMTUzNDE5OSwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjg2MTYyODY5NzAwODYzNCJ9.Ofu2TEl4z96mxlC-h3LkXmZFX98umEG4JUzVuXd4Ix9K3YQofWh_K9ABdu4zWZEgldS0lw6GhKy0dJWc5nE_Ag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:02 GMT
via
1.1 3c65c8de2d2443b1201cd33d859d8db0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-amz-cf-pop
SFO53-P5
age
0
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1711385391-9504073213 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
984
pragma
no-cache
etag
f64c9a1decd480db2ac081c6e8502e887d03c7f2179e3b864959bb9a17104432
allow
OPTIONS,POST
content-type
application/json;charset=UTF-8
x-dw-resource-state
f64c9a1decd480db2ac081c6e8502e887d03c7f2179e3b864959bb9a17104432
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
2521cc028526/[263,262,-] 25D1cc028561/[-,264.790]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/baskets
accept-ranges
bytes
cf-ray
86ae969a0bf90917-SEA
x-dw-request-base-id
DRAWynnwA2YBAAB_
x-amz-cf-id
qQmWYhvFuqVLKcAXh9GU8ZOFqOAKYk7ACzokuiTNeRShTrdglGrf6w==
x-yottaa-os
200
expires
Thu, 01 Dec 1994 16:00:00 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 9728 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9BA9) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16754
content-type
text/html
date
Wed, 27 Mar 2024 10:10:02 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc+gzip"
expires
Wed, 27 Mar 2024 11:10:02 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
77503e9e035bf
server
ECAcc (mic/9BA9)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-000000000000000000077503e9e035bf-b8d4b3253822e6b7-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
44751
x-ms-lease-status
unlocked
last-modified
Mon, 25 Mar 2024 19:35:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
87bc4c8e-a01e-0044-3d2d-7fb3bc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
86ae969a481d4958-MIA
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
63180
content-length
4036
x-ms-lease-status
unlocked
last-modified
Mon, 25 Mar 2024 19:35:37 GMT
server
cloudflare
etag
0x8DC4D02BF9051A1
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d2ba6eb3-401e-004c-402c-7fa9b3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86ae969b19008dd0-MIA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Mar 2024 10:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
53825
x-ms-lease-status
unlocked
last-modified
Mon, 25 Mar 2024 19:35:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f6f2a0a1-601e-0074-26b0-7f0d73000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
86ae969b19018dd0-MIA
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/10935/static/img/flag-icons/ 		717 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/10935/static/img/flag-icons/gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:02 GMT
x-amz-version-id
null
via
1.1 89afe786efbbc098291960de036b779a.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
SFO53-P5
age
414746
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/25D1cc028561-1711117334-8828631737 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
710399
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
10935
x-yottaa-forcecache
true
last-modified
Fri, 22 Mar 2024 14:56:34 GMT
etag
"09d729feb9edb852ea0daca331a9b058"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
2521cc02858c/[82,80,-] 25D1cc028561/[hit]
x-amz-cf-id
UsYKVEdysRlOgRENe9-U_Rn6-6RJ5K8NJyBXe2pndGn7S9Z4i0TOQA==
ts
t.paypal.com/ 		42 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Cosmetic%20Criminals%20%7C%20e.l.f.%20Cosmetics&dh=600&dw=800&bh=1113&bw=1600&cd=24&sh=600&sw=800&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1711534203001&g=600&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
date
Wed, 27 Mar 2024 10:10:03 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
790bc781d36e0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-dfw-kdal2120057-DFW, cache-mia-kmia1760076-MIA
pragma
no-cache
correlation-id
790bc781d36e0
traceparent
00-0000000000000000000790bc781d36e0-225720069ac1f988-01
x-timer
S1711534203.023726,VS0,VE91
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:10:03 GMT
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/10935/static/img/flag-icons/ 		717 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/10935/static/img/flag-icons/gb.svg
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:03 GMT
x-amz-version-id
null
via
1.1 89afe786efbbc098291960de036b779a.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
SFO53-P5
age
414747
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/25D1cc028561-1711117334-8828631737 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
710399
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
10935
x-yottaa-forcecache
true
last-modified
Fri, 22 Mar 2024 14:56:34 GMT
etag
"09d729feb9edb852ea0daca331a9b058"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
2521cc02858c/[82,80,-] 25D1cc028561/[hit]
x-amz-cf-id
UsYKVEdysRlOgRENe9-U_Rn6-6RJ5K8NJyBXe2pndGn7S9Z4i0TOQA==
productratings
www.elfcosmetics.co.uk/api/v1/ 		78 B
866 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/api/v1/productratings
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/main.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
2fdc304ee64a7d6c485dad8075fbd66be09eff8950577950b8f11ed7b018fe4f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 27 Mar 2024 10:10:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 b0fe3eefa4f21a3a8e8b7f811d05f7b8.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
78
content-encoding
gzip
x-amz-cf-pop
SFO53-P5
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
94cd3511-13cd-40e7-9f9c-b28a4ad91af0
x-yottaa-optimizations
ob/1000 si/25D1cc028561-1711385391-9504073224 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
VSKDWF8wiYcEVCA=
content-length
100
alt-svc
h3=":443"; ma=86400
etag
W/"4e-VSm/2CXuAJsL689XK1QXHaczH1o"
x-amzn-trace-id
Root=1-6603f07b-7e87a0f610681aeb0548b59a;Parent=0cf2db9258989257;Sampled=0;lineage=dcd1e669:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
2521cc02851e/[504,503,-] 25D1cc028561/[-,505.154]
x-amzn-remapped-date
Wed, 27 Mar 2024 10:10:03 GMT
x-amz-cf-id
kp0wdtSVz-pp7S6WET5-3pKbFhbQcWIqQ5nrXDCpmlE4WnclrVV8SQ==
script-tag.js
cdn-scripts.signifyd.com/api/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-40.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68f6710cb2cc63e278cd3be6a0593c700b3ac346e36c1d636c5c13374dc20e91

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 09:40:36 GMT
content-encoding
gzip
via
1.1 1dd1e483fa41d512929f44790f141972.cloudfront.net (CloudFront)
last-modified
Wed, 10 Jan 2024 11:26:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
1768
x-amz-server-side-encryption
AES256
etag
W/"d34fe38d39e71cd6ace9ab1bfc0bb10a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
s2K8S-q-fbZiV02yPOHxbK8Uwgtp_NUwTOvpV1KR_HUSv_r07YeqGw==
ts
t.paypal.com/ 		42 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&es=visitorInfo&cust=identified&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Cosmetic%20Criminals%20%7C%20e.l.f.%20Cosmetics&dh=600&dw=800&bh=1113&bw=1600&cd=24&sh=600&sw=800&v=NA&pl=pdf&rosetta_language=en-US%2Cen&unsc=5&identifier_used=DFP&e=im&t=1711534203679&g=600&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
date
Wed, 27 Mar 2024 10:10:03 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
3980688e9498c
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-dfw-kdfw8210039-DFW, cache-mia-kmia1760076-MIA
pragma
no-cache
correlation-id
3980688e9498c
traceparent
00-00000000000000000003980688e9498c-df928c5363f4c001-01
x-timer
S1711534204.711971,VS0,VE61
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:10:03 GMT
company_toolkit.js
cdn-scripts.signifyd.com/api/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-40.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 09:40:35 GMT
content-encoding
gzip
via
1.1 1dd1e483fa41d512929f44790f141972.cloudfront.net (CloudFront)
last-modified
Tue, 30 May 2023 10:18:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
1769
x-amz-server-side-encryption
AES256
etag
W/"2c3950f122b3977df61b0e077aaa92c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
9P6YiWZlf_AKLILnqm9sZ9S0SwG6HQxwsMNkJl7yw0kF2jMBi2WIHg==
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/10935/static/img/flag-icons/ 		717 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/10935/static/img/flag-icons/gb.svg
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/10935/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.2.133.97 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 10:10:04 GMT
x-amz-version-id
null
via
1.1 89afe786efbbc098291960de036b779a.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
SFO53-P5
age
414748
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/25D1cc028561-1711117334-8828631737 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
710399
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
10935
x-yottaa-forcecache
true
last-modified
Fri, 22 Mar 2024 14:56:34 GMT
etag
"09d729feb9edb852ea0daca331a9b058"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
2521cc02858c/[82,80,-] 25D1cc028561/[hit]
x-amz-cf-id
UsYKVEdysRlOgRENe9-U_Rn6-6RJ5K8NJyBXe2pndGn7S9Z4i0TOQA==
mc10t8ph8x2vdobd.js
imgs.signifyd.com/ 		98 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/mc10t8ph8x2vdobd.js?k7q8wibc1wp2i53z=w2txo5aa&1t4mo58nh57me7pa=LzhlZDgzOWNiNDg5NDBlNWNmZjE4OWMzOGYy
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
83b10905fec3a3a750e3a570af4afd4d62d065bd18c1c42dc1523f983b8481c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 10:10:04 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP=IVAa PSAa
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
KJGkLxc5TlVyiBGz
imgs.signifyd.com/ Frame AB27 		275 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/KJGkLxc5TlVyiBGz?6657eb38665146a3=jubi03O3ZNEBuXeX1Pz0akUCIRXEqncDz47hxWFov1rf-piX1vWnykDq_5oDvC3aS_vKJKRCjmcENiIY2s_KWCAAxuturBHHxKU5kwG9mKCpt3s9ZngwKAXnx9ubgVhwK6J3clVjoz4kZWPoYZNZP1Ubh5syUmbV9qqR4PJqlssiozGzXoJdsHxa7HNG-Yz4N90vRAP033g_jTlB&jb=3d332e2e60736d7f375563666e6f75732c6a7167375563666e6577732f30383b3b24627b6a7f354b62726d676f24607b683d4168786f6f6d2f303a393839
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/mc10t8ph8x2vdobd.js?k7q8wibc1wp2i53z=w2txo5aa&1t4mo58nh57me7pa=LzhlZDgzOWNiNDg5NDBlNWNmZjE4OWMzOGYy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
4c7cd7f66840c09ee398c54842b68a26ea8660074070564d8c9d06e156d8258b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 10:10:05 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
125ae7cb0b476240
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hV_OS3gMlDnZET-F
imgs.signifyd.com/ Frame AB27 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/hV_OS3gMlDnZET-F?574ec6e39879ce38=goNUoXou1IFdfirJzsmCm7m4Vh40PnNAXAGgo4-PTP2I_vvZZZyC3oXhTSkz0mBXL9oVgRYWdYmqXPasGY8W5-osQMC5ltBg-guWwd89kSk6BGTq7-sWml2OqoojLTaTkTbInJzgSJOPuzWKjRJhUnyPa8ZATgy4z-gA5OM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 27 Mar 2024 10:10:05 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
kvSg2JF6TNmzGWuP
imgs.signifyd.com/ Frame AB27 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/kvSg2JF6TNmzGWuP?367637c18ccde56d=QlsrrlCl1tIfb1eBnzUw-KnV5B_A7mRdfxCN6ZYiA2Pey41V57N1zCXeVYWkzwaBaY291nIktRpyPSc2BjqmfFKV0Hpi9SkNN_xbFPRaJZGD0snlb_N0fqXRGsnyyglJZl87XwpM-aXOav0UXtYPDg6STQxxo_89nMqM8oI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 27 Mar 2024 10:10:05 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
imgs.signifyd.com/fp/ Frame AB27 		81 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/KJGkLxc5TlVyiBGz?6657eb38665146a3=jubi03O3ZNEBuXeX1Pz0akUCIRXEqncDz47hxWFov1rf-piX1vWnykDq_5oDvC3aS_vKJKRCjmcENiIY2s_KWCAAxuturBHHxKU5kwG9mKCpt3s9ZngwKAXnx9ubgVhwK6J3clVjoz4kZWPoYZNZP1Ubh5syUmbV9qqR4PJqlssiozGzXoJdsHxa7HNG-Yz4N90vRAP033g_jTlB&jb=3d332e2e60736d7f375563666e6f75732c6a7167375563666e6577732f30383b3b24627b6a7f354b62726d676f24607b683d4168786f6f6d2f303a393839
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
*/*, w2txo5aa/125ae7cb0b476240lzhlzdgzownindg5ndblnwnmzje4owmzogyy
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 10:10:05 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 27 Mar 2024 10:10:05 GMT
Server
Apache
Etag
d7457de694cf4570a01d1506d36bacce
Content-Type
image/png
Access-Control-Allow-Origin
https://www.elfcosmetics.co.uk
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Mon, 26 Mar 2029 10:10:05 GMT
kAsiCu7s0v95dq9R
imgs.signifyd.com/ Frame FB42 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/kAsiCu7s0v95dq9R?12922434d9e68108=y72ztrolwzyy60CwXuRfae_bx8NCC-6IcYBWNvknVbCkN3J98U7h-u2kehhlMgYgKX6Ala1bchH42XBZx1aQ06zLPKE4OCNLP0ZPktswrTYoYMGjgMsGriuY3Dr1GbOVZmlPzIxPT-uezE4w6chZUcD-NlIks879HmtlsXNzQIB9DeExB1EPMxJp57vkzvN0_DRmhQPgJ916szvbqtg
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/KJGkLxc5TlVyiBGz?6657eb38665146a3=jubi03O3ZNEBuXeX1Pz0akUCIRXEqncDz47hxWFov1rf-piX1vWnykDq_5oDvC3aS_vKJKRCjmcENiIY2s_KWCAAxuturBHHxKU5kwG9mKCpt3s9ZngwKAXnx9ubgVhwK6J3clVjoz4kZWPoYZNZP1Ubh5syUmbV9qqR4PJqlssiozGzXoJdsHxa7HNG-Yz4N90vRAP033g_jTlB&jb=3d332e2e60736d7f375563666e6f75732c6a7167375563666e6577732f30383b3b24627b6a7f354b62726d676f24607b683d4168786f6f6d2f303a393839
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 27 Mar 2024 10:10:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
kb_bR9n8j0O3VHPM
imgs.signifyd.com/ Frame AB27 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/kb_bR9n8j0O3VHPM?42fbd0d876298534=ecX3ku7qIL8MU89qZSXW1Q1Gt-XS7UogSS30wztgzYthkWNwojdtvl2M6J-fkjxag5VZDjYxNIL9a3tsnF_VrPE3CRaaPgOT9b2L2KcHsgLGMVqhDtUT-entmHQyi_84UXy1KVI78t0ywoTpSp9b0uyMqxw&jb=3b3c2e6479613f3269376e6a3f6263626f32663c3c603b693b6e326169316c3c693231696e3939
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/KJGkLxc5TlVyiBGz?6657eb38665146a3=jubi03O3ZNEBuXeX1Pz0akUCIRXEqncDz47hxWFov1rf-piX1vWnykDq_5oDvC3aS_vKJKRCjmcENiIY2s_KWCAAxuturBHHxKU5kwG9mKCpt3s9ZngwKAXnx9ubgVhwK6J3clVjoz4kZWPoYZNZP1Ubh5syUmbV9qqR4PJqlssiozGzXoJdsHxa7HNG-Yz4N90vRAP033g_jTlB&jb=3d332e2e60736d7f375563666e6f75732c6a7167375563666e6577732f30383b3b24627b6a7f354b62726d676f24607b683d4168786f6f6d2f303a393839
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 27 Mar 2024 10:10:05 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
buFyuCj9HD-SgFRr
h.online-metrix.net/ Frame 8AA1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/buFyuCj9HD-SgFRr?0f8782a3058d16d3=Ni1nRefRWOoDC9qQUnBTFsUEvS8-Pqq2uto9ILcOEEtonuX9t05lbhMor0h9_vUDy5B55P7f54KTX3Jh5FMAJlAhfK3BkCU3tIPcghqF7bT_-do2LSAtTvhAb4UaIAjV8aonbXiHsBRRHFviKhPoNCORqcl8gtN_J8PNXWwCAl6QaJ_MWbuRU_f_DHV3ZjxAUK02EKNjP0ZbN7z-ff9e
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/KJGkLxc5TlVyiBGz?6657eb38665146a3=jubi03O3ZNEBuXeX1Pz0akUCIRXEqncDz47hxWFov1rf-piX1vWnykDq_5oDvC3aS_vKJKRCjmcENiIY2s_KWCAAxuturBHHxKU5kwG9mKCpt3s9ZngwKAXnx9ubgVhwK6J3clVjoz4kZWPoYZNZP1Ubh5syUmbV9qqR4PJqlssiozGzXoJdsHxa7HNG-Yz4N90vRAP033g_jTlB&jb=3d332e2e60736d7f375563666e6f75732c6a7167375563666e6577732f30383b3b24627b6a7f354b62726d676f24607b683d4168786f6f6d2f303a393839
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 27 Mar 2024 10:10:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
5N_42D2gfx4K-D78
imgs.signifyd.com/ Frame 1766 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/5N_42D2gfx4K-D78?088a30940d9fbf12=PMvB0yzIg-kEXka2bcJcjKpJr_qJJ7rec3q8Tl2piXkqoxzUxAr-I_OJojwgEWwaOMpjSeHMmCJiz8FVTY55NUyC4s_M49lgkmpRbl1CyH97r3lDXrpDlWVhnP9FU-zmbm7Yd-p3mmbj-mYsQDErQCx-QU_6qreLkYKJcvv-D5Sk4BcDje0_HmVht78SqJhgKz-L14xDmAVwh6aoylUm
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/KJGkLxc5TlVyiBGz?6657eb38665146a3=jubi03O3ZNEBuXeX1Pz0akUCIRXEqncDz47hxWFov1rf-piX1vWnykDq_5oDvC3aS_vKJKRCjmcENiIY2s_KWCAAxuturBHHxKU5kwG9mKCpt3s9ZngwKAXnx9ubgVhwK6J3clVjoz4kZWPoYZNZP1Ubh5syUmbV9qqR4PJqlssiozGzXoJdsHxa7HNG-Yz4N90vRAP033g_jTlB&jb=3d332e2e60736d7f375563666e6f75732c6a7167375563666e6577732f30383b3b24627b6a7f354b62726d676f24607b683d4168786f6f6d2f303a393839
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 27 Mar 2024 10:10:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
kb_bR9n8j0O3VHPM
imgs.signifyd.com/ Frame AB27 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/kb_bR9n8j0O3VHPM?42fbd0d876298534=ecX3ku7qIL8MU89qZSXW1Q1Gt-XS7UogSS30wztgzYthkWNwojdtvl2M6J-fkjxag5VZDjYxNIL9a3tsnF_VrPE3CRaaPgOT9b2L2KcHsgLGMVqhDtUT-entmHQyi_84UXy1KVI78t0ywoTpSp9b0uyMqxw&ja=3933303b2c26613727343a382c7a3f302c663f303a32723e3a3a26616c3f303a3a7a3e38382c7b70733d353d3a7a3f3f3a266670783d332432323a243c3a302c323238263c323824393c38382631333b392e3b3e3a302e31383032243d353a243f3d3026677635383d643d396c39393c336534686c303a31683634626e333a3f68326b6e39693426676c35382c716b6c35383c2e66683f627e767a7b2f3343253846273a4c757d7f246f6c66696d7b676f76616b7b246b672475692f38446f646c2d616f796d677c6361276b78636d69646364792c7264353d2c786037653a3a38666c693f3537313333643c6f606f303333336568366933333031386c2c60603761663f39666b6d6b3132623d6166316c673d6b333c31303d676a3b6f3b693a692c627b653d55636466657f792530303b3124627960374b62786f6d6f273a3a3b303b2e6279677d37576b646e6d7d7b2c6a71627f3d4160786d676d2c64686337333e2c64666535302c66657e703f3a2c76706c3750636363666b6b2f304c4065646f6c7f6e7d2c67637c607a373c383a33663b6930686d693030653c63613d3c323a30386b64313f373c3a3b646c3c3d3230393e31663c6f636b3a3e6461393e61646a6e35383b3b3931393c632e6e783f607c7c7a7b2d394127384c27384e7d77752e6f6c646b6571676d7e636373246167247f692d3a4e6f646e27636d7967677e61692d6172636d6b666b6e792e7a37706c7f656164556464697b622d3d4f66636679672b7866756569645f75616466657f79556d656e6b69557a6e69716d782d3d4f66636679672b7866756569645f636c65606f576b69726f68637c2f3f476e6964796d297a6c776d636c55797f69616b7e696f6d2f374f6e6b6673652b72647f6d6b66577b62676b6177637c6f273f4d6c616e736f2172647f656366557865616672646b73677a2d3d4f6e696673672b7a6e7f6f636e5d7666635d786663736d782f35456c6364796f2378647d6d61665564677c6b6e7c7a2f3547666b6c716d2b72667d6d636e5f79746f557c6b6d7f6d782d3d4f66636679672b7866756569645f68697c632f3d4f6c616c79672e6d665d6b357f6f6a6f665767684d4e2f3a3a312c302f32322045726f664d4625323a475b2f38323a26382f3a3849687065676b7f65235767624d4c273a3a45465b462f32304f512d383a3326382d383820457067644d4e2f3a3a45512538304544594e2f3a3a4f5325383239243a273a384b627a676769776723556f6a416976576f6249617e2738385d6f62474643464d4647576166797c696463676e5563787a6b7971253942273a3a47525c55686c6564665767636c6569702f3b4a2f32324f5256556b6669725f696f6c7c786d662d394825323a47505e556167646778576a7f66646f785d626966665d66666f637c2f31482d383a45585e5d6c6f7a7660576b6669657a2531482f303a4d52545d66666f637c5560666d646e253348273a3a4f5a5c576e78696f5564677a7e6a2f3b482530304f5856577a6d66716d656e5f65646e796f76576b646b65782f33402f38324f505e5f71686b64677a55766f707e7f7265556e676e2f314a2d3a3a4d505e5f766f72767f7a6f5f616f6770706d79716367645562707e612d3948273a384d525c577e657a7e7f706f57696f6f707865717b636d6457786d74632f314a2f38324d505c557c6d727477786f5d6c616674677255616c61796d7e7a657a69632f314a2f38324d505c557b5a4d422739482738384545515f6f6c67656f6c7e5763646465725d7d6364762d3b4a2f3a38454551556c60655778656c646f725d65637267697a2f33422f3038454f51577b7c6b666c6b7266556e6778617c6176697c65712d39402f3a3a45455355766d727e777a6d576c64676b742739482738384545515f7e657a7c7f706f576c666f617e5d64636467697a2d394a2d38304d4f595d7e6d727477726f5f6a696664556e666561742f314a2f3832474d5b557c6d727477786f5d626966665d66666f637c556e63666f6b722539402d383a4d4d5b577c6d7a7e657a556b707869735f6d626065617c2f31482d383a574548454455696d64677a556a7d6c666778556466676b742733482530385d47484f4655636f67727a6f79716d6c577e6d707e75706f5563797c692531422f32325f4f404d4455696f6d7a706d7979676c577c6f707c7f7267556f76692d394227323a57474a4d4e556b656770726f717b6f6e5d7c6d707e7d7a6f5f677e69332f3b482530305d45404f465d6967677a726579716d6e55766d707c7f7a6d5573317e6927394a2f3232574f424544556165657a78657379676c557e67707c7d786d57793376695571786f682531422f32325f4f404d44556e65627f6557786f6c6c6d7a6f7a57636e64652f31482d3830554548474e576e67687d6d5573686b666d7879273b4a2d38385f4f42454655666f787e685d746f78767d78672f3b482f32305d474a4d465d6c7a697d576a7f66646f78712f3b482530305d45404f465d6667796f5f63656c7c6f72762d3b4a2f3a385d45404d465d677d66746b5f6e72637f2f31482d383a5745484544557a6d64716f656657676f666f3b342c6f665f6a3d6c30343f38643e383e3963373b306c3a3d333d3d6d393b386862303c383b3e316f6530613e66363d2c756d647c37496e7e67642f383241666b242e7f6d6c7037436c7e6d6625303043726b7b2f303a477a6f6e4746273a3a4f6c6f61666f2e6b69643f3b&jb=393f382e66713f4765786364666127324c352c382f303a205d636e6465757b2f3832465c2d3838393a2e322f39402f3a3a576b6e3c34273b48273838723c34292f30384b7a72646d5f6f6a43637427384c37393f2433342538302a43425647442f3843253832646361672d3a384d6d6b616f2b2f38324960786f6f652f32443938312438243a2e302f3038596b64697a612f3a4e3f3335243934
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/KJGkLxc5TlVyiBGz?6657eb38665146a3=jubi03O3ZNEBuXeX1Pz0akUCIRXEqncDz47hxWFov1rf-piX1vWnykDq_5oDvC3aS_vKJKRCjmcENiIY2s_KWCAAxuturBHHxKU5kwG9mKCpt3s9ZngwKAXnx9ubgVhwK6J3clVjoz4kZWPoYZNZP1Ubh5syUmbV9qqR4PJqlssiozGzXoJdsHxa7HNG-Yz4N90vRAP033g_jTlB&jb=3d332e2e60736d7f375563666e6f75732c6a7167375563666e6577732f30383b3b24627b6a7f354b62726d676f24607b683d4168786f6f6d2f303a393839
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 10:10:05 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Type
text/javascript;charset=UTF-8
Oo7np_l7PqqHElXt
w2txo5aaieenp6e43ivga4qnk3b345atnkvfm2bn125ae7cb0b476240sac.d.aa.online-metrix.net/ Frame AB27 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2txo5aaieenp6e43ivga4qnk3b345atnkvfm2bn125ae7cb0b476240sac.d.aa.online-metrix.net/Oo7np_l7PqqHElXt?685ff611c11b2afb=XEveyDy4zZVD3ydR1ND8Pdqzz2s2RylyRsxou6CzI6nPR06q5gcLuSTKTgS7hSOakLlDfyY-bffoVnyG-xNbd8ZiPnlU4AhZWrbmvTYzrQeh6lp6oUzAj2g7tFUZXIj8i1XRgSzxyKksFJfSdwpe5330Rc8KGXbCaqgb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.3 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 27 Mar 2024 10:10:06 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
u0_p35mllE87Cqsl
imgs.signifyd.com/ Frame AB27 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/u0_p35mllE87Cqsl?eb15b03c9aaa5b4e=HBshSaZqzw2CmT2IrhIl2j79_plM-qrEO52Mkl964fiiPer1T8CrOU6GH4yg2twmIGHhnhv3NXFrYAWImlQXGUwRa6GZMvg2m0YN6gC-1uvO0u_nDmQGsUu95_irVRVv8GNP4-ohj2-djq0hWm07RZpKKjM2YJZhlbOnEiR6nWPLZA2kjCe-KDV-u6PAxUyjaxB4R4LNVJONGEbTcL8&jf=3c3b3e2e79696655786c6e357e64705f52673b5f454c4361676852563c31724d2c71616c576e697c6f3d333d3b333f3b3e3232352c736b6c557673786f37776568386d696e71692e7b636c5761657b3739323f31393033333a36323f3863323e3e326365396638383a33383e38323a69323636326967396c3a3332313a37323b3e303a383a3e363839303f693f6739313b6f3a3e6c31673a6834393e3e313a613c64323d33343f31323933303f343d3a6e343c6a6a3f3e3d3332306f3a643e3c693363623966306d6864683e693c39323a34316f3f6130316b336e6c3d65646b3b323938686330323961633b3a33383f6c3b666638663e333f64383a3c32393e3333376f3c632c7b63645d7363673f3b3a363f38383831303a633e693a353d3830383131396466683f36396a6e6666336e62343c38646e303b3235633e67383c3a313d6b6a6839313d663a3b3932696c6c3166323c37646a6932383a3a3d65616b33303f39313d3e6b383a303261343c3b37396e6b363b656933613d326669306f3f61343c30396e3b3038316b38693a39623b3a3c3b393932643a33382671616c703738
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 27 Mar 2024 10:10:05 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
kb_bR9n8j0O3VHPM
imgs.signifyd.com/ Frame AB27 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/kb_bR9n8j0O3VHPM?42fbd0d876298534=ecX3ku7qIL8MU89qZSXW1Q1Gt-XS7UogSS30wztgzYthkWNwojdtvl2M6J-fkjxag5VZDjYxNIL9a3tsnF_VrPE3CRaaPgOT9b2L2KcHsgLGMVqhDtUT-entmHQyi_84UXy1KVI78t0ywoTpSp9b0uyMqxw&jac=1&je=393b3e3d2c267267376c652e686176737e3d273f4827383a666f766566273a382f314939263a382d3843273838717e697e7571253832273b4b27383a696261726d6b666d2f303a2d3f4e2e697f646a3769633d6a336534653c38336b6963693e6c3861376933313833313e3b3c3c6a3d6933333d3334683c6e3866643e3834383a31326e6f3e663039646b6e32363d312e6f703b3763333969366f383f3967383b64323f3d64396e6e683064323a3f6b333a3c3c69326a6d6933613968247f69623d27374825303a6b706960637e65637e777a6f2f303a2d3b4b2d3a38783a3c2f30382d3843273238626b7c6467797b2f38322539432d3838343c2d3a382d3a4925303868706b666e732732382531492f37482d3d48253238607a6b64662d3a3a2f3b492f32304d656d6d646f2530304968706767672f3a382f32432f303a7c6f707b6167642d3a3825314b2f303839383327323825354c2f30492d3d48253238607a6b64662d3a3a2f3b492f32304465762f3b4b412f4278616c6c2f30382d3849253238746d78796b67662d383a2d39412738383a2f3a382535442f32412d3d402f3a3868726164662d3838273b492d383a4b62726d676377672d383227324925303a7c67787b63656e2538302d394b273a3a39383b2d3832273d4e273f4c2f3241253832647d666e5c6d7879696f644e61797e273a3a2d39492d3f42273d4827383a6872636e6e25303a2f314b2d3838476f6565646f2f30384b607867656f2530382f30492d3832746578736b676427383a2f39412538303938392c38263e39393a24353a2f38302f3f4e2530432f37402d3830687a6b64642538302d394b273a3a46657c2d3941432748706b666e2530322f32412d38307c6d7879696f64273a382f31492d3a3830263a2e32243a27383a2f3746253843273f4827383a6878616e6e273a382f31492d3a384b60786f6f637f6f2f3a382530432f32307e6f7079616564253238273b4b2f303a393a3926382436313b382c3f302f3230253d44273d4e27384b2f38326d656061666f273a3a2d39496e6b6c716f2f30492d38326f6f6e656e2d38302f3b4b2f32322f303a2f38412d3a3a7a64697e666d786727383a2f334325383255616431382d3838253249273a387a6e697c6e657a655c657079636d642d383227334b25303a3b322438243a253238273a492f303a7f677d3e3c2f32302f39436c69667367253d44247d6b6e372d3d48253238607a6b64667b2d3a382d3b4b2537482f35482d383260726b6e662d38302f3b4b2f32324d6d676d66672d3a3849607a656d672f38302f3a492530327c65707b636d642d383825334b273a383b303b2d3a382d3f4e2530492f35482d383260726b6e662d38302f3b4b2f3232446d7c2f394349254a7869666e2530382f30492d3832746578736b676427383a2f3941253830302f38302d3f4c2f3a4b2f37402f3830687a6b6e66253832273b4b27383a4962726f676b7d672f303a2d3a492d3a38766778796b65662f3230253941273a3833383b2f3832253d462d3f4e273a4b2d383a6565626b666f27383a2f3343666b6c716d2f30492d3838706c6b766e65786f2d3a3a2f3b492f32305d636c393a2f3230253d44
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/KJGkLxc5TlVyiBGz?6657eb38665146a3=jubi03O3ZNEBuXeX1Pz0akUCIRXEqncDz47hxWFov1rf-piX1vWnykDq_5oDvC3aS_vKJKRCjmcENiIY2s_KWCAAxuturBHHxKU5kwG9mKCpt3s9ZngwKAXnx9ubgVhwK6J3clVjoz4kZWPoYZNZP1Ubh5syUmbV9qqR4PJqlssiozGzXoJdsHxa7HNG-Yz4N90vRAP033g_jTlB&jb=3d332e2e60736d7f375563666e6f75732c6a7167375563666e6577732f30383b3b24627b6a7f354b62726d676f24607b683d4168786f6f6d2f303a393839
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 27 Mar 2024 10:10:06 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
kb_bR9n8j0O3VHPM
imgs.signifyd.com/ Frame AB27 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/kb_bR9n8j0O3VHPM?42fbd0d876298534=ecX3ku7qIL8MU89qZSXW1Q1Gt-XS7UogSS30wztgzYthkWNwojdtvl2M6J-fkjxag5VZDjYxNIL9a3tsnF_VrPE3CRaaPgOT9b2L2KcHsgLGMVqhDtUT-entmHQyi_84UXy1KVI78t0ywoTpSp9b0uyMqxw&jac=1&je=39322e2e7d656b37393a243939322c313b382c3f3c
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/KJGkLxc5TlVyiBGz?6657eb38665146a3=jubi03O3ZNEBuXeX1Pz0akUCIRXEqncDz47hxWFov1rf-piX1vWnykDq_5oDvC3aS_vKJKRCjmcENiIY2s_KWCAAxuturBHHxKU5kwG9mKCpt3s9ZngwKAXnx9ubgVhwK6J3clVjoz4kZWPoYZNZP1Ubh5syUmbV9qqR4PJqlssiozGzXoJdsHxa7HNG-Yz4N90vRAP033g_jTlB&jb=3d332e2e60736d7f375563666e6f75732c6a7167375563666e6577732f30383b3b24627b6a7f354b62726d676f24607b683d4168786f6f6d2f303a393839
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.157.157 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 27 Mar 2024 10:10:06 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
log
www.paypal.com/credit-presentment/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/log?disableSetCookie=true&features=disable-set-cookie
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 27 Mar 2024 10:10:09 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f968013a1b3a1
server-timing
"traceparent;desc="00-0000000000000000000f968013a1b3a1-0fdbe9f9059801ca-01"";content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-dfw-kdfw8210087-DFW, cache-mia-kmia1760096-MIA, cache-mia-kmia1760096-MIA
paypal-related-debug-ids
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f968013a1b3a1-d296fa030f77e388-01
x-timer
S1711534210.633583,VS0,VE115
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
log
www.paypal.com/credit-presentment/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/log?disableSetCookie=true&features=disable-set-cookie
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-expose-headers
Server-Timing
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 27 Mar 2024 10:10:09 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f13767734950a
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f13767734950a-0fe89a2353bc7ce9-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f13767734950a-8bf2d9ae82a2083f-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-served-by
cache-dfw-kdal2120103-DFW, cache-mia-kmia1760023-MIA, cache-mia-kmia1760023-MIA
x-timer
S1711534209.486912,VS0,VE112

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onpagereveal object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host string| _pxAppId function| yo_loader function| $ function| jQuery object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| ytCCPlayer object| ytBTSPlayer function| onYouTubePlayerAPIReady function| onCCPlayerReady function| onBTSPlayerReady object| content object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime function| _ function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive boolean| __HYDRATING__ object| viewedProductIdsForPage object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otSPAPathChange boolean| otIsInitialized function| OptanonWrapper object| DYcustom object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| __tcfapi object| otStubData object| PXXT4Gy2ig object| PX undefined| _XT4Gy2ighandler object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs object| otTCF object| otIabModule object| paypalDDL string| PaypalOffersObject function| ppq object| Optanon object| OneTrust object| __post_robot_10_0_44__ object| PAYPAL boolean| otLastAcceptAllValue function| a0_0x1b34 function| a0_0xfeda object| sigScriptLoader object| SIG_SCRIPT_DEBUG object| threatmetrix boolean| tmx_profiling_started function| tmx_run_page_fingerprinting function| tmx_post_session_params_fixed

16 Cookies

Domain/Path Name / Value
www.youtube.com/embed Name: TESTCOOKIESENABLED
Value: 1
www.elfcosmetics.co.uk/ Name: _pxhd
Value: dl1Eupn89kaAD25BLo9jzBuspqZXAFON2iCgJtBCUP9nKhNDPe-mnELFz4UPpa-kfC1aCYrAn48ku7HkMYqVdA==:4dN2GC7GRjlhEYrYFrnmGkQvamIOPv7G69-Ik8koi7argoy4Fm-t/dPg8vET/y5qJPLxBcASD2z6qd30tX4IQD6Bo5xQB-qn9YYkBjThyi0=
.youtube.com/ Name: YSC
Value: HRLfvKEIh9A
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: y4A5zIzY3fM
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgbA%3D%3D
www.elfcosmetics.co.uk/ Name: initAuthComplete
Value: true
.elfcosmetics.co.uk/ Name: ab.storage.sessionId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: %7B%22g%22%3A%22ca02e7dc-ad1f-dd37-de55-7d7240a00067%22%2C%22e%22%3A1711535997077%2C%22c%22%3A1711534197077%2C%22l%22%3A1711534197077%7D
.elfcosmetics.co.uk/ Name: ab.storage.deviceId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: %7B%22g%22%3A%229fa38002-b4c8-c4d7-c022-03d6a20195ad%22%2C%22c%22%3A1711534197098%2C%22l%22%3A1711534197098%7D
.elfcosmetics.co.uk/ Name: pxcts
Value: 2b1aa032-ec22-11ee-a891-ad85a8a02abe
.elfcosmetics.co.uk/ Name: _pxvid
Value: 2703b6bc-ec22-11ee-89db-f1ff57b117f4
www.elfcosmetics.co.uk/ Name: scapi
Value: prd:06d85680-e1a6-4a0b-a4c2-91757c22c5ec:eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1NWRlMjIyNS1lMmNiLTRmZTctYjZhYS0zNGE1OGFkOTlkZTQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjA2ZDg1NjgwLWUxYTYtNGEwYi1hNGMyLTkxNzU3YzIyYzVlYyIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTE1MzQxNjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmNla2N4SW1jczBtY2FSeHJkRmxHWVl3cmJHOjpjaGlkOiAiLCJleHAiOjE3MTE1MzU5OTksImlhdCI6MTcxMTUzNDE5OSwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzMjg2MTYyODY5NzAwODYzNCJ9.Ofu2TEl4z96mxlC-h3LkXmZFX98umEG4JUzVuXd4Ix9K3YQofWh_K9ABdu4zWZEgldS0lw6GhKy0dJWc5nE_Ag
www.elfcosmetics.co.uk/ Name: dwanonymous_d0d57f92086b8d4216742497990aeda2
Value: cekcxImcs0mcaRxrdFlGYYwrbG
www.elfcosmetics.co.uk/ Name: dwsid
Value: Qelk-M7QvCM0XEqCo_D9bNw8_E4kG4nqBv0gj6XTtS-7WM8YYZhwnUqqEJNBc7lYT1IqRJqrHQZUUSKZuj8MNg==
.elfcosmetics.co.uk/ Name: _px3
Value: 0ead83e013c59fc5bea53339ca6696205ba6e471e31b7fed4358cd568fb8fe8a:1xhZXU0305bjSKrIolyBZ3SaW+CNmOjU+8DLMZ0GOFLEFe6iYBa39zmcVTjx1tiVZqQ9X7/G0bzdUSDFmpPOtg==:1000:r+Z0A80oUQHpMhkHYR3l8jD/5VKTs+z48GKQB1WzmP//Yd5TOUW13OCv0El4nKnY1itvjlAgc8pNEojacxZZlzLrb+oGmxnLkEKXMWKPget3dySHacVwlWJylyWuWTdjtU2H4j6uhrMzAL5hy4oQDeqS5hYCGi4q3D7uh3F7lQSndYxHGdNQHphd9d2AIPQ2XojEKu7QouAFZGTkECSTRGq9cmjB0wfUbatp4/W3LGA=
.elfcosmetics.co.uk/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Mar+27+2024+00%3A10%3A02+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202211.2.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2CSTACK42%3A0
imgs.signifyd.com/ Name: thx_guid
Value: c9e1af1f91f670cfc01479b756c54c9f

59 Console Messages

Source Level URL
Text
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 349)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 349)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 349)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 379)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 379)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 379)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 379)
Message:
Access to image at 'https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=o_' from origin 'https://www.elfcosmetics.co.uk' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=o_
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 379)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 379)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 379)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 381)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 381)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 381)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cquotient.com
api.ipify.org
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.cookielaw.org
cdn.media.amplience.net
cdn.static.amplience.net
code.jquery.com
collector-pxxt4gy2ig.px-cloud.net
cosmeticscriminals.co.uk
elfcosmetics.a.bigcontent.io
geolocation.onetrust.com
h.online-metrix.net
imgs.signifyd.com
sdk.iad-05.braze.com
t.paypal.com
w2txo5aaieenp6e43ivga4qnk3b345atnkvfm2bn125ae7cb0b476240sac.d.aa.online-metrix.net
www.elfcosmetics.co.uk
www.paypal.com
www.paypalobjects.com
www.youtube.com
cdn-fsly.yottaa.net
104.26.12.205
108.138.106.40
151.101.1.21
151.101.129.35
151.101.193.21
151.101.2.133
172.64.145.183
192.225.157.157
192.225.158.1
192.225.158.3
192.229.210.155
204.2.133.237
204.2.133.97
2606:4700:4400::6812:205a
2606:4700:4400::6812:2089
2606:4700:4400::6812:26d1
2606:4700:4400::ac40:9a28
2606:4700::6813:b134
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80c::200e
2a04:4e42::649
3.223.161.36
35.190.10.96
102e62a65463f863798406056350b65849b7e7f7d3b543e2c6e9e89542288398
1093e15b57ae40276d54301b2082494a0fee01da9847c760627642b14fa9f90a
10f88fdc68e55098d5a689382b43acbcb5eb012120e05a337f43b8f8947a17ec
11ddc42673db4bb6f52fa556cf109f565e5cc2bf37e660d1f8e346412caeb241
1249c2abca71fa44499697b8bfe2959b72d2e3ea32a794346c9968a57013d6f7
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
136905b4ab0c94df39becd34f13b9da04c73cb3c8a981d6cac994c9dd5fa7c26
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
213d6d11e61bb7fb4244e5790d6ecc88ed22ea0aad32302f2b425bc8e3196f73
2fdc304ee64a7d6c485dad8075fbd66be09eff8950577950b8f11ed7b018fe4f
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
37d207a7297589d062c2af128ee513190a9297959cb24c68078f68d64b899c98
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4ae7d857dd8d096a5198b1e8280de9f929ca88d690e445731b6ffdffbf2b8383
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
4c7cd7f66840c09ee398c54842b68a26ea8660074070564d8c9d06e156d8258b
551f3eabcfd7469a1e9d6e701006150cb1afaf08d72b23400b5275abc2bc661b
56f2742d7fbf93000ccdecf5a0235f493addcdd1092f7622fb7d5f11b44b7f7f
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
605a3023c4c4790b6ffe8f588b564606916069afba8ee481b154e9519014b4bb
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
6117ae78f3672ea22324c8ba4a90811effe3c5be5b52fbbf821543654812d319
68f6710cb2cc63e278cd3be6a0593c700b3ac346e36c1d636c5c13374dc20e91
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
71bd66530457656271aa253073fb867cdc9068586f7af54e341667687162909e
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
7a0204422805f76d793709204fd52e753cb059e5dd5099e41781499c8072e726
839482b4fcc78a5da8c6cd734161625a81e1f1b5e66713d9551dcc9209374304
83b10905fec3a3a750e3a570af4afd4d62d065bd18c1c42dc1523f983b8481c2
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8cb2ac35adc7dee4b051d05a7ffc844c9f61eb67b3ce350a16a552f98ffc4172
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
949062629321267f5e4f5d183435ab758ad7898afe2b31dc262b6b164167ffa0
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9f4e54488b5d00233d8d9807497a669f9d27ce6502e2fa1d9fc6fce5def7f9b4
a23d9b1ce0eb9f1be4ef2894d57da07d39ff2ad630f32d53c8b0d84aae1b10a8
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
b0ae6ca3caa68945caf45f000efe5b8a052d45d9438cd4ca92221abe5c05e707
b215bfaf35cc7e902ea5f8864db9685f88d28c36b5569c742bb0274da5bb40f3
b3efc48717edad187198d0a608a3b3a8195f0e5b6b6b41f27b78824796cbd61e
ba911115d77f90c7446c620602177e80e3852a4d5027f65ef01779e88ca081f4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc94604331832280bf50698a3b1d94a145849f24d46c6c107c5eb85e9a9d02bd
cdbeef0b146607f5137f8f5434eeab8625ee0801da2af33e045528d191e512d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecd1fb7d50ee35ca25a2f9a2a0f3792e45652d1fc5b114d1145bc60ab52484d2
f0e54b6fa2554d460a5d3a13fef3c7faf554e5abb58c5b495cf298812af84b6d
f5c7be3a4c29a08840b0503ad5b5016843c6a056cbe46d7e4c20449319807a9b
fd094a74f84929cb7c4d39c64bb6ff549828f9a19f292b7778da12b2dadc5454
fdef446ce73f432a49ab81d3e66205f20f4d4b25d405e21fcdca866a14546b66