urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmetics.co.uk Open in urlscan Pro
140.174.14.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cosmeticcrimal.co.uk/
Effective URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Submission: On July 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 90 HTTP transactions. The main IP is 140.174.14.100, located in Frankfurt am Main, Germany and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.co.uk.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time www.elfcosmetics.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 204.141.89.114 393259 (YOTTAA-AS-1)
1 16 140.174.14.100 393259 (YOTTAA-AS-1)
2 8 2a02:26f0:310... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
3 151.101.130.133 54113 (FASTLY)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
5 2606:4700:440... 13335 (CLOUDFLAR...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.26.13.205 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 35.190.10.96 15169 (GOOGLE)
1 204.2.133.196 393259 (YOTTAA-AS-1)
5 151.101.129.21 54113 (FASTLY)
2 151.101.193.35 54113 (FASTLY)
1 151.101.66.133 54113 (FASTLY)
1 192.229.221.25 15133 (EDGECAST)
2 54.76.49.69 16509 (AMAZON-02)
3 2a02:26f0:310... 20940 (AKAMAI-ASN1)
2 108.138.26.78 16509 (AMAZON-02)
13 91.235.133.113 30286 (THM)
1 91.235.132.130 30286 (THM)
1 192.225.158.1 30286 (THM)
1 91.235.134.131 30286 (THM)
90 24
1    204.141.89.114 (United States)

ASN393259 (YOTTAA-AS-1, US)
cosmeticcrimal.co.uk
16    140.174.14.100 (Frankfurt am Main, Germany)

ASN393259 (YOTTAA-AS-1, US)
www.elfcosmetics.co.uk
8    2a02:26f0:3100::1735:2b10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.media.amplience.net
4    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn-fsly.yottaa.net
2    2a02:26f0:480:1a::5f65:6f9f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.static.amplience.net
5    2606:4700:4400::6812:25a1 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
12    2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxxt4gy2ig.px-cloud.net
1    204.2.133.196 (United States)

ASN393259 (YOTTAA-AS-1, US)
qoe-1.yottaa.net
5    151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    151.101.193.35 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
1    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    54.76.49.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-49-69.eu-west-1.compute.amazonaws.com
api.cquotient.com
3    2a02:26f0:3100::210:6e08 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
elfcosmetics.a.bigcontent.io
2    108.138.26.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-78.fra56.r.cloudfront.net
cdn-scripts.signifyd.com
13    91.235.133.113 (United States)

ASN30286 (THM, US)
imgs.signifyd.com
1    91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net
h.online-metrix.net
1    192.225.158.1 (United States)

ASN30286 (THM, US)
h64.online-metrix.net
1    91.235.134.131 (United States)

ASN30286 (THM, US)
w2txo5aa2um4i6norsbn63pfxdyhaoytk74n3326e1f3e94dacc2aa20am1.e.aa.online-metrix.net
Apex Domain
Subdomains		 Transfer
16 elfcosmetics.co.uk
www.elfcosmetics.co.uk
389 KB
15 signifyd.com
cdn-scripts.signifyd.com — Cisco Umbrella Rank: 8738
imgs.signifyd.com — Cisco Umbrella Rank: 7238
73 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 378
214 KB
10 amplience.net
cdn.media.amplience.net — Cisco Umbrella Rank: 15878
cdn.static.amplience.net — Cisco Umbrella Rank: 46119
6 MB
7 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3110
t.paypal.com — Cisco Umbrella Rank: 3894
126 KB
5 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 2837
1 KB
4 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
12 KB
4 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 26578 Failed
qoe-1.yottaa.net — Cisco Umbrella Rank: 12022
1 MB
3 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 2940
h64.online-metrix.net — Cisco Umbrella Rank: 2088
w2txo5aa2um4i6norsbn63pfxdyhaoytk74n3326e1f3e94dacc2aa20am1.e.aa.online-metrix.net
795 B
3 bigcontent.io
elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 230074
8 KB
2 cquotient.com
api.cquotient.com — Cisco Umbrella Rank: 41751
518 B
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2807
16 KB
2 px-cloud.net
collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 386330
1 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2418
231 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 653
304 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
24 KB
1 cosmeticcrimal.co.uk
cosmeticcrimal.co.uk
330 B
90 17
Domain Requested by
16 www.elfcosmetics.co.uk 1 redirects www.elfcosmetics.co.uk
cdn-fsly.yottaa.net
13 imgs.signifyd.com www.elfcosmetics.co.uk
imgs.signifyd.com
12 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
www.elfcosmetics.co.uk
8 cdn.media.amplience.net 2 redirects www.elfcosmetics.co.uk
5 www.paypal.com www.elfcosmetics.co.uk
www.paypal.com
5 sdk.iad-05.braze.com cdn-fsly.yottaa.net
4 www.youtube.com www.elfcosmetics.co.uk
3 elfcosmetics.a.bigcontent.io
3 cdn-fsly.yottaa.net www.elfcosmetics.co.uk
2 cdn-scripts.signifyd.com www.elfcosmetics.co.uk
2 api.cquotient.com cdn-fsly.yottaa.net
2 www.paypalobjects.com www.elfcosmetics.co.uk
2 t.paypal.com
2 collector-pxxt4gy2ig.px-cloud.net www.elfcosmetics.co.uk
2 api.ipify.org cdn-fsly.yottaa.net
2 cdn.static.amplience.net www.elfcosmetics.co.uk
1 w2txo5aa2um4i6norsbn63pfxdyhaoytk74n3326e1f3e94dacc2aa20am1.e.aa.online-metrix.net
1 h64.online-metrix.net imgs.signifyd.com
1 h.online-metrix.net imgs.signifyd.com
1 qoe-1.yottaa.net www.elfcosmetics.co.uk
1 geolocation.onetrust.com cdn.cookielaw.org
1 code.jquery.com www.elfcosmetics.co.uk
1 cosmeticcrimal.co.uk 1 redirects
90 23
Subject Issuer Validity Valid
*.elfcosmetics.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2023-09-25 -
2024-10-25		 a year crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-14		 a year crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2023-09-13 -
2024-10-14		 a year crt.sh
sdk.iad-05.braze.com
WE1		 2024-06-17 -
2024-09-15		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
ipify.org
GTS CA 1P5		 2024-05-19 -
2024-08-17		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-15 -
2024-09-13		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-05 -
2024-10-05		 a year crt.sh
*.cquotient.com
Amazon RSA 2048 M02		 2024-03-05 -
2025-04-03		 a year crt.sh
*.bigcontent.io
GeoTrust TLS RSA CA G1		 2024-06-13 -
2025-05-03		 a year crt.sh
cdn-scripts.signifyd.com
Amazon RSA 2048 M02		 2024-06-02 -
2025-06-30		 a year crt.sh
imgs.signifyd.com
Go Daddy Secure Certificate Authority - G2		 2023-10-20 -
2024-11-20		 a year crt.sh
online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2024-03-20 -
2024-10-21		 7 months crt.sh
*.aa.online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2024-03-20 -
2024-10-21		 7 months crt.sh

This page contains 9 frames:

Primary Page: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Frame ID: CEDCB8D279597CB89791FE62974A0EB1
Requests: 70 HTTP requests in this frame

Frame: https://www.youtube.com/embed/bxGKZ6lfJ7A?enablejsapi=1
Frame ID: 6DEFF3D01B91F239DFB8527FFED84AA8
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/rZPCKoUReO0?enablejsapi=1
Frame ID: 89ACD824B1BD14AF148A6E69CB5C3CC4
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.8&integrationType=SDK
Frame ID: 77C99E354F33C4F13FAC217347C7ED91
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 936E7307DBC983F8FC019221C0559ED3
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Frame ID: 39B14032451D9EEA1D4E147A697D1532
Requests: 12 HTTP requests in this frame

Frame: https://imgs.signifyd.com/T69JFdhcVNinFz7_?c03b7334a6b12b31=0w_BRxLolH7Z7q6eCZvpFpXkIX8wLmuV7__NPFL6hv_ds_2CBiegffW3q_MI1mV9tOJuDJxOoTVXRCMHt4SxjZ2vFOL4f9yidgjV0G9t3Ki-KN0CF6wKwpMEDo59Lt6WYNQL-RXsQ55o0x7RFlaMBwezDcUnoBh7_-Ru0A5jQEVBPkncVW31POoSS7aEvJj-CY6WqeiJqa8Kg9LJKWs
Frame ID: E4F5091DB51EA826CA15FA17BD5C2373
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/Q9O9mLiKvPVYS5Vh?85c67e82bbf5932c=OMmm3xHACRw2By2VcABChc2v_yKff9BJoLD6dRnyhHUsJcZm7s5nLyR1K3e8oOnkowHmG_IpGHA0YzGhjacAc63ZUEfngqj85U7pR3y-y6sezJNRuHtpC_SII4HP5bGSjCGCUwCp12utsTT19xtFaAhGYHNftFp-VRgBflnKR4KFQGeZ21zzUMOqnZekptEWb1ezPUQFrrvFX2Qk8No_
Frame ID: 617AB253D643BB7F332D372817B6D0DA
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/c_zvpEbzm4l3kBCo?afdf130c8deb5adc=ThSo6ziPvO8jHtEzZOxUxg7lPDjBBHDnged0387Nt6vVIp_SPMfupPbyP1EJhIs0G35VzSmv0RZ_j48kfzmjWK5jy6xKt3in9NZsScsqqN15amWSNZ9UnCbPNO_9vhQB18rlAZAsDIkRDUHDcKTNZcZCPjjDUIO2HoRMKpfDG5nMHqiLX6S0Z0_shMGlPrDFaYuztfnfTflZcpfetIgV
Frame ID: A86A2CE8260818DA7E17A7C57D848A82
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cosmetic Criminals | e.l.f. Cosmetics

Page URL History Show full URLs

  1. https://cosmeticcrimal.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/elf-cosmetic-criminals Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

92 %
HTTPS

33 %
IPv6

17
Domains

23
Subdomains

24
IPs

4
Countries

8290 kB
Transfer

13985 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cosmeticcrimal.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/elf-cosmetic-criminals Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_CRIMESCENE_VID/mp4_720p HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
Request Chain 21
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_COSMETIC_CRIMINALS_VID/mp4_720p HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
Request Chain 27
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=BHyf1te5sMuFZsmenMQF9VbYdsIyq0M4vWmbXwue_Y8 HTTP 303
  • https://www.elfcosmetics.co.uk/callback?usid=dee60da9-f9ed-41df-a0b4-6767b59b2598&code=DmY2qzkDJouK1KMzr5YetLvnBnaQNPo6D9Pp-8dHKVY

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request elf-cosmetic-criminals
www.elfcosmetics.co.uk/
Redirect Chain
  • https://cosmeticcrimal.co.uk/
  • https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
1 MB
258 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
9283c9f89c84db078d5e3fa235ef7d06b38125fe9d9d398d93bb7b612a4ae88b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
592 592
alt-svc
h3=":443"; ma=86400
cache-control
public, must-revalidate, s-maxage=900
content-encoding
gzip
content-length
262671
content-type
text/html; charset=utf-8
date
Wed, 03 Jul 2024 07:33:38 GMT
etag
W/"f9148-K4XO6SBzVeCCdWC4FRqOkN71F3M"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 fbd2b51fce9ee4f3aa7b93dbbda3d698.cloudfront.net (CloudFront)
x-amz-apigw-id
aUxkQGOGiYcEdug=
x-amz-cf-id
eaNQeDn35nK-xGcpi7Bix2goNftVisSUSk0WTid4Ma0QAZeHvUelsA==
x-amz-cf-pop
FRA56-P8
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
1020232
x-amzn-remapped-date
Wed, 03 Jul 2024 07:23:46 GMT
x-amzn-requestid
adf89e93-7a6f-40c3-a407-a7faf0462ed1
x-amzn-trace-id
Root=1-6684fc81-4c437e6f07e4821c6791ebff;Parent=2bc2817c8038a36e;Sampled=0;lineage=dcd1e669:0
x-cache
Hit from cloudfront
x-yottaa-metrics
36218cae0e3f/[173,126,-] 36D18cae0e64/[-,222.297]
x-yottaa-optimizations
ob/1000000100001000 si/36D18cae0e64-1719861808-8168552243 tts/1717701333621 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-yottaa-os
200

Redirect headers

age
0
content-length
1197
content-type
text/html; charset=utf-8
date
Wed, 03 Jul 2024 07:33:38 GMT
location
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
vary
User-Agent
x-yottaa-fw
fb/100000 tid/658f1e8bd931403bb4ae4864 rid/658f266dd931403bb4ae60ab stid/5ad7b08e2bb0ac0c5ba3d38c
x-yottaa-metrics
23D1cc8d5972/[-,0.391]
x-yottaa-optimizations
ob/0 si/23D1cc8d5972-1719861809-3875257377 tts/1719992018236 ti/0 ai/658f1e8bd931403bb4ae4864
PWT_STORY_HEADER_DESKTOP_BG-min
cdn.media.amplience.net/i/elfcosmetics/ 		630 KB
630 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_BG-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:39 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
yRJzBKeIO,l4p5bDg2e,2orsu9Nt2,k4NPUWi7z
x-req-id
Ao3z_kyC0o
content-length
644728
x-xss-protection
1; mode=block
x-amp-source-height
1249
server
Unknown
x-frame-options
DENY
x-amp-source-width
3199
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
PWT_STORY_HEADER_DESKTOP_CC-min
cdn.media.amplience.net/i/elfcosmetics/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_HEADER_DESKTOP_CC-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:39 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
_R3cYz5Nh,l4p5bDg2e,HwG53bbZp,UyB2-aY-L
x-req-id
ZG8upNM2Z5
content-length
209440
x-xss-protection
1; mode=block
x-amp-source-height
340
server
Unknown
x-frame-options
DENY
x-amp-source-width
800
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 20 Dec 2023 20:47:39 GMT
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin
https://www.elfcosmetics.co.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin
https://www.elfcosmetics.co.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
bxGKZ6lfJ7A
www.youtube.com/embed/ Frame 6DEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/bxGKZ6lfJ7A?enablejsapi=1
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 07:33:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
rZPCKoUReO0
www.youtube.com/embed/ Frame 89AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/rZPCKoUReO0?enablejsapi=1
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 07:33:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
PWT_STORY_SOCIALLISTENING_DESKTOP_5-blurred-min
cdn.media.amplience.net/i/elfcosmetics/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_SOCIALLISTENING_DESKTOP_5-blurred-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
cdbeef0b146607f5137f8f5434eeab8625ee0801da2af33e045528d191e512d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:39 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
u0sanIQHe,l4p5bDg2e,hUXp-ygcH,UyB2-aY-L
x-req-id
Kl3typ3U6T
content-length
2085695
x-xss-protection
1; mode=block
x-amp-source-height
1484
server
Unknown
x-frame-options
DENY
x-amp-source-width
3080
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 03 Jan 2024 21:02:28 GMT
PWT_STORY_DETECTIVES_DESKTOP_6-min
cdn.media.amplience.net/i/elfcosmetics/ 		330 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_DETECTIVES_DESKTOP_6-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
8cb2ac35adc7dee4b051d05a7ffc844c9f61eb67b3ce350a16a552f98ffc4172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:39 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
GBo1upS8Q,l4p5bDg2e,q-jdDBY1E,k4NPUWi7z
x-req-id
E1KwxdNlRN
content-length
338113
x-xss-protection
1; mode=block
x-amp-source-height
1062
server
Unknown
x-frame-options
DENY
x-amp-source-width
2806
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Wed, 27 Dec 2023 17:21:33 GMT
PWT_STORY_ON_THE_CASE_DESKTOP_BTS-min
cdn.media.amplience.net/i/elfcosmetics/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_ON_THE_CASE_DESKTOP_BTS-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
7a0204422805f76d793709204fd52e753cb059e5dd5099e41781499c8072e726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:39 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
IS7PFwzqb,l4p5bDg2e,O8QiTHpoz,k4NPUWi7z
x-req-id
k4feIb5Cph
content-length
184181
x-xss-protection
1; mode=block
x-amp-source-height
1108
server
Unknown
x-frame-options
DENY
x-amp-source-width
1952
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Fri, 29 Dec 2023 07:51:47 GMT
PWT_STORY_CRIME_TAPE_DESKTOP_7-min
cdn.media.amplience.net/i/elfcosmetics/ 		614 KB
614 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/PWT_STORY_CRIME_TAPE_DESKTOP_7-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
37d207a7297589d062c2af128ee513190a9297959cb24c68078f68d64b899c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:39 GMT
x-content-type-options
nosniff
x-amp-srv
A
cache-tag
nmP4-b1_3,l4p5bDg2e,N2xhcEEJW,UyB2-aY-L
x-req-id
x4kpyNmBMy
content-length
628288
x-xss-protection
1; mode=block
x-amp-source-height
525
server
Unknown
x-frame-options
DENY
x-amp-source-width
3200
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
x-amp-published
Thu, 28 Dec 2023 16:15:28 GMT
jquery-3.7.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.slim.min.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4143415
x-cache
HIT, HIT
content-length
24036
x-served-by
cache-lga21942-LGA, cache-fra-etou8220138-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1719992019.162733,VS0,VE0
etag
W/"28feccc0-11278"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
10574, 15093
player_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96e567e55058088bf057ebeb964b202435a2c745a55f49df106fe22f2a9a8e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 03 Jul 2024 07:33:39 GMT
vendor.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/ 		2 MB
627 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
476b949e750bc9bc1e1179523a977db991107d95f9e6ddf9c05212ca6a2b8fb9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:39 GMT
via
1.1 5ce7fb024c7214a6fa0cf9d76b6d6364.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MIA3-P6
age
561014
x-yottaa-optimizations
ob/1100 si/33118cae0c65-1716375621-1029568330 tts/1717701333621 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Miss from cloudfront, HIT
x-amz-meta-deploy
788635
content-length
641173
x-amz-meta-bundle
11487
x-served-by
cache-fra-etou8220029-FRA
x-yottaa-forcecache
true
last-modified
Wed, 26 Jun 2024 19:09:41 GMT
server
AmazonS3
x-timer
S1719992019.178380,VS0,VE1
etag
W/"058d95575651226e2bd30c8130d1afc3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
33218cae0c90/[16,-,1719429002467] 33118cae0c65/[-,143.037]
accept-ranges
bytes
x-amz-cf-id
zjVVT7yn-jLQN5WfaS6WlJ1rvlZt1kwBtUBys5Hi_nhrVkB8pSXtBg==
x-cache-hits
0
main.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/ 		2 MB
495 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/main.js?yocs=y_A_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b592ffae3e4db32ca59f44351815755d85f43b1b03b5f6b75adf0c727ac702c1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:39 GMT
via
1.1 5f686ddb41ef48cff6539e4b9313916a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
ATL58-P7
age
561014
x-yottaa-optimizations
ob/1100 si/33118cae0c60-1716375620-1924348065 tts/1717701333621 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Miss from cloudfront, HIT
x-amz-meta-deploy
788635
content-length
506592
x-amz-meta-bundle
11487
x-served-by
cache-fra-etou8220029-FRA
x-yottaa-forcecache
true
last-modified
Wed, 26 Jun 2024 19:09:41 GMT
server
AmazonS3
x-timer
S1719992019.178535,VS0,VE1
etag
W/"8c51dd91aa8f1871d93dc849dc2fe170"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
33218cae0ce7/[15,-,1719429002229] 33118cae0c60/[-,101.735]
accept-ranges
bytes
x-amz-cf-id
QGcGlHgKux5HM0mZKc-VdvHKFtutg2c4OZuQbQxdurhWMlFs51PW5A==
x-cache-hits
0
pages-product-list-product-list-page.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/pages-product-list-product-list-page.js?yocs=y_A_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad3ed177f053d775094fa0ad440fd4f6baf970be9af3b38b62e734dd4ab99ecd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:39 GMT
via
1.1 c63140c3859a31aa195816b9d66d1f2c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P8
age
562808
x-yottaa-optimizations
ob/1100 si/36118cae0e21-1706737520-146888380 tts/1717701333621 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
788635
content-length
12021
x-amz-meta-bundle
11487
x-served-by
cache-fra-etou8220029-FRA
x-yottaa-forcecache
true
last-modified
Wed, 26 Jun 2024 19:09:41 GMT
server
AmazonS3
x-timer
S1719992019.178521,VS0,VE1
etag
W/"7dd1da4a4d22b501dfa87b3b982ad860"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e2b/[3,-,1719430817167] 36118cae0e21/[-,6.129]
accept-ranges
bytes
x-amz-cf-id
wC6wDS6frYkzrPdnWfjr3QoqTSRWPgLq3iFzjfWsMz23EKbHYkmRqQ==
x-cache-hits
0
8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_CRIMESCENE_VID/mp4_720p
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Server
2a02:26f0:480:1a::5f65:6f9f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b3efc48717edad187198d0a608a3b3a8195f0e5b6b6b41f27b78824796cbd61e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Jul 2024 07:33:40 GMT
last-modified
Fri, 22 Dec 2023 15:50:27 GMT
etag
"dd3676819bd88a250c875a11e38c307d"
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1060947/1060948
x-amp-srv
A
accept-ranges
bytes
x-amp-route
ak-s1
Content-Length
1060948

Redirect headers

date
Wed, 03 Jul 2024 07:33:39 GMT
x-content-type-options
nosniff
server
Unknown
x-frame-options
DENY
x-amp-srv
A
cache-tag
cwqJ5_ux1,l4p5bDg2e,bgWw7nQ29
access-control-allow-origin
*
location
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_crimescene_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/8dfa5d11-77b7-4333-9d42-c08b194a927c.mp4
content-type
text/html; charset=UTF-8
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/PWT_STORY_COSMETIC_CRIMINALS_VID/mp4_720p
  • https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Server
2a02:26f0:480:1a::5f65:6f9f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ae7d857dd8d096a5198b1e8280de9f929ca88d690e445731b6ffdffbf2b8383

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Jul 2024 07:33:40 GMT
last-modified
Fri, 22 Dec 2023 17:43:50 GMT
etag
"91a2cbc7ca143aac79d0312d84bb77fb"
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1262366/1262367
x-amp-srv
A
accept-ranges
bytes
x-amp-route
ak-s1
Content-Length
1262367

Redirect headers

date
Wed, 03 Jul 2024 07:33:39 GMT
x-content-type-options
nosniff
server
Unknown
x-frame-options
DENY
x-amp-srv
A
cache-tag
MXIqwDdh-,l4p5bDg2e,fH6Lo3_5e
access-control-allow-origin
*
location
https://cdn.static.amplience.net/elfcosmetics/_vid/pwt_story_cosmetic_criminals_vid/0171df9d-95f8-4fdc-8266-8ebb30d7ebca/video/c5334fb2-6c51-41eb-8d3b-28107083bcd2.mp4
content-type
text/html; charset=UTF-8
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
89d530526fe1974d-FRA
content-encoding
gzip
date
Wed, 03 Jul 2024 07:33:41 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/main.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ceCldLDyZN6bSQL6yyKLMg==
age
44159
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Mon, 01 Jul 2024 16:41:58 GMT
server
cloudflare
etag
0x8DC99ECB953503A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b3b66eb3-701e-0008-02df-cb88f9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89d53050de4c9bef-FRA
expires
Wed, 03 Jul 2024 19:17:41 GMT
/
api.ipify.org/ 		23 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9305a9837e928cadbef9e8c346b14d119655c66627b142b026899e796208f020

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
89d5305129a59070-FRA
content-length
23
/
api.ipify.org/ 		23 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9305a9837e928cadbef9e8c346b14d119655c66627b142b026899e796208f020

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
89d53051fa779070-FRA
content-length
23
/
sdk.iad-05.braze.com/api/v3/data/ 		565 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6358ac8e642a7762e35323efaa05c8cbf8dd50bbf2cad44e39303de79eecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
Referer
https://www.elfcosmetics.co.uk/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-Req-Attempt
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
cdb2dcb4-bb81-498c-809a-77c7c4be12bd
x-runtime
0.193512
server
cloudflare
etag
W/"c8d6358ac8e642a7762e35323efaa05c"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1719992022
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
89d53053f9b8974d-FRA
x-ratelimit-remaining
499.0
callback
www.elfcosmetics.co.uk/
Redirect Chain
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client...
  • https://www.elfcosmetics.co.uk/callback?usid=dee60da9-f9ed-41df-a0b4-6767b59b2598&code=DmY2qzkDJouK1KMzr5YetLvnBnaQNPo6D9Pp-8dHKVY
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/callback?usid=dee60da9-f9ed-41df-a0b4-6767b59b2598&code=DmY2qzkDJouK1KMzr5YetLvnBnaQNPo6D9Pp-8dHKVY
Protocol
H2
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Jul 2024 07:33:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
x-amz-cf-pop
FRA56-P8
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
84da3285-5adb-4fdd-909d-667aaf5cd4ba
x-yottaa-optimizations
ob/1000 si/36D18cae0e64-1719861808-8168552458 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
aUzBcEsWiYcEJ4g=
content-length
0
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-6684fed5-083511824be7de4644324018;Parent=442c30e1650a2bcc;Sampled=0;lineage=dcd1e669:0
content-type
application/json
cache-control
public, max-age=604800
x-yottaa-os
200
x-yottaa-metrics
36218cae0e41/[274,272,-] 36D18cae0e64/[-,275.962]
x-amzn-remapped-date
Wed, 03 Jul 2024 07:33:41 GMT
x-amz-cf-id
Kh6kckT8uqfzuuriSSTgXggsmc_pL0-Au5IeQI7nlIXeONP0DKkJdA==

Redirect headers

date
Wed, 03 Jul 2024 07:33:41 GMT
x-correlation-id
89d530567c04bb5b
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P8
age
0
x-yottaa-optimizations
ob/0 si/36D18cae0e64-1719861808-8168552435 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-ratelimit-1m-remaining
23215, 1959735
x-ratelimit-1m-reset
18417, 18416
x-ratelimit-1m-limit
24000, 2000000
vary
Accept-Encoding
location
https://www.elfcosmetics.co.uk/callback?usid=dee60da9-f9ed-41df-a0b4-6767b59b2598&code=DmY2qzkDJouK1KMzr5YetLvnBnaQNPo6D9Pp-8dHKVY
cache-control
no-store
x-yottaa-os
303
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=BHyf1te5sMuFZsmenMQF9VbYdsIyq0M4vWmbXwue_Y8
x-yottaa-metrics
36218cae0e37/[180,176,-] 36D18cae0e64/[-,180.785]
cf-ray
89d530567c04bb5b-FRA
x-amz-cf-id
qwgSnC-APXKWsU8FSWPaSNBlnZMWaWMqVncxb2tsV1FKKAUN8SHorQ==
25840211-e69f-428e-bb3b-0787cffdf0e8.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/25840211-e69f-428e-bb3b-0787cffdf0e8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949062629321267f5e4f5d183435ab758ad7898afe2b31dc262b6b164167ffa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
46127
content-md5
FgAuBFiP8zSeAA1ZcGm5bQ==
content-length
1495
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 17:32:15 GMT
server
cloudflare
etag
0x8DADD2FFA203B7A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d7cb1765-a01e-007b-7c64-817b1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89d530538c88bbd1-FRA
expires
Thu, 04 Jul 2024 07:33:41 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept
application/json
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
89d5305479b32c5b-FRA
access-control-allow-headers
Content-Type
init.js
www.elfcosmetics.co.uk/XT4Gy2ig/ 		169 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e85bc1a5fdd198d397940696c708af9935c2fa30899f49dfece575a393d9efe1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:41 GMT
content-encoding
gzip
etag
"2a2f7-py5bWZIAV1ZJ8G5NULDmZsQfgi8"
active-cdn
Akamai
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
x-yottaa-metrics
36D18cae0e64/[-,3.487]
x-px-hash
NmQyYTllODc4YWI3YTAxNDY4Y2YzN2JkYjM5NmI2YjRjZDJkMjZjNzk3MThhY2Q4NjM0MmMwYzQ5YjZjZTM2NA==
x-yottaa-optimizations
ob/0 si/36D18cae0e64-1719861808-8168552422 tts/1719992021202 ti/0 ai/5dbb1b434f1bbf5af87e10a5
favicon.ico
www.elfcosmetics.co.uk/ 		34 KB
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:41 GMT
via
1.1 964525de46241eae6ff9f5fb91498662.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
34494
x-amz-cf-pop
FRA56-P8
age
174, 174
x-amzn-remapped-connection
close
x-amzn-requestid
efb08177-b5a2-4e39-bfc8-7d4bc7cd5cf9
x-yottaa-optimizations
ob/100 si/36D18cae0e64-1719861808-8168552421 tts/1717701333621 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront
x-amz-apigw-id
aPG4CGikCYcENyg=
content-length
34494
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 01 Jul 2024 14:05:40 GMT
x-amzn-trace-id
Root=1-6682b833-4131fbb474e22b944bf2abf2;Parent=2d52d2eeb55ad741;Sampled=0;lineage=dcd1e669:0
etag
W/"86be-1906e9d9720"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=600, s-maxage=600
x-yottaa-metrics
36218cae0e42/[2,-,1719991836714] 36D18cae0e64/[-,3.896]
accept-ranges
bytes
x-amzn-remapped-date
Mon, 01 Jul 2024 14:07:47 GMT
x-amz-cf-id
H4saJEmgWznTNw6DPuBD60MwwEt-51QTwx6jkHFPd59erYWHno2zAA==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202211.2.0/ 		383 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uPFqyxtrxGqJsyAvB7RnSg==
age
53339
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
93482
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:45 GMT
server
cloudflare
etag
0x8DADC66BDFA5EC7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a5ea234d-301e-0069-6d88-1700cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89d53054ebe99bef-FRA
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		560 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
c675787ea44b5cc6f0bff46e782787da45478b0ebce5e9bc1919d4358972c9bd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 03 Jul 2024 07:33:40 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
560
event
qoe-1.yottaa.net/log-nt/ 		3 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/log-nt/event
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.2.133.196 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Jul 2024 07:33:41 GMT
access-control-expose-headers
X-Results-Data-Source
access-control-allow-credentials
true
cache-control
no-cache
timing-allow-origin
*
content-type
text/json
www-widgetapi.js
www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7a4d3c6bbb813b80afb47a45e75320ff14b02e65ad1ca740d62bcbfb646f2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 05:38:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
6902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10362
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 04:25:50 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 03 Jul 2025 05:38:39 GMT
js
www.paypal.com/sdk/ 		424 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
232d958be1f93d665a6f81f43f1beaa4a1c948166e299c40eef27cd947e5460b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vQAocihsLASypErc/gPE6X0tUw6uxYcRacucfIsV0jEK7jN8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vQAocihsLASypErc/gPE6X0tUw6uxYcRacucfIsV0jEK7jN8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vQAocihsLASypErc/gPE6X0tUw6uxYcRacucfIsV0jEK7jN8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vQAocihsLASypErc/gPE6X0tUw6uxYcRacucfIsV0jEK7jN8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Wed, 03 Jul 2024 07:33:41 GMT
age
1668
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f6693153397e1
server-timing
"traceparent;desc="00-0000000000000000000f6693153397e1-fcf545646a7653fd-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
119476
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220125-FRA, cache-fra-etou8220125-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f6693153397e1-acd0d6cf97a6e921-01
x-timer
S1719992021.416168,VS0,VE5
etag
W/"1d2b4-UENgwWFdn561sjp6wJfXtwcRDK8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
en.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/6e10e834-96b1-4572-80d7-3109ba160fd7/ 		73 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/6e10e834-96b1-4572-80d7-3109ba160fd7/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71bd66530457656271aa253073fb867cdc9068586f7af54e341667687162909e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
36134
content-md5
FVTe+XzL+4tWjb2VPxjyIQ==
content-length
15363
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 17:32:16 GMT
server
cloudflare
etag
0x8DADD2FFAAA3EC3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
73e8b48e-b01e-0058-5103-24e1dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89d530555e58bbd1-FRA
expires
Thu, 04 Jul 2024 07:33:41 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		399 KB
57 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8342f325a700855345d382ebc39015d5e341788808771faba4535272dee58db3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
GVx4utLN4F+Cdcl/0TlZZQ==
age
86000
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
58164
x-ms-lease-status
unlocked
last-modified
Tue, 02 Jul 2024 02:16:57 GMT
server
cloudflare
etag
0x8DC9A3D0C5EE9D5
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1a7895ac-d01e-00a4-2837-cca96e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89d530555e5cbbd1-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/202211.2.0/ 		68 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/otTCF.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jNSx0jAViofB7ggqqp6FUQ==
age
47513
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15011
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:44 GMT
server
cloudflare
etag
0x8DADC66BD0C2AD7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e8c255f1-801e-001e-27e6-1dd55b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89d530555c979bef-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vO8A/abKpoPacUrvSk9OSw==
age
71884
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:35 GMT
server
cloudflare
etag
0x8DADC66B7AF38D0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
716fea89-301e-0069-5c71-2200cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89d530562f2fbbd1-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ 		61 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
mBGnk7IXt0USbYmXZQhmOw==
age
52527
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12540
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:37 GMT
server
cloudflare
etag
0x8DADC66B90C98A8
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9d14a6e7-501e-0032-2e08-7c39f4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89d530562f30bbd1-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
age
20725
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
9de2d930-b01e-0005-6a4e-79eb58000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
89d530562f31bbd1-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
11878
x-ms-lease-status
unlocked
last-modified
Mon, 01 Jul 2024 16:41:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ff3564a4-701e-002a-6538-cce6cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
89d53056cfc0bbd1-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
57537
content-length
4036
x-ms-lease-status
unlocked
last-modified
Mon, 01 Jul 2024 16:42:00 GMT
server
cloudflare
etag
0x8DC99ECBAD92572
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c2daf6a8-e01e-008e-231f-ccdc2b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89d53056eefd9bef-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 07:33:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
10893
x-ms-lease-status
unlocked
last-modified
Mon, 01 Jul 2024 16:42:00 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e76637f2-501e-00d8-42e9-cb345b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
89d53056ef039bef-FRA
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9e674d2d175ec98c10e315eb4e42be7daf393e47eabdca5f12e90464095677b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Braze-Req-Tokens-Remaining
29
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
7200000
BRAZE-SYNC-RETRY-COUNT
0
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
X-Braze-Req-Attempt
1
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
68eb41ec-ee75-4158-b8e2-27988b2b9c3e
x-runtime
0.078025
server
cloudflare
etag
W/"c9e674d2d175ec98c10e315eb4e42be7"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1719992022
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
89d530582f3a974d-FRA
x-ratelimit-remaining
498.0
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
89d53056ed9c974d-FRA
content-encoding
gzip
date
Wed, 03 Jul 2024 07:33:41 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
init.js
www.elfcosmetics.co.uk/XT4Gy2ig/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:41 GMT
content-encoding
gzip
etag
"2a2f7-py5bWZIAV1ZJ8G5NULDmZsQfgi8"
active-cdn
Akamai
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
x-yottaa-metrics
36D18cae0e64/[-,3.487]
x-px-hash
NmQyYTllODc4YWI3YTAxNDY4Y2YzN2JkYjM5NmI2YjRjZDJkMjZjNzk3MThhY2Q4NjM0MmMwYzQ5YjZjZTM2NA==
x-yottaa-optimizations
ob/0 si/36D18cae0e64-1719861808-8168552422 tts/1719992021202 ti/0 ai/5dbb1b434f1bbf5af87e10a5
local
www.paypal.com/credit-presentment/experiments/ Frame 77C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.8&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
37972
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1523
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Wed, 03 Jul 2024 07:33:41 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-lyP2svSeyVrrMGji7NHBwFauTSI"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f572730b9ceef
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f572730b9ceef-4ae7158028caa6db-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f572730b9ceef-3a8d3cd135d613d5-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
5765, 0
x-served-by
cache-fra-etou8220060-FRA, cache-fra-etou8220060-FRA
x-timer
S1719992022.774758,VS0,VE6
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.co.uk&t=xo&v=5.0.448&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
643de71a52d453c86d20c179b56521d297b1f6e0150c3148fe91e5cfc47be448
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-aaHncCGr1fx48Qn3y9EzgO7Htg2LJMqDnRmzlWyH3wFBLh2i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-aaHncCGr1fx48Qn3y9EzgO7Htg2LJMqDnRmzlWyH3wFBLh2i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jul 2024 07:33:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
27170
x-cache
HIT, MISS
paypal-debug-id
f759853ec3c02
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4796
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220125-FRA, cache-fra-etou8220125-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f759853ec3c02-df9ec78e27e7b21b-01
x-timer
S1719992022.699457,VS0,VE5
etag
W/"3694-Z2bSD+8RTC1X4NlK7N0bEw+W6sE"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ 		1019 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a7b72545a973826f0ff32f17d50f44d85654a00bd4022c43400d77dc6359f3b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.elfcosmetics.co.uk/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:42 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f624161e60b80
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-etou8220034-FRA, cache-fra-etou8220034-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f624161e60b80-31a0978ecbf43366-01
x-timer
S1719992022.995463,VS0,VE202
etag
W/"3fb-GTCM3eVONc0Q8HiHIZbY7DidQKs"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Wed, 03 Jul 2024 07:33:41 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f6241616032ca
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f6241616032ca-2abebb2559da6a90-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220034-FRA, cache-fra-etou8220034-FRA
x-timer
S1719992022.795205,VS0,VE166
ts
t.paypal.com/ 		42 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Cosmetic%20Criminals%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1719992021740&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 03 Jul 2024 07:33:42 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
bcc22360ea718
server-timing
"traceparent;desc="00-0000000000000000000bcc22360ea718-414499b6b9031d22-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220103-FRA
pragma
no-cache
correlation-id
bcc22360ea718
traceparent
00-0000000000000000000bcc22360ea718-2a7d24f51d6ae96c-01
x-timer
S1719992022.879752,VS0,VE158
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jul 2024 07:33:41 GMT
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:42 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
log-origin
shield=SJC,src_ip=157.52.96.131,alternate_path=0,ip=157.52.96.81,port=443,name=shield_ssl_cache_sjc10081_SJC,status=200,reason=OK,method=GET,url="/muse/muse.js",host=www.paypalobjects.com
strict-transport-security
max-age=31557600
log-timing
fetch=178261,misspass=93,do_stream=0
x-cache
HIT, HIT
paypal-debug-id
3fd9c4a83a728
dc
ccg11-origin-www-1.paypal.com
content-length
15742
x-served-by
cache-sjc10081-SJC, cache-fra-etou8220144-FRA
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
traceparent
00-00000000000000000003fd9c4a83a728-6a5561e0f3f2e3ff-01
x-timer
S1719992022.029168,VS0,VE0
etag
W/"64f25363-daa8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
9, 17650
token
www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
4af4c0acd57b3ad4e550872ec8965b9bd376f1ee10628bd4f9552c3ebb6077ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:42 GMT
content-encoding
gzip
x-correlation-id
89d53059fd763668
cf-cache-status
DYNAMIC
via
1.1 ebc0709f2918acef5e26208dffcb618c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P8
age
0
x-yottaa-optimizations
ob/1000 si/36D18cae0e64-1719861808-8168552471 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-ratelimit-1m-remaining
23202, 1959175
x-ratelimit-1m-reset
17861, 17860
vary
Accept-Encoding, User-Agent
x-ratelimit-1m-limit
24000, 2000000
content-type
application/json
cache-control
no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics
36218cae0e2a/[171,170,-] 36D18cae0e64/[-,171.635]
cf-ray
89d53059fd763668-FRA
x-amz-cf-id
gm8cVdouQnHAYH93cYymuesFo8uguKCDfgb9fy03iJ9BOTFFXH9OmA==
index.html
www.paypalobjects.com/muse/analytics/ Frame 936E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16754
content-type
text/html
date
Wed, 03 Jul 2024 07:33:42 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc+gzip"
expires
Wed, 03 Jul 2024 08:33:42 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
f1b23341c247c
server
ECAcc (frc/4CBF)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000f1b23341c247c-2b366c754d07898c-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
sessions
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/sessions
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmRlZTYwZGE5LWY5ZWQtNDFkZi1hMGI0LTY3NjdiNTliMjU5OCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTk5OTE5OTIsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFkeGV0SmxIYUl3cklSeEhKSnhiWVlrdXBLOjpjaGlkOiAiLCJleHAiOjE3MTk5OTM4MjIsImlhdCI6MTcxOTk5MjAyMiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzNDc4NTYwMjQ5MjkyMzMxMCJ9.937bKdjxge3gDK5bZNGEb1o5_HnR6hoe4ZCjuxWhs-f7j30Li_cSek0bayFP_7fE3BMo0iC4uH8IifSziZRblw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:42 GMT
via
1.1 a96420fb093cd21d1dea3700ef4d43ca.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA56-P8
age
0
x-yottaa-optimizations
ob/0 si/36D18cae0e64-1719861808-8168552477 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
allow
OPTIONS,POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
36218cae0e31/[427,426,-] 36D18cae0e64/[-,428.919]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/sessions
accept-ranges
bytes
cf-ray
89d5305b8ec6361d-FRA
x-dw-request-base-id
fJQr9db-hGYBAAB_
x-amz-cf-id
u9CErUnasuk0Thl27v6FqkUeqxZZa7Dxkl3XiHR6pnCoDEyGlp4x4Q==
x-yottaa-os
204
expires
Thu, 01 Dec 1994 16:00:00 GMT
shoppercontext
www.elfcosmetics.co.uk/api/v1/ 		57 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/api/v1/shoppercontext?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmRlZTYwZGE5LWY5ZWQtNDFkZi1hMGI0LTY3NjdiNTliMjU5OCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTk5OTE5OTIsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFkeGV0SmxIYUl3cklSeEhKSnhiWVlrdXBLOjpjaGlkOiAiLCJleHAiOjE3MTk5OTM4MjIsImlhdCI6MTcxOTk5MjAyMiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzNDc4NTYwMjQ5MjkyMzMxMCJ9.937bKdjxge3gDK5bZNGEb1o5_HnR6hoe4ZCjuxWhs-f7j30Li_cSek0bayFP_7fE3BMo0iC4uH8IifSziZRblw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 ebc0709f2918acef5e26208dffcb618c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
57
content-encoding
gzip
x-amz-cf-pop
FRA56-P8
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
9e06d2b8-fee0-4d1c-840c-c9d8d2fa893f
x-yottaa-optimizations
ob/1000 si/36D18cae0e64-1719861808-8168552479 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
aUzBiFA2CYcENeg=
content-length
79
alt-svc
h3=":443"; ma=86400
etag
W/"39-LgPw152VfElAKHYfDt/MyAcU00g"
x-amzn-trace-id
Root=1-6684fed6-4d39e2ce6c5c97c4279539e7;Parent=2fe3788c26e8a3bb;Sampled=0;lineage=dcd1e669:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
36218cae0e2f/[810,808,-] 36D18cae0e64/[-,811.796]
x-amzn-remapped-date
Wed, 03 Jul 2024 07:33:42 GMT
x-amz-cf-id
3IUlL783lFjBbyxITZej9xxDBIYWCTpRuvGfIDvBxYJ_4M9GS7cokg==
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc422568cbffdf24548d9a57cb92c391f5c99129fe191c9afcb692030556612f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Braze-Req-Tokens-Remaining
28
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Last-Req-Ms-Ago
664
BRAZE-SYNC-RETRY-COUNT
0
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
X-Braze-Req-Attempt
1
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
d6119047-9bf3-43ef-bb14-2a1f634bdf6b
x-runtime
0.056738
server
cloudflare
etag
W/"dc422568cbffdf24548d9a57cb92c391"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1719992025
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
89d5305b1b85974d-FRA
x-ratelimit-remaining
499.0
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.27
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:43 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
x-yottaa-optimizations
ob/1000 si/36D18cae0e64-1719861808-8168552485 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.27
x-yottaa-metrics
36218cae0e38/[509,509,-] 36D18cae0e64/[-,511.505]
cf-ray
89d5305dbdc59b77-FRA
x-dw-request-base-id
fJQ89db-hGYBAAB_
x-amz-cf-id
mQAwWhTM5yX6NaDuCuTV44Bvbklx2R6yK5yxE7msDjIF3wS40PD63w==
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.27
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:43 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
x-yottaa-optimizations
ob/1000 si/36D18cae0e64-1719861808-8168552497 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=217.114.218.27
x-yottaa-metrics
36218cae0e44/[489,488,-] 36D18cae0e64/[-,490.176]
cf-ray
89d5306158879b5b-FRA
x-dw-request-base-id
cD39JNf-hGYBAAB_
x-amz-cf-id
RHjGlkGjSLX6WxPrgDF-UWM6mPxOdBjKleMnV3AC-9-Nu8LhJEkG5w==
baskets
www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/adxetJlHaIwrIRxHJJxbYYkupK/ 		11 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/adxetJlHaIwrIRxHJJxbYYkupK/baskets?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmRlZTYwZGE5LWY5ZWQtNDFkZi1hMGI0LTY3NjdiNTliMjU5OCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTk5OTE5OTIsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFkeGV0SmxIYUl3cklSeEhKSnhiWVlrdXBLOjpjaGlkOiAiLCJleHAiOjE3MTk5OTM4MjIsImlhdCI6MTcxOTk5MjAyMiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzNDc4NTYwMjQ5MjkyMzMxMCJ9.937bKdjxge3gDK5bZNGEb1o5_HnR6hoe4ZCjuxWhs-f7j30Li_cSek0bayFP_7fE3BMo0iC4uH8IifSziZRblw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:42 GMT
sfdc_customization
HOOK
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
89d5305daf56360f
x-content-type-options
nosniff
via
1.1 964525de46241eae6ff9f5fb91498662.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
x-yottaa-optimizations
ob/1000 si/36D18cae0e64-1719861808-8168552486 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
content-length
37
allow
GET,HEAD,OPTIONS
x-ratelimit-remaining
999
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
sfdc_load
2
cache-control
max-age=0,no-cache,no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/adxetJlHaIwrIRxHJJxbYYkupK/baskets?siteId=elf-eu
x-ratelimit-limit
99999
accept-ranges
bytes
cf-ray
89d5305daf56360f-FRA
x-amz-cf-id
iFpDw6Pj4d009CH3ONQGsmgUX3S-H66tdDt8GS23SQUT-pEXd7l5Fg==
x-yottaa-metrics
36218cae0e39/[187,184,-] 36D18cae0e64/[-,188.337]
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ 		98 B
518 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/main.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.49.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-49-69.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
d4520ba87a086f31f3b0b2f5ab4a0098a277a9177601aec6819edc5368cf2c29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-cq-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.elfcosmetics.co.uk/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:42 GMT
strict-transport-security
max-age=15552000; includeSubdomains
server
envoy
etag
W/"62-URFSYo3mof2AdwbPNxi2csZoEUU"
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
content-length
98
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		600 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ee974c3270b492784ec11a1c620ea7cac3c204bb3e859a809538d952d9118edc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 03 Jul 2024 07:33:41 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.49.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-49-69.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cq-client-id
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type, x-cq-tenant, x-cq-client-id
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
content-length
0
date
Wed, 03 Jul 2024 07:33:42 GMT
server
envoy
strict-transport-security
max-age=15552000; includeSubdomains
x-envoy-upstream-service-time
1
ts
t.paypal.com/ 		42 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Cosmetic%20Criminals%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1719992022780&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 03 Jul 2024 07:33:42 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
eca913ce890d4
server-timing
"traceparent;desc="00-0000000000000000000eca913ce890d4-1cfc691997cc8d00-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220103-FRA
pragma
no-cache
correlation-id
eca913ce890d4
traceparent
00-0000000000000000000eca913ce890d4-94d38b7ca69ff79d-01
x-timer
S1719992023.823983,VS0,VE158
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jul 2024 07:33:42 GMT
baskets
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/baskets
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
7f7edbb933aad0fcd56c66c1a08997e6fe14bf6b9acad4a08bc40c51a62d84ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmRlZTYwZGE5LWY5ZWQtNDFkZi1hMGI0LTY3NjdiNTliMjU5OCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTk5OTE5OTIsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFkeGV0SmxIYUl3cklSeEhKSnhiWVlrdXBLOjpjaGlkOiAiLCJleHAiOjE3MTk5OTM4MjIsImlhdCI6MTcxOTk5MjAyMiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzNDc4NTYwMjQ5MjkyMzMxMCJ9.937bKdjxge3gDK5bZNGEb1o5_HnR6hoe4ZCjuxWhs-f7j30Li_cSek0bayFP_7fE3BMo0iC4uH8IifSziZRblw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:43 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
0
x-yottaa-optimizations
ob/1000 si/36D18cae0e64-1719861808-8168552492 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
content-encoding
gzip
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
985
pragma
no-cache
etag
fe12de4d4dae29b1b525bf425d9bbdba9b2977837efb8ac86adbae38a70fb837
allow
OPTIONS,POST
content-type
application/json;charset=UTF-8
x-dw-resource-state
fe12de4d4dae29b1b525bf425d9bbdba9b2977837efb8ac86adbae38a70fb837
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
36218cae0e3e/[487,486,-] 36D18cae0e64/[-,489.166]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/baskets
accept-ranges
bytes
cf-ray
89d5305f2cf62c2d-FRA
x-dw-request-base-id
cD35JNf-hGYBAAB_
x-amz-cf-id
6ZnWYtYiRKfPv1KN6-vEEy62_uZgArxS8r3XepAqkRkW3dUjw6SlSA==
x-yottaa-os
200
expires
Thu, 01 Dec 1994 16:00:00 GMT
NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::210:6e08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Wed, 03 Jul 2024 07:33:43 GMT
server
Unknown
x-amz-server-side-encryption
AES256
x-amp-srv
A
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
5378
icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::210:6e08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 03 Jul 2024 07:33:43 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
996
icon-noun-drop-1235517%201
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%203x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::210:6e08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
f366287eaa5627dc7ee48d1fcb79d20bceae8238ee2f1dd772f059685fe9c799

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 03 Jul 2024 07:33:43 GMT
server
Unknown
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
x-amp-srv
A
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
838
300240
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/products/ 		50 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/products/300240?siteId=elf-eu&locale=en-GB&currency=GBP&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
61d2cbdaf515aff45d84b2584d6f4607f43dc18e96ac9638a846ad8c4e16d53b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
cache-control
no-cache
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:43 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
via
1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
x-yottaa-optimizations
ob/1000 si/36D18cae0e64-1719861808-8168552501 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 03 Jul 2024 07:33:43 GMT
allow
GET,HEAD,OPTIONS
vary
accept-encoding
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/products/300240?siteId=elf-eu&locale=en-GB&currency=GBP&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
x-yottaa-metrics
36218cae0e47/[229,229,-] 36D18cae0e64/[-,231.901]
cf-ray
89d530626d069202-FRA
x-dw-request-base-id
fJRK9df-hGYBAAB_
x-amz-cf-id
J3ZKOgiqeL8Tir--QWvDM-ZrxWFr1ScLQEb7UfM74dRS7R4_CKgF1g==
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/11487/static/img/flag-icons/ 		717 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/11487/static/img/flag-icons/gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:43 GMT
via
1.1 fbd2b51fce9ee4f3aa7b93dbbda3d698.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P8
age
562936
x-yottaa-optimizations
ob/1001 si/36D18cae0e64-1719430892-5649218685 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
788635
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
11487
x-yottaa-forcecache
true
last-modified
Wed, 26 Jun 2024 19:09:42 GMT
etag
"9ba7f940f3ca3c659f2d9f4040b10dfc"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
36218cae0e3a/[6,3,-] 36D18cae0e64/[hit]
x-amz-cf-id
kEFzfB7wsm5CQ_C8M2Ydvg4yLusV_j4RRgqMvzwrIv7hjVBtYLWSMw==
promotions
www.elfcosmetics.co.uk/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-eu&ids=2024-07-gwp-%C2%A335&locale=en-GB
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1f1709a7e0699fcb1399dee1cf1db08158f5873123be9d0b2bf365404b57a62f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmRlZTYwZGE5LWY5ZWQtNDFkZi1hMGI0LTY3NjdiNTliMjU5OCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTk5OTE5OTIsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFkeGV0SmxIYUl3cklSeEhKSnhiWVlrdXBLOjpjaGlkOiAiLCJleHAiOjE3MTk5OTM4MjIsImlhdCI6MTcxOTk5MjAyMiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzNDc4NTYwMjQ5MjkyMzMxMCJ9.937bKdjxge3gDK5bZNGEb1o5_HnR6hoe4ZCjuxWhs-f7j30Li_cSek0bayFP_7fE3BMo0iC4uH8IifSziZRblw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:33:43 GMT
content-encoding
gzip
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
89d5306429e11c11
x-content-type-options
nosniff
via
1.1 83f37b03194be210134265ef78592588.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
x-yottaa-optimizations
ob/1000 si/36D18cae0e64-1719861808-8168552507 tts/1717701300585 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
vary
accept-encoding
content-type
application/json;charset=UTF-8
x-ratelimit-remaining
999
sfdc_load
2
cache-control
private,max-age=43
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-eu&ids=2024-07-gwp-%C2%A335&locale=en-GB
x-ratelimit-limit
99999
accept-ranges
bytes
cf-ray
89d5306429e11c11-FRA
x-amz-cf-id
CROn1hyLNztXMdNTOyFe65kX3X8_nzbIX1fimJnuoW8diV4NWk5INg==
x-yottaa-metrics
36218cae0e28/[175,172,-] 36D18cae0e64/[-,176.291]
script-tag.js
cdn-scripts.signifyd.com/api/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:17:48 GMT
content-encoding
gzip
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
last-modified
Tue, 23 Apr 2024 14:51:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
956
x-amz-server-side-encryption
AES256
etag
W/"73ca6f23f3e08738233832c7a7a0c30c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
9mFGZWrNw31malpbl3e6Y81USgaCwwa-uUAg2Tb28lrkviXLRBASSw==
company_toolkit.js
cdn-scripts.signifyd.com/api/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 07:14:06 GMT
content-encoding
gzip
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
last-modified
Tue, 30 May 2023 10:18:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
1178
x-amz-server-side-encryption
AES256
etag
W/"2c3950f122b3977df61b0e077aaa92c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
gkVy2RFKQnegtO6hcSrhXpp1FTfXpjxk8L-fYcNrRmE9VOxz5qi0tg==
f6us2zliyhnvfslc.js
imgs.signifyd.com/ 		96 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/f6us2zliyhnvfslc.js?asb8ymlcnjhns39i=w2txo5aa&xkwftpo36bmptuid=LzZmMjVkYjVjZDdlZjgzYWYzZTE3YThiYzZi
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
34edceb5fa1a0cfac62f09450fd9a59702814377c792663fa4b0bbaf9e3e2163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP=IVAa PSAa
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
iPd0fQsqTK7c-u6H
imgs.signifyd.com/ Frame 39B1 		301 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/f6us2zliyhnvfslc.js?asb8ymlcnjhns39i=w2txo5aa&xkwftpo36bmptuid=LzZmMjVkYjVjZDdlZjgzYWYzZTE3YThiYzZi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
81902456f579251511c17c683fc64f727bcf665655d50ee6fa7949b3cea3b1ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
e1f3e94dacc2aa20
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
lwhEik9SMxn8i_ap
imgs.signifyd.com/ Frame 39B1 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/lwhEik9SMxn8i_ap?0db35fac3edecf4c=QrYwqN2djGVOeHiU7E_QzBGtFOK6ZFlV_AxQsg4dfQS7BR0cAo11-e3CjWSqbRk_MGyb3KwMjHgqiN_iggTEtJ83x-7bcby8PX9rXZzcrlCVvkHwiJotyseLMVe4nPYQhTufJbobBT_fNkj1_wTuAuluJ6PyY5EJGvWY7OE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
GKWCQ6coTl9miEds
imgs.signifyd.com/ Frame 39B1 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/GKWCQ6coTl9miEds?c0eb061ecf88179f=62OnjvhxpQvhiK9K6lV25y5rp8ChS28kLw1gQ0VU8lD0NUb610gkhmdxkA67I9F2z64VBUjYATkp-AZNTNATqE5QRc7M67i4fzMF_OX-LSjWvp6sGAkQf7tCa9RHgB2kIZrYwQQZhz9lWrKADCwyFGNhe0SssAnmVtQOESo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
imgs.signifyd.com/fp/ Frame 39B1 		81 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*/*, w2txo5aa/e1f3e94dacc2aa20lzzmmjvkyjvjzddlzjgzywyzzte3ythiyzzi
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 03 Jul 2024 07:33:44 GMT
Server
Apache
Etag
26e244a038b94e5aac5f9e195fe098fd
Content-Type
image/png
Access-Control-Allow-Origin
https://www.elfcosmetics.co.uk
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Mon, 02 Jul 2029 07:33:44 GMT
T69JFdhcVNinFz7_
imgs.signifyd.com/ Frame E4F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/T69JFdhcVNinFz7_?c03b7334a6b12b31=0w_BRxLolH7Z7q6eCZvpFpXkIX8wLmuV7__NPFL6hv_ds_2CBiegffW3q_MI1mV9tOJuDJxOoTVXRCMHt4SxjZ2vFOL4f9yidgjV0G9t3Ki-KN0CF6wKwpMEDo59Lt6WYNQL-RXsQ55o0x7RFlaMBwezDcUnoBh7_-Ru0A5jQEVBPkncVW31POoSS7aEvJj-CY6WqeiJqa8Kg9LJKWs
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 03 Jul 2024 07:33:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
oWa7axKZRPLntApH
imgs.signifyd.com/ Frame 39B1 		0
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/oWa7axKZRPLntApH?5926c772a8350701=OS2q5FW5QQs7rOZFr7DM6z2FTphNxt1NdNyhNl5qY5EgjSkWZGJgjDuC7dvUl-hBp7kIqphVN-MAW2LTRqM85OXE3tqtITzw9vKxw_Ei-tQPrqW6YlShjkM_GFzXza-m2bcLE9EVR4b9WIc_EX3h-zbDIlQ&jb=3b3c2c647b6b3f693f3b603d6e61663b3368373e6c326d686e32623a6d376e6c3b6b383a3f683b
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
LuYHBLzfVpGdVdk7
imgs.signifyd.com/ Frame 39B1 		134 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/LuYHBLzfVpGdVdk7?d1614f1fc2b2b691=saukHQDUA1boCH1mjdSVNPc-pVED-wNzsex3AcSF7BQbMNgSjkmNd2hfg8dOI_8RJ_nEB6mWE1fpyxQXA_KP_LwovrRC13Iq7CaHCQd6d9xyftd1vYh7lGuQcZOwGajkWrKDV6z19qAxcY98NZtk0Q
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
1b48323c7de31ccf5d56aba3b2b5086908a6aa6b9784d74a4dca164dfdc3c7ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Q9O9mLiKvPVYS5Vh
h.online-metrix.net/ Frame 617A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/Q9O9mLiKvPVYS5Vh?85c67e82bbf5932c=OMmm3xHACRw2By2VcABChc2v_yKff9BJoLD6dRnyhHUsJcZm7s5nLyR1K3e8oOnkowHmG_IpGHA0YzGhjacAc63ZUEfngqj85U7pR3y-y6sezJNRuHtpC_SII4HP5bGSjCGCUwCp12utsTT19xtFaAhGYHNftFp-VRgBflnKR4KFQGeZ21zzUMOqnZekptEWb1ezPUQFrrvFX2Qk8No_
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 03 Jul 2024 07:33:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
c_zvpEbzm4l3kBCo
imgs.signifyd.com/ Frame A86A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/c_zvpEbzm4l3kBCo?afdf130c8deb5adc=ThSo6ziPvO8jHtEzZOxUxg7lPDjBBHDnged0387Nt6vVIp_SPMfupPbyP1EJhIs0G35VzSmv0RZ_j48kfzmjWK5jy6xKt3in9NZsScsqqN15amWSNZ9UnCbPNO_9vhQB18rlAZAsDIkRDUHDcKTNZcZCPjjDUIO2HoRMKpfDG5nMHqiLX6S0Z0_shMGlPrDFaYuztfnfTflZcpfetIgV
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 03 Jul 2024 07:33:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
6FNQKnOSovktaprb
h64.online-metrix.net/ Frame 39B1 		0
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h64.online-metrix.net/6FNQKnOSovktaprb?a283a225048302c3=98Lm3Bns45mJZNAdgp6_KKwrAEZWYuKdo0kpoRyWTef6oJTWTjpFrSh3ZCuqt9DDFcEARyQK5_YB33DMQgs1351knw067OlDBvtqOTLlP_SLmqcJNP1rwbWP0IQLCNOyOuiRlFBkXH-ypYztDfczvT-RzG8QC5U-
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 07:33:45 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
oWa7axKZRPLntApH
imgs.signifyd.com/ Frame 39B1 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/oWa7axKZRPLntApH?5926c772a8350701=OS2q5FW5QQs7rOZFr7DM6z2FTphNxt1NdNyhNl5qY5EgjSkWZGJgjDuC7dvUl-hBp7kIqphVN-MAW2LTRqM85OXE3tqtITzw9vKxw_Ei-tQPrqW6YlShjkM_GFzXza-m2bcLE9EVR4b9WIc_EX3h-zbDIlQ&ja=3a3a383f2e2c61373e3a24703736302e6c37333c3832703b38303024696635393e3a3a7039383a382e797a73353d303a723732382c6e72783533243b3c30302e39323838243b3c3838263b3a383a2e3b3e3a32263b323038263b343a382e39383a302c353a30243f3a3a2c657c37383f6e3f336e3b3b36336f36626e383a3b683e346a6e3938376038616e3b6b3e2c656637382e7b6966373a3e2466623d687c7e7a712f3b432d384c2532447f777f266d666c6b6779676d7c63617926696d247f6b253a4c6f6e6c256167796765746b6b2d6b7a616763666966792e78663f3f2e7a6a376f38303a6e6c633f3d373933396634676a65303131396f6a3c6b33313a33326e2e626a373b3135396b38633b69616b6f6961323039636c3b396b39383c6c3a3c3c3b35682e607165375769666e6575792d30383b3b266a716a3d4b607a65676d2d383a393a3c24607b6577375d696e6c657d712c62716a7f37436870676d6d2e6662693539382c666c673f322e646f7e7a3d302e7e7066374d777a657a6525304e426d7a6463642e656b7e607a37363a3839663b6932626d693a306f3e616b3f3c30303a3a616c393d3f3e38396c6e3c3d323a3b3c3b663c6f61613a3e6e61333c636e686e373231393339313e6b2c6c7a37627c7c7a712f3b4b27384c25324e7d7d75246d6e6e6965736d677c696b7b266965267d612f3a4e6f6e6c25696d796765746169276178616f61646b6c7324783d78647d6d6366576c66697b62273f4d6c636679652178667f6563665d7f6364646f757b5f656d6c636b5778666b716d78273f4d6c636679652178667f6563665d696e6562655d69637a676a6b7e2d3d4f6c696479672b7866776d636e5f797f6361617c6b656f2f354564696c7b6d297a667d6f6364577b626d69637d637c6f25354d6c6b6e796d2378667f67696c57726d69647a6669716f782d3d4f646b6479672b7a6c756f63645d7c6461577a666179677a253d4d6e6b667b6d2b7a647d6d6b64576e677c6b6c767a2f3f476c696e7b6f2b706c776f6966577b7c6d577e636f7f6d78273f4d6c636679652178667f6563665d626b7c6125374d6669647b6f2c6f645569357f6f606d645d67684d4c253a3a3b2c3a2d3038224570656c4f4c2d3a384f592d3a3a3826382f303a4b62706567697565235d67684f4e2d383a474c5144253a384d592f3a383b24382d383222477a67644d4c253a3a4f512f3a324f46594c253038455b2d3a3a3b26382f38384b627065656377672357656a4163765d6d6043637e2532325f656a4f444b444f444f55616679766b6669676e5561727a6b73712f3b402d383a4558565762646d666e556561646769702f31482d38324f52545f6b666372556b6d667e786f6c273b422d3a384f525c5769656467785d687d6c646f785f6869666c5d6c646d697e2f3342273a304d505c556e6d787e62576b666367782f31482f32304d525e5d6c646d697e55626c6766642d3b4a2f38384d525e576e78636d576e677a7e68253b482f303a4d5a5c557a6f6c7b6f6f6657676c6c7b6d7e556b646b6f7a2d39402f383045505e55716269666d785574657a7c757a6d5766656c2d39482d3a3a47525c55766f7274757a6f55616565727a6f7973696d665f6a787c692f3b4a2f38384d5256557c6f7a7e7f72655769656f7a7a677b79636f6e5d7a677c6b2d39482d3a3a4f505c55766f707e77786f5f6661667e677857636663796f74706770616b2d39482d3a3a4f505c55766f707e77786f5f6d6178786d785761646b67705f76675f6d6c6f6f2f3b4a2f38384d5256557b5845482f33422d383a4d4f5b5d6d666f6d656c7c5f61666c6f72577d63647c2d39402f3a3a4d4f595f666a6555706f66666d78556d69726561782d3b482f3a38454f5b5779766b666e63786e5f646d7863746b7c6b7e6f792533402d3238474d59557c6d727e7d7a6f5d6c6465637e2f33422d383a4d4f5b5d7c6f727475706d5f6e64676b7e576463646d697827394a2f303a454553577e6f7a7e7d706d5562616c6457666467697e2f3b4a2f3838474f51557c6f7a7e7f726557626b6e6c576464656b745f6e616e6d697a2f394a2d383a474d595d7c6d78766f725f617a786b7b556760626f697425314a253a385f4f484f44556967646570556a7f646c6f725f6e6665637e2d314a2f383057474a4744576b6567787a6f797b6d6e5d7e6d72767f78655f69797e612f3b402d383a5745404f4c576b67677a7a6d79796d6c55766f707e77786f5f657c692f31482d30385d4f42474e5763676578786f7b7b6f6e577c6f7a7e7d7867556f7463392f39402f3a325f4f48474c5d6b6f65787a6f797b6d6e557c6d72767f7a6f5d793974632d3948273838554d484d4c5f61676d787a6d79796d6c557e6d707e77786d5571397e635f7b786d602f3b402d383a5745404f4c576c6d687f6f57786f666c6f706f7a556b646c6f253b482f303a5f474a4d465f64676a756f577b626b6c6d78792d3b482738385d47484d4c5f6c6f7a766257766d727e7572672d334a2d3a3a5d4d4a4d46576c78637d5768776c6c65727b2f39402f3a325f4f48474c5d646f7b6d576965667c6f727c2d39402f3a3a554f48474c57677f6e7e615d6c786b7725314a253a385f4f484f44557a676473656566556f656e65313e2c6d6e55603f303c6c33633a3c61303f39683e306d6b6e303c3c3b6b6c3e633d6835633e3a32603269663d3f3b3626756f6c7e3541647e6d642f3838416461242e7d6566783d49667e6f6e2f3a32417863732530384f786d664d462d3a3a4f666f636c6f2e69616e37353639&jb=393f3a2e647b3f4767706b666661253a4c3f2c3a2d3038225d696e6667777b2d3a3a445c2d383a393824322f3b4827383a5769663c3e27394a273a3a7236342b2d323849787a666d5f6f6843617e27384e3f313d2433362d383a2a41405645462f3243273a306461636f2f3a384d6f6b63652b2f3a3a4162786f6d6d2f38443b3a34263a24302e322d32385b696c6b7a612f384e3d3935243b3c
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Type
text/javascript;charset=UTF-8
Dm63FB52UBHcAnKA
w2txo5aa2um4i6norsbn63pfxdyhaoytk74n3326e1f3e94dacc2aa20am1.e.aa.online-metrix.net/ Frame 39B1 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2txo5aa2um4i6norsbn63pfxdyhaoytk74n3326e1f3e94dacc2aa20am1.e.aa.online-metrix.net/Dm63FB52UBHcAnKA?94b011e307069a0e=Cgnlp_c2jocQzd4zbtVbrplB3NOUp-zKcrMV912ANY2TRSTMp74NebKmQxduP8bEnAHMGjEjs1OrAyfnM8A1TZcROxatrPXd31AGyyN_LxKbiLyT1ZRx5xGsEt6pAECdzYPLhgjPjV3CYsa92u6zkb_9gPPB0HphZSj2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.134.131 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tAxlCQaV9e6-FDaM
imgs.signifyd.com/ Frame 39B1 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/tAxlCQaV9e6-FDaM?bb6a5c7b736d3233=4T78HDZS-cKg52yrhdDRaHOgySQBuHsaLoRzvB0rR_BMAyv1ilLLoxnvadRMqX1f2FdPXS6orzGkIUAVE-y5DTzXWmNdpsuk9nc3_6t6wC_6raFlKd6N501p4xixyZhsy_hVou2KOK_Y3AcBy1mfaFrbAgOhhmfgKlpmrHpWdyQDSeQtr8ShODpugVKtzbKGylTBJlg0f660YYZRufs&jac=1&je=303e2c2e656f66623522312f3843312d3849312f3a416e393335343039396c3c6b39696c3c6c3e6b306b3b383c68356f3833653f3f6e616b3e613e6c3b64333330626b6a6b38323a696c3b3f3039316f6b6b613c693429
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Type
text/javascript;charset=UTF-8
gPPc1cziomqqpC8S
imgs.signifyd.com/ Frame 39B1 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/gPPc1cziomqqpC8S?48b260c8c863dfb7=9Pz8rzJfuNB_vDNm-YyZd3NaXlY1svq1QHEzTO7EYIZQjBfax5rG4DtH31tDqwuGWS7zCSxUqT_EGhltXUcRWyIFvSVRYyOvqetb4XlqZ3_yYpZ2dULEgMpsAIFwsSWeJfdWhWPnXRWiRgdJyRRboCJrBP82PZQickFDV--jsO-KiLUreiCZP5ALKXyDoZ2iIdoNcz3yH5wc8ae4vHQ&jf=3c3b3e2e7b6366557a6466377e6472575b3c3a417b75526c78375a6b49573e7b2e79636c576e6b7c6d37333d39333b333830323c2c796b6e5776717a6f3d77676a3a6d6b6c796b2e7b636e57636f7b373b3a37333930313b3a3c323d3a63303c3e3863673b64383a383b3a3e38323869303c36326b6f316e3a3330393a3d32393c30383a3a3466603e34693d3a336f3f393a33386d6931693d3a613f6b3733386f6f34333161693f3b3462366d633b3c3839393a6c6b3c3c6d3f346e3d3364686c34363a396f3a3f6e343a6c6c3638366a336d3e386b38303b396b3a3b68356e6b6f30393a32353c3e3235396d316e696830643b313631306c3d6e306d3c386e3f6b646c3168247963645f7b636d3f3938363c3a383230356b35313f6d686f31396f3b306e39303b396c61686c63383f3339303c3c663c6e3938306339306a696c693b3a3a6f386a3b3d36683d3e34693d30366a333e373a3a30383c396632606c303b696b6b3b3c6a3f3f3f6c6f3b3c6c3e3b3c3f38613e3b6c343b39313e3e3f64323730373a69313a3d3e3b3d3a313038643c303930326c38342e796364783532
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
oWa7axKZRPLntApH
imgs.signifyd.com/ Frame 39B1 		0
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/oWa7axKZRPLntApH?5926c772a8350701=OS2q5FW5QQs7rOZFr7DM6z2FTphNxt1NdNyhNl5qY5EgjSkWZGJgjDuC7dvUl-hBp7kIqphVN-MAW2LTRqM85OXE3tqtITzw9vKxw_Ei-tQPrqW6YlShjkM_GFzXza-m2bcLE9EVR4b9WIc_EX3h-zbDIlQ&jac=1&je=39383e3a2e2c75636137333d382e313f243a2c3b3a2e393a24302e333f36263c3d2c7d6d613738393f24333b3c24303b322e323f2c7d6b3c35646c686c3a31663b37326a6a6f3a3238303b393230306e2e7a6f37646f266a6b7e717e35273f482f32326e6d766d642d38382d3b4b3b26383a27384b2f30387974617c7f7927383a273b4b2f32326160617a6f61646d2d3a382f3f4c2c637f6c623f696b3762316f3c673c30336b696b6336643a613f6b393338313b3c393c3e6837693b3b35333c62346c326e663e3034383a393866673c66383b6e696e303c3f332e6d7231376b3b31693e65303d336f3a3b6c323f3d6c3366666a306c30303d6b31303e3e69306867693b6931682c756160372f35482d303a6b7863686b7c656b7c7d786f2d3a382f3b492f30387032342f3832253a492f30386a6b7c646f7373273a322d3b492f383a3e3e2f3a3a2f30492d38306878616e6c792f30382d31492f3f4225354a253a3a6a786b666c2f383a2d39432f3a38456565676c6d2f383249607067676f2532302d324b2d3a387c6d7a796367662f30382d39432f3832313a3c2f30382d354c2f384325354a253a3a6a786b666c2f383a2d39432f3a384c657e2533494b274078696c6c2f383225304b253a3a7e6f787b6165642d3a382739492f30383225323a2f3d462f3a412d3d482532306a7269666c2f383a2d394b2d3a3841627a656f637f6d253a382f30492d303a7c6f72736b676e2d3a3a2f39492d3838393a3c27383a2f354e2f35442d384927383a647d66665665707b6967664463797c2d38382d3b4b273f4a2f35482f32326a786b6c6e2d303a2f394125303a4e677c2d384c4921487869666e27383a2f30492f32327e6f787163676c2d38382533432d323a30263a2438263a2f3a3a2f354e2d38412f3d42253a3868706b66662d38382533432d323a4b60786565617f672d3a3827384b2f30387c65727b63656c2f3a302d394b25323039323e2638243c3c3f3224393a3c27383a2f354e2f32432d3d4827383a607a6b646425303a253b492d38384f67656d646d2f303a4b6270656765253a382f30492d303a7c6f72736b676e2d3a3a2f39492d3838393a3c2c3a263c363d322e313a3c2f30382d354c2f3f4425304b253a3a65656861646f2f3a3a2f314b6e6b6e796f25324b2f38306767666d662f3232273b412d3a3a2f383a2d38492d3a387266697e6465786d253a382f314b2d303a5d636e33302d323a2d3a492f3a3a7a66697c6c6d78655c677879696f662f38302f3b432d383831302c382e382d3a382f3a4b2f383a7f65753c3c2f30382f33416e6b66716f2d354c2c7f616c3f2d374a2d3a38687a69646e7b2d38302f3b4b273f4825374a2f3830687a63666e2f3232273b412d3a3a4d65676f666f2d3a3a41627a656f6f2f32322d384927383a746d7879696f6c2d323a2d3b4b2f3a3a3b383e2d38302f3f4e27384925374a2f3830687a63666e2f3232273b412d3a3a44657c2d394b492548706b666e27383825324b2f38307c6d707b63656e25303a253b492d3838302d38382d3f4e27384b2f35482f32326a786b6c6e2d303a2f394125303a43607a6767637d652f383a2d38412f3a38746f78736967642f30382d31492f383231303e253a3a2d3d4e2d3d4e2f3a4b2f3038656560636665253a382f314b6e6364796f2532412d323a78646b7e6e6778672d3a382739492f30385d696e3b382f30382d354c
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/iPd0fQsqTK7c-u6H?5f0e38a7359c4a3a=p_NSnI6AhLrR6DDkDG4L8c3JPMHNNXo7a0MNbMbn2DtNMd0WjxQD94SbG03t9W9WZQ0usQ9za2nVXV-0LRs7_7Zat8GaSXoVp2IORcp7pkldSG9Hge3SV7m1MG6tE8GK-ULBuOwgOILr-rNZ-ztu8bk9ExKqT5tEfOtE1bil4BR1ox7ESbcmD3zuiPwDvwDXsIY5O4EXHq5oViA9&jb=3d332c2e62796d7f355d6b646e6f777b2c607165355561646e6f77712d323839392c607b6a7f374b60786d676d2c6879683d436078656f6f2d30383b3836
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 07:33:44 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 undefined| event object| fence object| sharedStorage object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host string| _pxAppId function| $ function| jQuery object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| ytCCPlayer object| ytBTSPlayer function| onYouTubePlayerAPIReady function| onCCPlayerReady function| onBTSPlayerReady object| content object| __LOADABLE_LOADED_CHUNKS__ function| _ object| regeneratorRuntime function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive boolean| __HYDRATING__ object| viewedProductIdsForPage object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otSPAPathChange boolean| otIsInitialized function| OptanonWrapper object| DYcustom object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| __tcfapi object| otStubData object| PXXT4Gy2ig object| PX undefined| _XT4Gy2ighandler object| otTCF object| otIabModule object| Optanon object| OneTrust boolean| otLastAcceptAllValue object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL function| a0_0x3eec function| a0_0x20c7 object| sigScriptLoader object| SIG_SCRIPT_DEBUG object| threatmetrix function| tmx_post_session_params_fixed boolean| tmx_profiling_started function| tmx_run_page_fingerprinting

16 Cookies

Domain/Path Name / Value
www.elfcosmetics.co.uk/ Name: _pxhd
Value: -Ra/hU5q429miWimdwZQeQMw2v4zRT0ls/AUUuLm5DHISqHGPwaYZwBc3f/l8ebQn7C8T3XsNGUWBWe52XjcAA==:WVVTbo0Jyf46EgKRCjZ/Or-LyobFxxbGLIgSdBmFvzf0GCFfjTEYgt-tCX-My1RFLHPuZQTUp03ufkxTR4CHaKIZSbtnjUE7cCUNonW8Qpc=
.youtube.com/ Name: YSC
Value: D26vFTNIGXg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: pfRavYEscqg
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgLw%3D%3D
www.elfcosmetics.co.uk/ Name: initAuthComplete
Value: true
.elfcosmetics.co.uk/ Name: ab.storage.sessionId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: g%3A70717082-19c5-4807-b44e-47bbef558085%7Ce%3A1719993820604%7Cc%3A1719992020604%7Cl%3A1719992020604
.elfcosmetics.co.uk/ Name: ab.storage.deviceId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: g%3A0380eab1-4036-0f59-4b2d-9e11e5069bdc%7Ce%3Aundefined%7Cc%3A1719992020606%7Cl%3A1719992020606
.elfcosmetics.co.uk/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Jul+03+2024+09%3A33%3A41+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202211.2.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Felf-cosmetic-criminals&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2CSTACK42%3A0
.elfcosmetics.co.uk/ Name: pxcts
Value: 921031a8-390e-11ef-a322-7939d8532b40
.elfcosmetics.co.uk/ Name: _pxvid
Value: 90575b59-390e-11ef-9c41-8fc26a847f07
www.elfcosmetics.co.uk/ Name: scapi
Value: prd:dee60da9-f9ed-41df-a0b4-6767b59b2598:eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiIwODJiMWNmZC03ZDA5LTQwZDctYjc2OC03OTUzZjQyOGIyMjUiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmRlZTYwZGE5LWY5ZWQtNDFkZi1hMGI0LTY3NjdiNTliMjU5OCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTk5OTE5OTIsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFkeGV0SmxIYUl3cklSeEhKSnhiWVlrdXBLOjpjaGlkOiAiLCJleHAiOjE3MTk5OTM4MjIsImlhdCI6MTcxOTk5MjAyMiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzNDc4NTYwMjQ5MjkyMzMxMCJ9.937bKdjxge3gDK5bZNGEb1o5_HnR6hoe4ZCjuxWhs-f7j30Li_cSek0bayFP_7fE3BMo0iC4uH8IifSziZRblw
www.elfcosmetics.co.uk/ Name: dwanonymous_d0d57f92086b8d4216742497990aeda2
Value: adxetJlHaIwrIRxHJJxbYYkupK
www.elfcosmetics.co.uk/ Name: dwsid
Value: 66KNjcB0pZkN49oYlpkmAVzTOKwlCrAjoCLDbyP5pbjNFegmfAVxrRa2ssRlx1labTyMrG3YA7EhhJaAOlfGeg==
.elfcosmetics.co.uk/ Name: _px3
Value: 235599a5386795f9f9c5e45b20733c6ced30cd4e0421144be721a000ba650e54:ItdBUYts0MTk62VnWBToN9bQC0kXgduX61pgMScOXzny3p7rcidKKnUZzmUbFDTQOWBlhl5y5nffSgKpQMBTYQ==:1000:0amcaIqnrvU9hd/jgIpZRKWl+vQ5aktVUqHUp8ctMOevrL2rHzwEb0AK35j10RS8WD7Nye3soGAO9kRyEkbawqhLHi2ceXnytj4rL62CgUYA8NgWT7XjasbsW6zSl5zRIvFB5gUf3lmZA9Q/92QpZcbriq2hJWRtR7Vm5uBwxwARx+LUUKfXicIWFOxjHtrKM8cqYviKPxkl04lwJsxVvxDGBMkcWF6wfKibpan0kMs=
imgs.signifyd.com/ Name: thx_guid
Value: 8a2081b02887740a1a96b7f222b6b324
imgs.signifyd.com/ Name: tmx_guid
Value: AAzPakecMQka-VBH8yZAEb0moUajTqflhRpUCohAfqyvXfCqA5GhTXb2ekwCSjv6ll4wguHyCmm36ElTa4gXMDllw0MOEQ

12 Console Messages

Source Level URL
Text
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 359)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 359)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals(Line 359)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/elf-cosmetic-criminals. Domains, protocols and ports must match.
javascript error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Access to image at 'https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=y_' from origin 'https://www.elfcosmetics.co.uk' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=y_
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11487/vendor.js?yocs=y_A_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"
security error URL: https://www.elfcosmetics.co.uk/elf-cosmetic-criminals
Message:
Refused to execute script from 'https://h64.online-metrix.net/6FNQKnOSovktaprb?a283a225048302c3=98Lm3Bns45mJZNAdgp6_KKwrAEZWYuKdo0kpoRyWTef6oJTWTjpFrSh3ZCuqt9DDFcEARyQK5_YB33DMQgs1351knw067OlDBvtqOTLlP_SLmqcJNP1rwbWP0IQLCNOyOuiRlFBkXH-ypYztDfczvT-RzG8QC5U-' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cquotient.com
api.ipify.org
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.cookielaw.org
cdn.media.amplience.net
cdn.static.amplience.net
code.jquery.com
collector-pxxt4gy2ig.px-cloud.net
cosmeticcrimal.co.uk
elfcosmetics.a.bigcontent.io
geolocation.onetrust.com
h.online-metrix.net
h64.online-metrix.net
imgs.signifyd.com
qoe-1.yottaa.net
sdk.iad-05.braze.com
t.paypal.com
w2txo5aa2um4i6norsbn63pfxdyhaoytk74n3326e1f3e94dacc2aa20am1.e.aa.online-metrix.net
www.elfcosmetics.co.uk
www.paypal.com
www.paypalobjects.com
www.youtube.com
cdn-fsly.yottaa.net
104.26.13.205
108.138.26.78
140.174.14.100
151.101.129.21
151.101.130.133
151.101.193.35
151.101.66.133
192.225.158.1
192.229.221.25
204.141.89.114
204.2.133.196
2606:4700:4400::6812:25a1
2606:4700:4400::ac40:9b77
2606:4700::6813:b234
2a00:1450:4001:82b::200e
2a02:26f0:3100::1735:2b10
2a02:26f0:3100::210:6e08
2a02:26f0:480:1a::5f65:6f9f
2a04:4e42:400::649
35.190.10.96
54.76.49.69
91.235.132.130
91.235.133.113
91.235.134.131
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
1b48323c7de31ccf5d56aba3b2b5086908a6aa6b9784d74a4dca164dfdc3c7ac
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1f1709a7e0699fcb1399dee1cf1db08158f5873123be9d0b2bf365404b57a62f
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
232d958be1f93d665a6f81f43f1beaa4a1c948166e299c40eef27cd947e5460b
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
34edceb5fa1a0cfac62f09450fd9a59702814377c792663fa4b0bbaf9e3e2163
37d207a7297589d062c2af128ee513190a9297959cb24c68078f68d64b899c98
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
476b949e750bc9bc1e1179523a977db991107d95f9e6ddf9c05212ca6a2b8fb9
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4ae7d857dd8d096a5198b1e8280de9f929ca88d690e445731b6ffdffbf2b8383
4af4c0acd57b3ad4e550872ec8965b9bd376f1ee10628bd4f9552c3ebb6077ab
4b89cd71669a53e8801ea9e9d4fb8a40bb5dbbb393a1b6c4a249349b42086da7
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
61d2cbdaf515aff45d84b2584d6f4607f43dc18e96ac9638a846ad8c4e16d53b
643de71a52d453c86d20c179b56521d297b1f6e0150c3148fe91e5cfc47be448
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ab1474b1928d39f768075dfef56e53b01fff6c85a44b07d150c4abf7299c3b7
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
71bd66530457656271aa253073fb867cdc9068586f7af54e341667687162909e
7a0204422805f76d793709204fd52e753cb059e5dd5099e41781499c8072e726
7f7edbb933aad0fcd56c66c1a08997e6fe14bf6b9acad4a08bc40c51a62d84ff
81902456f579251511c17c683fc64f727bcf665655d50ee6fa7949b3cea3b1ca
8342f325a700855345d382ebc39015d5e341788808771faba4535272dee58db3
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8cb2ac35adc7dee4b051d05a7ffc844c9f61eb67b3ce350a16a552f98ffc4172
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf
9283c9f89c84db078d5e3fa235ef7d06b38125fe9d9d398d93bb7b612a4ae88b
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9305a9837e928cadbef9e8c346b14d119655c66627b142b026899e796208f020
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
949062629321267f5e4f5d183435ab758ad7898afe2b31dc262b6b164167ffa0
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
96e567e55058088bf057ebeb964b202435a2c745a55f49df106fe22f2a9a8e11
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
a7b72545a973826f0ff32f17d50f44d85654a00bd4022c43400d77dc6359f3b2
ad3ed177f053d775094fa0ad440fd4f6baf970be9af3b38b62e734dd4ab99ecd
b3efc48717edad187198d0a608a3b3a8195f0e5b6b6b41f27b78824796cbd61e
b592ffae3e4db32ca59f44351815755d85f43b1b03b5f6b75adf0c727ac702c1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c675787ea44b5cc6f0bff46e782787da45478b0ebce5e9bc1919d4358972c9bd
c8d6358ac8e642a7762e35323efaa05c8cbf8dd50bbf2cad44e39303de79eecd
c9e674d2d175ec98c10e315eb4e42be7daf393e47eabdca5f12e90464095677b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdbeef0b146607f5137f8f5434eeab8625ee0801da2af33e045528d191e512d0
d4520ba87a086f31f3b0b2f5ab4a0098a277a9177601aec6819edc5368cf2c29
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
d7a4d3c6bbb813b80afb47a45e75320ff14b02e65ad1ca740d62bcbfb646f2ad
dc422568cbffdf24548d9a57cb92c391f5c99129fe191c9afcb692030556612f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85bc1a5fdd198d397940696c708af9935c2fa30899f49dfece575a393d9efe1
ee974c3270b492784ec11a1c620ea7cac3c204bb3e859a809538d952d9118edc
f366287eaa5627dc7ee48d1fcb79d20bceae8238ee2f1dd772f059685fe9c799