urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmetics.co.uk Open in urlscan Pro
165.254.198.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.elfcosmetics.co.uk/
Effective URL: https://www.elfcosmetics.co.uk/
Submission: On May 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 13 domains to perform 73 HTTP transactions. The main IP is 165.254.198.116, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.co.uk. The Cisco Umbrella rank of the primary domain is 965199.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time www.elfcosmetics.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.222.82.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-82-214.compute-1.amazonaws.com
link.elfcosmetics.co.uk
1    104.17.247.187 (None, )

ASN13335 (CLOUDFLARENET, US)
elfcosmetics.co.uk
17    165.254.198.116 (United States)

ASN393259 (YOTTAA-AS-1, US)
www.elfcosmetics.co.uk
1    2606:4700:4400::6812:226c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.c1.amplience.net
8    2606:4700:4400::6812:205a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.media.amplience.net
3    151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn-fsly.yottaa.net
6    2606:4700:4400::6812:25a1 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
12    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    151.101.193.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    151.101.65.21 (None, )

ASN- ()
www.paypal.com
2    151.101.65.35 (None, )

ASN- ()
t.paypal.com
2    192.229.221.25 (None, )

ASN- ()
www.paypalobjects.com
2    35.190.10.96 (None, )

ASN- ()
collector-pxxt4gy2ig.px-cloud.net
2    34.252.111.171 (None, )

ASN- ()
api.cquotient.com
3    172.64.145.183 (None, )

ASN- ()
elfcosmetics.a.bigcontent.io
2    172.64.155.166 (None, )

ASN- ()
cdn.media.amplience.net
2    108.138.26.13 (None, )

ASN- ()
cdn-scripts.signifyd.com
Apex Domain
Subdomains		 Transfer
19 elfcosmetics.co.uk
link.elfcosmetics.co.uk
elfcosmetics.co.uk — Cisco Umbrella Rank: 929514
www.elfcosmetics.co.uk — Cisco Umbrella Rank: 965199
395 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 312
214 KB
11 amplience.net
cdn.c1.amplience.net — Cisco Umbrella Rank: 31539
cdn.media.amplience.net — Cisco Umbrella Rank: 14154
557 KB
6 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 2594
982 B
5 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2954
t.paypal.com
124 KB
3 bigcontent.io
elfcosmetics.a.bigcontent.io
8 KB
3 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 25251 Failed
1 MB
2 signifyd.com
cdn-scripts.signifyd.com
imgs.signifyd.com Failed
5 KB
2 cquotient.com
api.cquotient.com
519 B
2 px-cloud.net
collector-pxxt4gy2ig.px-cloud.net
1 KB
2 paypalobjects.com
www.paypalobjects.com
16 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2924
227 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 533
300 B
73 13
Domain Requested by
17 www.elfcosmetics.co.uk 1 redirects www.elfcosmetics.co.uk
cdn-fsly.yottaa.net
12 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
www.elfcosmetics.co.uk
10 cdn.media.amplience.net www.elfcosmetics.co.uk
6 sdk.iad-05.braze.com cdn-fsly.yottaa.net
3 elfcosmetics.a.bigcontent.io
3 www.paypal.com www.elfcosmetics.co.uk
www.paypal.com
3 cdn-fsly.yottaa.net www.elfcosmetics.co.uk
2 cdn-scripts.signifyd.com www.elfcosmetics.co.uk
2 api.cquotient.com cdn-fsly.yottaa.net
2 collector-pxxt4gy2ig.px-cloud.net www.elfcosmetics.co.uk
2 www.paypalobjects.com www.elfcosmetics.co.uk
2 t.paypal.com
2 api.ipify.org cdn-fsly.yottaa.net
1 geolocation.onetrust.com cdn.cookielaw.org
1 cdn.c1.amplience.net www.elfcosmetics.co.uk
1 elfcosmetics.co.uk 1 redirects
1 link.elfcosmetics.co.uk 1 redirects
0 imgs.signifyd.com Failed www.elfcosmetics.co.uk
73 18
Subject Issuer Validity Valid
*.elfcosmetics.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2023-09-25 -
2024-10-25		 a year crt.sh
c1.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-10 -
2024-10-23		 a year crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-14		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2023-09-13 -
2024-10-14		 a year crt.sh
sdk.iad-05.braze.com
E1		 2024-04-19 -
2024-07-18		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
ipify.org
GTS CA 1P5		 2024-03-21 -
2024-06-19		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-15 -
2024-09-13		 a year crt.sh
*.cquotient.com
Amazon RSA 2048 M02		 2024-03-05 -
2025-04-03		 a year crt.sh
*.bigcontent.io
GeoTrust TLS RSA CA G1		 2024-04-02 -
2025-05-03		 a year crt.sh
cdn-scripts.signifyd.com
Amazon RSA 2048 M01		 2023-07-03 -
2024-07-31		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.elfcosmetics.co.uk/
Frame ID: 18B7C339C05376C110753C1E7CECFEA0
Requests: 70 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.0&integrationType=SDK
Frame ID: 689173DBE5C92B8C46B37F1DBBDBE750
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 6E5E6B17E722873DA678B62ABB78D676
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

e.l.f. Cosmetics UK: Affordable Makeup & Skincare | Clean Beauty Products | e.l.f. Cosmetics

Page URL History Show full URLs

  1. https://link.elfcosmetics.co.uk/ HTTP 302
    http://elfcosmetics.co.uk/ HTTP 307
    https://elfcosmetics.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns

Page Statistics

73
Requests

90 %
HTTPS

26 %
IPv6

13
Domains

18
Subdomains

18
IPs

2
Countries

2451 kB
Transfer

7810 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.elfcosmetics.co.uk/ HTTP 302
    http://elfcosmetics.co.uk/ HTTP 307
    https://elfcosmetics.co.uk/ HTTP 301
    https://www.elfcosmetics.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=m_3MEY9QhEp4ObDRfIE67kQuMXpj6NAjdb0rk_tgxJc HTTP 303
  • https://www.elfcosmetics.co.uk/callback?usid=8f7383d7-58b4-48e4-b7ac-1734a0ee33c6&code=bLMY7dPwGT3AjY1KJSvIegcW4UBTqflm2zc3TrIv-ZI

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.elfcosmetics.co.uk/
Redirect Chain
  • https://link.elfcosmetics.co.uk/
  • http://elfcosmetics.co.uk/
  • https://elfcosmetics.co.uk/
  • https://www.elfcosmetics.co.uk/
916 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
74bc368a94a16811a997a1900fc024921f111f08e584af39a0483598c7a764e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 19 May 2024 10:00:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 dedf57685198cdf20aa5d9f523b82ec0.cloudfront.net (CloudFront)
x-amz-apigw-id
YAzHSFSQCYcEFsw=
x-amz-cf-id
mVNLTfSrVcVb3VY3OmqcwKRWJ9WRfi8izjH6Ozm3bn6DevYIhKFMoA==
x-amz-cf-pop
DFW55-C3
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
811248
x-amzn-remapped-date
Sun, 19 May 2024 09:52:08 GMT
x-amzn-requestid
0e400773-e5ae-46aa-b9a7-53c0cf67721e
x-amzn-trace-id
Root=1-6649cbc7-352308850709e838779ad897;Parent=57d35ef48a7bff63;Sampled=0;lineage=dcd1e669:0
x-cache
Hit from cloudfront
x-yottaa-metrics
3221cc02d146/[8,-,-] 32D1a5fec674/[-,10.099]
x-yottaa-optimizations
ob/1001000000100001100 si/32D1a5fec674-1715874284-5020241880 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0

Redirect headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88633d47cb9f3540-WAW
content-length
0
date
Sun, 19 May 2024 10:00:20 GMT
expires
Thu, 01 Dec 1994 16:00:00 GMT
location
https://www.elfcosmetics.co.uk/
pragma
no-cache
server
cloudflare
x-dwsid-samesite
None
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
/
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ 		0
0
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
locale-link-rewriter-0.0.2-min
cdn.c1.amplience.net/c/elfcosmetics/ 		553 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.2-min
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:226c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 19 May 2024 09:37:22 GMT
server
cloudflare
age
1381
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
edge-control
max-age=1800
cache-control
s-maxage=1800, max-age=120
cf-ray
88633d57ac5c915e-FRA
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin
https://www.elfcosmetics.co.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin
https://www.elfcosmetics.co.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
halo-glow-repromote-2024-05-IMAGE-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-repromote-2024-05-IMAGE-1_D-min?fmt=auto
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556439ae99de9152826ea7a09b6a485315e1a783563542df48051122040576ac
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:23 GMT
cf-cache-status
HIT
age
57579
x-amp-srv
CF
edge-cache-tag
riCJiEIYt,l4p5bDg2e,xAmoEKQeQ,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
h0jHeZj2MZ
alt-svc
h3=":443"; ma=86400
content-length
56154
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Sat, 18 May 2024 18:00:44 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
88633d5848f61947-FRA
x-amp-published
Tue, 23 Apr 2024 21:32:39 GMT
halo-glow-repromote-2024-05-IMAGE-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-repromote-2024-05-IMAGE-2_D-min?fmt=auto
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4040c70033d1b909ef1133deddc8d454e05467be6975afa26ac324e1fadea7
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:23 GMT
cf-cache-status
HIT
age
57579
x-amp-srv
CF
edge-cache-tag
XPQaUsC57,l4p5bDg2e,7a1WfdFKy,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
xSZCK6Gui8
alt-svc
h3=":443"; ma=86400
content-length
24182
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Sat, 18 May 2024 18:00:44 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
88633d5848f51947-FRA
x-amp-published
Tue, 23 Apr 2024 21:32:39 GMT
vendor.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/ 		2 MB
620 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2e0bde8a120edcd0e126c139ff4c62dc420e43a86bb9e22c92044fdda3fc3ef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:23 GMT
via
1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P8
age
312221
x-yottaa-optimizations
ob/1000 si/36118cae0e1f-1706737520-2090904622 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
754923
content-length
634413
x-amz-meta-bundle
11256
x-served-by
cache-fra-etou8220157-FRA
x-yottaa-forcecache
true
last-modified
Wed, 15 May 2024 19:15:48 GMT
server
AmazonS3
x-timer
S1716112823.018178,VS0,VE1
etag
W/"b2524d35ed93281e98351abb4d5c08d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e3c/[150,120,-] 36118cae0e1f/[-,322.397]
accept-ranges
bytes
x-amz-cf-id
f8BmpVgSsnAsq52cICG-uP6meb5UjkZS4B_bBup86h-ayktdCIkVhg==
x-cache-hits
0
main.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/ 		2 MB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/main.js?yocs=o_q_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48da61030dc7ada6d202c7c6229b40b5f7ba9f6b4246af7399de53a26396ad1e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:23 GMT
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P8
age
312221
x-yottaa-optimizations
ob/1000 si/36118cae0e26-1706737520-1649242304 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
754923
content-length
497669
x-amz-meta-bundle
11256
x-served-by
cache-fra-etou8220157-FRA
x-yottaa-forcecache
true
last-modified
Wed, 15 May 2024 19:15:47 GMT
server
AmazonS3
x-timer
S1716112823.018323,VS0,VE1
etag
W/"fee19d2a7b79cd4cba1bfdc3ba08dcd2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e43/[216,193,-] 36118cae0e26/[-,309.427]
accept-ranges
bytes
x-amz-cf-id
-qwbUBzzm65PcFh3VngqweuhVNjNZzBrWBHsFMq_tcYU8YTl9gdh6A==
x-cache-hits
0
pages-home.js
cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/pages-home.js?yocs=o_q_
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2719add3a6d6e8d76615ef6e4e221fdfe6075829578559adf1ca76bca25db43

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:23 GMT
via
1.1 65302a67852221313e65b936cd8d6b68.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
JFK52-P2
age
311927
x-yottaa-optimizations
ob/1100 si/3811cc023146-1712927894-1767191409 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
Hit from cloudfront, HIT
x-amz-meta-deploy
754923
content-length
2317
x-amz-meta-bundle
11256
x-served-by
cache-fra-etou8220157-FRA
x-yottaa-forcecache
true
last-modified
Wed, 15 May 2024 19:15:48 GMT
server
AmazonS3
x-timer
S1716112823.018329,VS0,VE1
etag
W/"04ac338fd46f085c149aafd32c830d46"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-metrics
3821cc02317b/[3,-,1715805428367] 3811cc023146/[-,6.982]
accept-ranges
bytes
x-amz-cf-id
zA4Eno9FTCoW_S_Fh0XLRv3JfNX0WM8WQyvC24XYia5shoGs71Coeg==
x-cache-hits
0
brow-laminating-gel-2024-05-IMAGE-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-1_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-1_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-1_D-min?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05d6a1f5cbdc45af1b0a63a615135dc1065f22f611517e428ed6ec64bddbef88
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:23 GMT
cf-cache-status
HIT
age
6571
x-amp-srv
CF
edge-cache-tag
XEMwV8CvA,l4p5bDg2e,JBjQsh0DO,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
fzl2Xc7ZFv
alt-svc
h3=":443"; ma=86400
content-length
20654
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Sun, 19 May 2024 08:10:52 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
88633d5858fd1947-FRA
x-amp-published
Thu, 16 May 2024 19:11:07 GMT
brow-laminating-gel-2024-05-BACKGROUND_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-BACKGROUND_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-BACKGROUND_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-BACKGROUND_D-min?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c04c2a9e91f5c91967c8716f3d885af6beb95566f26fc386a2f74a9cebdbc616
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:23 GMT
cf-cache-status
HIT
age
6571
x-amp-srv
CF
edge-cache-tag
yNNUJB3Os,l4p5bDg2e,kdpOvd2_a,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
QswFRwjmDX
alt-svc
h3=":443"; ma=86400
content-length
10257
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Sun, 19 May 2024 08:10:52 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
88633d5858fe1947-FRA
x-amp-published
Thu, 16 May 2024 19:11:07 GMT
project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-1_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-1_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-1_D-min?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10b0a8089c1cea1328c2b06cb238c94036614502d91aec1e98309c560b3d316a
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:23 GMT
cf-cache-status
HIT
age
60178
x-amp-srv
CF
edge-cache-tag
D1RPXaqcH,l4p5bDg2e,cRluW8FOS,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
hbI8o2auyA
alt-svc
h3=":443"; ma=86400
content-length
27027
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Sat, 18 May 2024 17:17:25 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
88633d5859011947-FRA
x-amp-published
Thu, 16 May 2024 20:07:32 GMT
project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		254 KB
255 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-BACKGROUND_D-min?fmt=auto&w=2460%203x
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60bcf01d04394617737446dc979e69c27ed9d8707decce34b5986d9be29a2d7d
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:23 GMT
cf-cache-status
HIT
age
57578
x-amp-srv
CF
edge-cache-tag
539iJfI1c,l4p5bDg2e,mQqckZV-k,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
4mbfCrHrqF
alt-svc
h3=":443"; ma=86400
content-length
260184
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Sat, 18 May 2024 18:00:45 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
88633d5859041947-FRA
x-amp-published
Thu, 16 May 2024 20:07:32 GMT
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
88633d680f8e2c6f-FRA
content-encoding
gzip
date
Sun, 19 May 2024 10:00:26 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/main.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Dw6K+rTuf8kOuPIEBw1QQA==
age
48044
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6881
x-ms-lease-status
unlocked
last-modified
Thu, 16 May 2024 19:34:05 GMT
server
cloudflare
etag
0x8DC75DF260606B3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
69f2aff5-101e-005b-0c74-a84615000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88633d65dceb907c-FRA
/
api.ipify.org/ 		21 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f716ce32b51c41b869f3e2325257c5fd04db650d2ff14ee234ec1e7fe54126b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
88633d662d74690a-FRA
content-length
21
/
api.ipify.org/ 		21 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f716ce32b51c41b869f3e2325257c5fd04db650d2ff14ee234ec1e7fe54126b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
88633d674ec7690a-FRA
content-length
21
/
sdk.iad-05.braze.com/api/v3/data/ 		410 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9c627c17e4acc38659c203365473e1a3fc5f5a11b68568e76e2b7327042991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
7d7c7489-0c1f-4807-b955-7f4aaa85b850
x-runtime
0.633619
server
cloudflare
etag
W/"5e9c627c17e4acc38659c203365473e1"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1716112830
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
88633d6c0b652c6f-FRA
x-ratelimit-remaining
498.0
callback
www.elfcosmetics.co.uk/
Redirect Chain
  • https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client...
  • https://www.elfcosmetics.co.uk/callback?usid=8f7383d7-58b4-48e4-b7ac-1734a0ee33c6&code=bLMY7dPwGT3AjY1KJSvIegcW4UBTqflm2zc3TrIv-ZI
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/callback?usid=8f7383d7-58b4-48e4-b7ac-1734a0ee33c6&code=bLMY7dPwGT3AjY1KJSvIegcW4UBTqflm2zc3TrIv-ZI
Protocol
H2
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sun, 19 May 2024 10:00:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 a42739bf13d94f39d25b67e50c531aea.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
x-amz-cf-pop
DFW55-C3
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
e3962cab-e51a-4d97-9482-f5c406ae6806
x-yottaa-optimizations
ob/1000 si/32D1a5fec674-1715874284-5020241884 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
YA0VMFo-CYcEYBA=
content-length
0
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-6649cdba-09690b787a60e6203afb45b9;Parent=7635b0d407ad5aa3;Sampled=0;lineage=dcd1e669:0
content-type
application/json
cache-control
public, max-age=604800
x-yottaa-os
200
x-yottaa-metrics
3221a5fec69a/[216,207,-] 32D1a5fec674/[-,219.131]
x-amzn-remapped-date
Sun, 19 May 2024 10:00:26 GMT
x-amz-cf-id
PyLpwniux8oX68YMF7-fQfrElYLbfIBHDpndVgm0ZxDxmY-gN5TECA==

Redirect headers

date
Sun, 19 May 2024 10:00:26 GMT
x-correlation-id
88633d6b8c261140
via
1.1 a0df19b3a52d309c43956e51d3e15e26.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
DFW55-C3
age
0
x-yottaa-optimizations
ob/0 si/32D1a5fec674-1715874284-5020241882 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-ratelimit-1m-remaining
23650, 1975256
x-ratelimit-1m-reset
33804, 33803
x-ratelimit-1m-limit
24000, 2000000
vary
Accept-Encoding
location
https://www.elfcosmetics.co.uk/callback?usid=8f7383d7-58b4-48e4-b7ac-1734a0ee33c6&code=bLMY7dPwGT3AjY1KJSvIegcW4UBTqflm2zc3TrIv-ZI
cache-control
no-store
x-yottaa-os
303
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.co.uk%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-eu&code_challenge=m_3MEY9QhEp4ObDRfIE67kQuMXpj6NAjdb0rk_tgxJc
x-yottaa-metrics
3221a5fec69b/[134,124,-] 32D1a5fec674/[-,135.969]
cf-ray
88633d6b8c261140-ORD
x-amz-cf-id
AXs_ISHsHIMna2-N0otXJTUXrYysqOvFsS3-LOoRBhXDBehMWkmqUA==
25840211-e69f-428e-bb3b-0787cffdf0e8.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/25840211-e69f-428e-bb3b-0787cffdf0e8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949062629321267f5e4f5d183435ab758ad7898afe2b31dc262b6b164167ffa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
80408
content-md5
FgAuBFiP8zSeAA1ZcGm5bQ==
content-length
1495
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 17:32:15 GMT
server
cloudflare
etag
0x8DADD2FFA203B7A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
41c2cfdd-501e-006f-78e6-1d3370000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88633d68be6930f6-FRA
expires
Mon, 20 May 2024 10:00:25 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept
application/json
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
88633d6a3ec49746-FRA
access-control-allow-headers
Content-Type
init.js
www.elfcosmetics.co.uk/XT4Gy2ig/ 		168 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e99f5ec8faad8d78e033e0be0f16c54eb8fd20c7710333f090d118ce1bd6f7b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:25 GMT
content-encoding
gzip
etag
"2a0bc-pTeY0o9eSMLufg8aziaLA3h5ofc"
active-cdn
Akamai
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
x-yottaa-metrics
32D1a5fec674/[-,18.338]
x-px-hash
N2NhMDc4NjBiMjJmNTE2YWNjNGRkZDNmNWU4ZDNmMTc5OWI1OTEzM2Q0NDc0MGU5YWNkZDQyNmFjODVkZjE5Ng==
x-yottaa-optimizations
ob/0 si/32D1a5fec674-1715874284-5020241881 tts/1716112825894 ti/0 ai/5dbb1b434f1bbf5af87e10a5
js
www.paypal.com/sdk/ 		420 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6bde8eb74a01ac578cafc6a39b41bd793453c3093c9696da2ef20ec442570c69
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-wQIakYQigolCRhRmqNfQYTzJ2kq3T1+kQ/a388uXolmXFylS' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-wQIakYQigolCRhRmqNfQYTzJ2kq3T1+kQ/a388uXolmXFylS' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-wQIakYQigolCRhRmqNfQYTzJ2kq3T1+kQ/a388uXolmXFylS' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-wQIakYQigolCRhRmqNfQYTzJ2kq3T1+kQ/a388uXolmXFylS' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sun, 19 May 2024 10:00:26 GMT
age
4345
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f742624a09e8b
server-timing
"traceparent;desc="00-0000000000000000000f742624a09e8b-d2a56495c0478180-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
118465
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220047-FRA, cache-fra-etou8220047-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f742624a09e8b-cb151ecbe5821c9e-01
x-timer
S1716112826.047111,VS0,VE7
etag
W/"1cec1-d9qmfcctRB/8LMdIvgWKBwIaIHg"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
favicon.ico
www.elfcosmetics.co.uk/ 		34 KB
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:26 GMT
via
1.1 a0df19b3a52d309c43956e51d3e15e26.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
34494
x-amz-cf-pop
DFW55-C3
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
c66e9215-1068-4d1e-af66-06bc8b172eae
x-yottaa-optimizations
ob/0 si/32D1a5fec674-1715874284-5020241883 tts/1701368385513 ti/5dbb1b444f1bbf5af87e110e ai/5dbb1b434f1bbf5af87e10a5 tm/0
x-cache
RefreshHit from cloudfront
x-amz-apigw-id
YAnF9GmTiYcEUQw=
alt-svc
h3=":443"; ma=86400
x-yottaa-forcecache
true
last-modified
Wed, 15 May 2024 19:15:42 GMT
x-amzn-trace-id
Root=1-6649b88c-1171e6a74b059e15238a552a;Parent=614df121e9d210c2;Sampled=0;lineage=dcd1e669:0
etag
W/"86be-18f7dae8b30"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=600, s-maxage=600
x-yottaa-os
200
x-yottaa-metrics
3221a5fec69c/[169,164,-] 32D1a5fec674/[-,171.648]
x-amzn-remapped-date
Sun, 19 May 2024 08:30:04 GMT
x-amz-cf-id
M0buSul3rDREOTYHp1Tf_MOf-JEa5tPJ85KgAVq_EdZkw48leuzrjw==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202211.2.0/ 		383 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uPFqyxtrxGqJsyAvB7RnSg==
age
62189
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
93482
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:45 GMT
server
cloudflare
etag
0x8DADC66BDFA5EC7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a5ea234d-301e-0069-6d88-1700cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88633d6aba0a907c-FRA
en.json
cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/6e10e834-96b1-4572-80d7-3109ba160fd7/ 		73 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/25840211-e69f-428e-bb3b-0787cffdf0e8/6e10e834-96b1-4572-80d7-3109ba160fd7/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71bd66530457656271aa253073fb867cdc9068586f7af54e341667687162909e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
80408
content-md5
FVTe+XzL+4tWjb2VPxjyIQ==
content-length
15363
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 17:32:16 GMT
server
cloudflare
etag
0x8DADD2FFAAA3EC3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
73e8b48e-b01e-0058-5103-24e1dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88633d6b6a4930f6-FRA
expires
Mon, 20 May 2024 10:00:26 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		399 KB
57 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
783dc88ce798c3109de5e3252a40563e2b869fd0bca39fcca532c8bf769fc3d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JNa902dp1MY7y0vogpwBDA==
age
56629
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
58170
x-ms-lease-status
unlocked
last-modified
Sat, 18 May 2024 03:27:16 GMT
server
cloudflare
etag
0x8DC76EA6A98F51F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b77a0c86-a01e-002f-3ed7-a8c053000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88633d6b6a4b30f6-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/202211.2.0/ 		68 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/otTCF.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jNSx0jAViofB7ggqqp6FUQ==
age
57520
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15011
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:44 GMT
server
cloudflare
etag
0x8DADC66BD0C2AD7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e8c255f1-801e-001e-27e6-1dd55b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88633d6b6ac4907c-FRA
local
www.paypal.com/credit-presentment/experiments/ Frame 6891 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1HQlAmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.0&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=GBP&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
20913
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1525
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Sun, 19 May 2024 10:00:26 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-/XBmYFq2K2mWAABWYpJc5MD+NlI"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f5229418a3fa5
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f5229418a3fa5-a7b7854615c1733f-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f5229418a3fa5-9ae438109e78d544-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
4937, 0
x-served-by
cache-fra-etou8220125-FRA, cache-fra-etou8220125-FRA
x-timer
S1716112827.601769,VS0,VE6
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.co.uk&t=xo&v=5.0.437&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
771e9cfbc5003b18e42ae1e3bb6d505ae9eafdea41cea25581876aabb5148246
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+K4/nP0Y23382CGOYEHsM1iBuPca5xbgWlcoRFLWYTkJyhHN' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+K4/nP0Y23382CGOYEHsM1iBuPca5xbgWlcoRFLWYTkJyhHN' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 19 May 2024 10:00:26 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
35404
x-cache
HIT, MISS
paypal-debug-id
f6374059364dc
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4797
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220047-FRA, cache-fra-etou8220047-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f6374059364dc-4dc3f54b64506aa9-01
x-timer
S1716112826.255582,VS0,VE6
etag
W/"3695-cDkq5LPg2TQcZ0iqVxmyQjJUOV4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
otFlat.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vO8A/abKpoPacUrvSk9OSw==
age
48873
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:35 GMT
server
cloudflare
etag
0x8DADC66B7AF38D0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
716fea89-301e-0069-5c71-2200cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88633d6cabcf30f6-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ 		61 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
mBGnk7IXt0USbYmXZQhmOw==
age
50781
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12540
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:37 GMT
server
cloudflare
etag
0x8DADC66B90C98A8
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9d14a6e7-501e-0032-2e08-7c39f4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88633d6cbbdd30f6-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
age
80408
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
58a0ec20-b01e-0058-05af-0be1dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88633d6cbbe230f6-FRA
ts
t.paypal.com/ 		42 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=e.l.f.%20Cosmetics%20UK%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1716112826369&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2F&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 19 May 2024 10:00:26 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
139604a1b41e4
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220037-FRA
pragma
no-cache
correlation-id
139604a1b41e4
traceparent
00-0000000000000000000139604a1b41e4-eccfb2a636808dad-01
x-timer
S1716112827.509944,VS0,VE172
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 10:00:26 GMT
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
515 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
7349
x-ms-lease-status
unlocked
last-modified
Thu, 16 May 2024 19:34:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8489dd22-501e-009b-080e-a8cc51000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88633d6d7d2130f6-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
66387
content-length
4036
x-ms-lease-status
unlocked
last-modified
Thu, 16 May 2024 19:34:07 GMT
server
cloudflare
etag
0x8DC75DF276A1D9D
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
7370c4fd-401e-0048-5a09-a873f4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88633d6d9d0b907c-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 19 May 2024 10:00:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
34947
x-ms-lease-status
unlocked
last-modified
Thu, 16 May 2024 19:34:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b59d8306-901e-0005-0c8d-a8b516000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88633d6d9d0f907c-FRA
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
652570650c8fe
dc
ccg11-origin-www-1.paypal.com
content-length
16355
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (frc/4CA9)
traceparent
00-0000000000000000000652570650c8fe-2d3abea412ca30ab-01
etag
W/"64f25363-daa8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 19 May 2024 11:00:26 GMT
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		540 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
02886fdf19994381b137ab3f21722b060fb16ad1dcc88c84f882b07a1a9a8668

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 May 2024 10:00:26 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
540
brow-laminating-gel-2024-05-IMAGE-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-2_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-2_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-2_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8605432e9c27615d25a6c7b17736cd04246f5e870795f30ee11af997e4e9cd
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:26 GMT
cf-cache-status
HIT
age
6571
x-amp-srv
CF
edge-cache-tag
xVULibPrh,l4p5bDg2e,WbXrjzt4d,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
D-8V6AhaDl
alt-svc
h3=":443"; ma=86400
content-length
41902
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Sun, 19 May 2024 08:10:55 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
88633d6f0ce01947-FRA
x-amp-published
Thu, 16 May 2024 19:11:07 GMT
project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-2_D-min?fmt=auto&w=2460%203x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:205a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d790874f1dd7070e825fb030f5184d25df09ce717cae40f228cbc8a474899269
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:26 GMT
cf-cache-status
HIT
age
60179
x-amp-srv
CF
edge-cache-tag
9KHnohRSt,l4p5bDg2e,1jSdAz_q5,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
Cy-d6mXrq4
alt-svc
h3=":443"; ma=86400
content-length
64250
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Sat, 18 May 2024 17:17:27 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
88633d6f0ce51947-FRA
x-amp-published
Thu, 16 May 2024 20:07:32 GMT
token
www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
800958eddbde833b69c0477b0d0806aae5013c6618bcc78ef42fa6a5acc49dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:27 GMT
content-encoding
gzip
x-correlation-id
88633d706dbe60a7
cf-cache-status
DYNAMIC
via
1.1 ed76ff4369fc06327aa8a7520f693ae2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
DFW55-C3
age
0
x-yottaa-optimizations
ob/1000 si/32D1a5fec674-1715874284-5020241885 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-ratelimit-1m-remaining
23641, 1974545
x-ratelimit-1m-reset
33026, 33025
vary
Accept-Encoding, User-Agent
x-ratelimit-1m-limit
24000, 2000000
content-type
application/json
cache-control
no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics
3221a5fec698/[127,125,-] 32D1a5fec674/[-,129.859]
cf-ray
88633d706dbe60a7-ORD
x-amz-cf-id
jwx6Mnu9kga3spgwOv0GVVM5eisdrWEiFvtFKDxW6HYiuiEtw8gECQ==
index.html
www.paypalobjects.com/muse/analytics/ Frame 6E5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.elfcosmetics.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16754
content-type
text/html
date
Sun, 19 May 2024 10:00:27 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc+gzip"
expires
Sun, 19 May 2024 11:00:27 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
9f1e6e35fc9fd
server
ECAcc (frc/4CBF)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000009f1e6e35fc9fd-6e646ea1483e158f-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		59 B
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ed64ba1a0f1af7b481c5ae8ea4124175048757a70b7e2defa1038edf0c8cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://www.elfcosmetics.co.uk/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
184178e7-2ab6-402c-9430-4def7b21ba27
x-runtime
0.040295
server
cloudflare
etag
W/"56ed64ba1a0f1af7b481c5ae8ea41241"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1716112830
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
88633d730abd2c6f-FRA
x-ratelimit-remaining
498.0
sessions
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/sessions
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjhmNzM4M2Q3LTU4YjQtNDhlNC1iN2FjLTE3MzRhMGVlMzNjNiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTYxMTI3OTYsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibWV3MWtYRVh4YkFSbHJGR2xhWVltZXNZOjpjaGlkOiAiLCJleHAiOjE3MTYxMTQ2MjYsImlhdCI6MTcxNjExMjgyNiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzOTA2NTA0MzA3MzMxOTQ0In0.YQbQnkoA9sS1CjbepN7AZMnykejfoa13tiwFDyc1ImR3bfmq1OjHsNt5nqRXmo70pzOwVBJdIUuZ-YV61cQQzg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:27 GMT
via
1.1 d97dd7c0e5494b112a00ed17f5ede034.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
DFW55-C3
age
0
x-yottaa-optimizations
ob/0 si/32D1a5fec674-1715874284-5020241886 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
no-cache
allow
OPTIONS,POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
3221a5fec66f/[153,151,-] 32D1a5fec674/[-,155.835]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/sessions
accept-ranges
bytes
cf-ray
88633d728fb3e266-ORD
x-dw-request-base-id
HVqfjrvNSWYBAAB_
x-amz-cf-id
SyXt_imw0c-1MPHA_qk0n7J9PNTd_KTMOaDY_VqwmBewaeOYceIX1g==
x-yottaa-os
204
expires
Thu, 01 Dec 1994 16:00:00 GMT
shoppercontext
www.elfcosmetics.co.uk/api/v1/ 		57 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/api/v1/shoppercontext?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjhmNzM4M2Q3LTU4YjQtNDhlNC1iN2FjLTE3MzRhMGVlMzNjNiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTYxMTI3OTYsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibWV3MWtYRVh4YkFSbHJGR2xhWVltZXNZOjpjaGlkOiAiLCJleHAiOjE3MTYxMTQ2MjYsImlhdCI6MTcxNjExMjgyNiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzOTA2NTA0MzA3MzMxOTQ0In0.YQbQnkoA9sS1CjbepN7AZMnykejfoa13tiwFDyc1ImR3bfmq1OjHsNt5nqRXmo70pzOwVBJdIUuZ-YV61cQQzg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.elfcosmetics.co.uk/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
57
content-encoding
gzip
x-amz-cf-pop
DFW55-C3
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
53be9f81-4069-4864-877c-4c683f25df11
x-yottaa-optimizations
ob/1000 si/32D1a5fec674-1715874284-5020241887 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
YA0VTFGyCYcEnjg=
content-length
79
alt-svc
h3=":443"; ma=86400
etag
W/"39-LgPw152VfElAKHYfDt/MyAcU00g"
x-amzn-trace-id
Root=1-6649cdbb-2c1694b63e4f92f26e460d71;Parent=605d8cb6f18ad920;Sampled=0;lineage=dcd1e669:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
3221a5fec670/[785,782,-] 32D1a5fec674/[-,787.649]
x-amzn-remapped-date
Sun, 19 May 2024 10:00:27 GMT
x-amz-cf-id
Feo5QiQED8HcL5g3C_9C_snrn_7-d9Les0cRj9DCAt8YnJwaGV_O-g==
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		59 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ed64ba1a0f1af7b481c5ae8ea4124175048757a70b7e2defa1038edf0c8cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key
ee22cddf-904f-484e-a004-0181ff9a3268
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://www.elfcosmetics.co.uk/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
6e91bbd2-b3f7-4997-8492-716376462ffd
x-runtime
0.028412
server
cloudflare
etag
W/"56ed64ba1a0f1af7b481c5ae8ea41241"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1716112830
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
88633d730ac72c6f-FRA
x-ratelimit-remaining
499.0
(81765,300195,200078,200032,300231,82998,82999,300233,200180,200116)
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/products/ 		373 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/products/(81765,300195,200078,200032,300231,82998,82999,300233,200180,200116)?siteId=elf-eu&locale=en-GB&currency=GBP&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
80d7d34518087478f0bc00c2c6b43b8cd3dc0c649156e4857d7ecb7a6d57f430
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
cache-control
no-cache
Referer
https://www.elfcosmetics.co.uk/
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
via
1.1 fe3f0738f5b144e9fc81f1190a79be68.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW55-C3
x-yottaa-optimizations
ob/1000 si/32D1a5fec674-1715874284-5020241888 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 19 May 2024 10:00:28 GMT
allow
GET,HEAD,OPTIONS
vary
accept-encoding
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/products/(81765,300195,200078,200032,300231,82998,82999,300233,200180,200116)?siteId=elf-eu&locale=en-GB&currency=GBP&expand=availability%2Cbundled_products%2Clinks%2Cpromotions%2Coptions%2Cimages%2Cprices%2Cvariations%2Cset_products%2Crecommendations&all_images=true&perPricebook=true
x-yottaa-metrics
3221a5fec666/[964,962,-] 32D1a5fec674/[-,966.744]
cf-ray
88633d741b3be28b-ORD
x-dw-request-base-id
qbDU1LvNSWYBAAB_
x-amz-cf-id
YMvXiOvql2tbNXTK27uSJNTWiZFfbbi8rTk5Qmf573WiF9SGgYTDlQ==
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.116
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:27 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 7fb28cccfe42cca0947965d69da2de0c.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW55-C3
x-yottaa-optimizations
ob/1000 si/32D1a5fec674-1715874284-5020241890 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.116
x-yottaa-metrics
3221a5fec665/[272,269,-] 32D1a5fec674/[-,274.217]
cf-ray
88633d742e5e2d4c-ORD
x-dw-request-base-id
DRAn_7vNSWYBAAB_
x-amz-cf-id
4G49VeeatUaE9u5e6zivPB95F2Gg_xZVeMAjvTN7Svpom8WqViE1nQ==
geo-ip
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/ 		179 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.116
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 335be4c38e25578d3eb2fedeec98bd06.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW55-C3
x-yottaa-optimizations
ob/1000 si/32D1a5fec674-1715874284-5020241891 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.116
x-yottaa-metrics
3221a5fec663/[287,282,-] 32D1a5fec674/[-,290.187]
cf-ray
88633d7759d0023b-ORD
x-dw-request-base-id
qbDl1LzNSWYBAAB_
x-amz-cf-id
8bemYINs8apy5M-7dCbsX0DEdSdq9O_9J7qWOSg2yM0-0LPBhWjuCg==
baskets
www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abmew1kXEXxbARlrFGlaYYmesY/ 		11 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abmew1kXEXxbARlrFGlaYYmesY/baskets?siteId=elf-eu
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjhmNzM4M2Q3LTU4YjQtNDhlNC1iN2FjLTE3MzRhMGVlMzNjNiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTYxMTI3OTYsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibWV3MWtYRVh4YkFSbHJGR2xhWVltZXNZOjpjaGlkOiAiLCJleHAiOjE3MTYxMTQ2MjYsImlhdCI6MTcxNjExMjgyNiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzOTA2NTA0MzA3MzMxOTQ0In0.YQbQnkoA9sS1CjbepN7AZMnykejfoa13tiwFDyc1ImR3bfmq1OjHsNt5nqRXmo70pzOwVBJdIUuZ-YV61cQQzg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:27 GMT
sfdc_customization
HOOK
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
88633d743ff16384
x-content-type-options
nosniff
via
1.1 335be4c38e25578d3eb2fedeec98bd06.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW55-C3
x-yottaa-optimizations
ob/1000 si/32D1a5fec674-1715874284-5020241889 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
content-length
37
allow
GET,HEAD,OPTIONS
x-ratelimit-remaining
999
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
sfdc_load
2
cache-control
max-age=0,no-cache,no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abmew1kXEXxbARlrFGlaYYmesY/baskets?siteId=elf-eu
x-ratelimit-limit
99999
accept-ranges
bytes
cf-ray
88633d743ff16384-ORD
x-amz-cf-id
tysd0RTF_bNPAIyNVCIgq8eUaPDBb4CWuL_G0r1bpxe77VIw8Kt4sA==
x-yottaa-metrics
3221a5fec664/[217,208,-] 32D1a5fec674/[-,219.760]
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ 		98 B
519 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/main.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.111.171 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
27770eda84eae60bae73cf8bc03133e3cadbf6d622ec2497ee889010e43628b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-cq-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.elfcosmetics.co.uk/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:27 GMT
strict-transport-security
max-age=15552000; includeSubdomains
server
envoy
etag
W/"62-TWSVDWvH5K6Z5MO1qjfl+8eVojA"
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
content-length
98
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
88633d71a93a2c6f-FRA
content-encoding
gzip
date
Sun, 19 May 2024 10:00:27 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
88633d71b94b2c6f-FRA
content-encoding
gzip
date
Sun, 19 May 2024 10:00:27 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
viewPage
api.cquotient.com/v3/activities/bbxc-elf-eu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cquotient.com/v3/activities/bbxc-elf-eu/viewPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.111.171 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cq-client-id
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type, x-cq-tenant, x-cq-client-id
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.co.uk
content-length
0
date
Sun, 19 May 2024 10:00:27 GMT
server
envoy
strict-transport-security
max-age=15552000; includeSubdomains
x-envoy-upstream-service-time
1
ts
t.paypal.com/ 		42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=95c92811-df2a-4f29-8e3f-9af8b4e63cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=e.l.f.%20Cosmetics%20UK%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1716112827901&g=-120&completeurl=https%3A%2F%2Fwww.elfcosmetics.co.uk%2F&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 19 May 2024 10:00:28 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
9611e0da6a6c0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220037-FRA
pragma
no-cache
correlation-id
9611e0da6a6c0
traceparent
00-00000000000000000009611e0da6a6c0-e8af3d515508a2d1-01
x-timer
S1716112828.923757,VS0,VE173
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 10:00:28 GMT
collector
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 		600 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/XT4Gy2ig/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1569983c9add3a3e58f044dbf2a7cee3f63596eb712ef7c0fd20080f247019c6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 May 2024 10:00:27 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
baskets
www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/ocapi/s/elf-eu/dw/shop/v21_3/baskets
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
45d285a7144d926836ca5136ad6a288e8458397d7f604cd79060241feb70f161
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjhmNzM4M2Q3LTU4YjQtNDhlNC1iN2FjLTE3MzRhMGVlMzNjNiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTYxMTI3OTYsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibWV3MWtYRVh4YkFSbHJGR2xhWVltZXNZOjpjaGlkOiAiLCJleHAiOjE3MTYxMTQ2MjYsImlhdCI6MTcxNjExMjgyNiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzOTA2NTA0MzA3MzMxOTQ0In0.YQbQnkoA9sS1CjbepN7AZMnykejfoa13tiwFDyc1ImR3bfmq1OjHsNt5nqRXmo70pzOwVBJdIUuZ-YV61cQQzg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
sfdc_customization
HOOK
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 d47bfce74ac0ba73e842bed313cc9e16.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW55-C3
age
0
x-yottaa-optimizations
ob/1000 si/32D1a5fec674-1715874284-5020241892 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
content-encoding
gzip
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
986
pragma
no-cache
etag
02adec9cdedb3d7a2d374f7c244f3b2d7ecfb75101bf182ad80bea28e4b26343
allow
OPTIONS,POST
content-type
application/json;charset=UTF-8
x-dw-resource-state
02adec9cdedb3d7a2d374f7c244f3b2d7ecfb75101bf182ad80bea28e4b26343
access-control-allow-origin
https://www.elfcosmetics.co.uk
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
3221a5fec662/[169,167,-] 32D1a5fec674/[-,172.245]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-eu-prd.elfcosmetics.co.uk/s/elf-eu/dw/shop/v21_3/baskets
accept-ranges
bytes
cf-ray
88633d779fa72d4c-ORD
x-dw-request-base-id
DRBA_7zNSWYBAAB_
x-amz-cf-id
jkWMgAaLD-brh0mBLNYy5Io12Rw8fJKs73PFurERxrR8rA2wI6mBwA==
x-yottaa-os
200
expires
Thu, 01 Dec 1994 16:00:00 GMT
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/11256/static/img/flag-icons/ 		717 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/11256/static/img/flag-icons/gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
via
1.1 4ca4c23d11f4dd31218362d2f4b766fc.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DFW55-C3
age
312227
x-yottaa-optimizations
ob/1001 si/32D1a5fec674-1715701421-7965768289 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
754923
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
11256
x-yottaa-forcecache
true
last-modified
Wed, 15 May 2024 19:15:48 GMT
etag
"f36f8f691c5607bb3170e83ef921dc03"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
3221a5fec66f/[8,4,-] 32D1a5fec674/[hit]
x-amz-cf-id
fj88vh3OwQWAE6dIQWVtE_79xPtr3_uc5mAW90B9xSYFUTolyrlAyQ==
NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
x-amz-version-id
null
cf-cache-status
HIT
age
71631
x-amz-server-side-encryption
AES256
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
content-length
5378
last-modified
Sat, 18 May 2024 14:06:23 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
88633d7c0b3d58e4-TXL
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
age
14060
x-amz-server-side-encryption
AES256
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 18 May 2024 19:45:58 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
cf-ray
88633d7c0b4358e4-TXL
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
icon-noun-drop-1235517%201
elfcosmetics.a.bigcontent.io/v1/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517%201?%24Desktop%24=&fmt=auto%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.145.183 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f366287eaa5627dc7ee48d1fcb79d20bceae8238ee2f1dd772f059685fe9c799

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
age
71349
x-amz-server-side-encryption
AES256
x-amp-cf-worker
true
edge-control
max-age=86400
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 May 2024 19:36:55 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=1800
cf-ray
88633d7c0b4658e4-TXL
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
brow-laminating-gel-2024-05-IMAGE-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-3_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-3_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/brow-laminating-gel-2024-05-IMAGE-3_D-min?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.166 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
944ef702f74c848d4f7c3f732c49020fa7c97f249c41fa52cfacc0f7c08bdb81
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
cf-cache-status
HIT
age
81340
x-amp-srv
CF
edge-cache-tag
JmVESxuAx,l4p5bDg2e,RXQrFclTW,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
_BJvGdiib4
alt-svc
h3=":443"; ma=86400
content-length
24526
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Sat, 18 May 2024 11:24:48 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
88633d7afaa33572-WAW
x-amp-published
Thu, 16 May 2024 19:11:07 GMT
project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/project-juicy-products-beauty-squad-no-vault-2024-05-IMAGE-3_D-min?fmt=auto&w=2460%203x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.166 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3112e5c63e9d51b903fd0531e92020dcbe8a03ffe1fdadeb77627fe4868771fc
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
cf-cache-status
HIT
age
81340
x-amp-srv
CF
edge-cache-tag
DmVeT95Ho,l4p5bDg2e,oYd3ZsbSY,WepA0szpz
x-amp-cf-worker
true
edge-control
max-age=86400
x-req-id
KVGQFzCx7K
alt-svc
h3=":443"; ma=86400
content-length
37925
x-xss-protection
1; mode=block
x-amp-source-height
1040
last-modified
Sat, 18 May 2024 11:24:48 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
x-amp-source-width
1440
cache-control
s-maxage=86400, max-age=1800
accept-ranges
bytes
cf-ray
88633d7afaaa3572-WAW
x-amp-published
Thu, 16 May 2024 20:07:32 GMT
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/11256/static/img/flag-icons/ 		717 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/11256/static/img/flag-icons/gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
via
1.1 4ca4c23d11f4dd31218362d2f4b766fc.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DFW55-C3
age
312227
x-yottaa-optimizations
ob/1001 si/32D1a5fec674-1715701421-7965768289 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
754923
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
11256
x-yottaa-forcecache
true
last-modified
Wed, 15 May 2024 19:15:48 GMT
etag
"f36f8f691c5607bb3170e83ef921dc03"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
3221a5fec66f/[8,4,-] 32D1a5fec674/[hit]
x-amz-cf-id
fj88vh3OwQWAE6dIQWVtE_79xPtr3_uc5mAW90B9xSYFUTolyrlAyQ==
script-tag.js
cdn-scripts.signifyd.com/api/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.13 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:59:14 GMT
content-encoding
gzip
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
last-modified
Tue, 23 Apr 2024 14:51:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
76
x-amz-server-side-encryption
AES256
etag
W/"73ca6f23f3e08738233832c7a7a0c30c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
r5xlonIUSpWVr3fEPtfXTWnQE5fLLTwrUpQ_PuPeI7a_DLdPL31-Cg==
promotions
www.elfcosmetics.co.uk/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.co.uk/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-eu&ids=2024-05-gwp-%C2%A335&locale=en-GB
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI4YzhjYTI4OC1mMWE2LTRmMDktYjI2OS0wNWQyZWViZmRmMDEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjhmNzM4M2Q3LTU4YjQtNDhlNC1iN2FjLTE3MzRhMGVlMzNjNiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3MTYxMTI3OTYsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFibWV3MWtYRVh4YkFSbHJGR2xhWVltZXNZOjpjaGlkOiAiLCJleHAiOjE3MTYxMTQ2MjYsImlhdCI6MTcxNjExMjgyNiwianRpIjoiQzJDMTk1MTY2MTE4NjAtNDI0NjM3OTAzOTA2NTA0MzA3MzMxOTQ0In0.YQbQnkoA9sS1CjbepN7AZMnykejfoa13tiwFDyc1ImR3bfmq1OjHsNt5nqRXmo70pzOwVBJdIUuZ-YV61cQQzg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
c_x-pwa-request
true
Referer
https://www.elfcosmetics.co.uk/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:29 GMT
content-encoding
gzip
dnt
0
cf-cache-status
DYNAMIC
x-correlation-id
88633d7f0f2a1050
x-content-type-options
nosniff
via
1.1 fe3f0738f5b144e9fc81f1190a79be68.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW55-C3
x-yottaa-optimizations
ob/1000 si/32D1a5fec674-1715874284-5020241894 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Miss from cloudfront
age
0
alt-svc
h3=":443"; ma=86400
allow
GET,HEAD,OPTIONS
vary
accept-encoding
content-type
application/json;charset=UTF-8
x-ratelimit-remaining
999
sfdc_load
2
cache-control
private,max-age=44
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-eu&ids=2024-05-gwp-%C2%A335&locale=en-GB
x-ratelimit-limit
99999
accept-ranges
bytes
cf-ray
88633d7f0f2a1050-ORD
x-amz-cf-id
uMfxG-DSWgtKnRbNr6Rxqx_TUK6G4yMdc5gvEVHKMlgwxtKMHl7Bkg==
x-yottaa-metrics
3221a5fec661/[150,142,-] 32D1a5fec674/[-,152.542]
company_toolkit.js
cdn-scripts.signifyd.com/api/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by
Host: www.elfcosmetics.co.uk
URL: https://www.elfcosmetics.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.13 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:36:32 GMT
content-encoding
gzip
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
last-modified
Tue, 30 May 2023 10:18:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
1438
x-amz-server-side-encryption
AES256
etag
W/"2c3950f122b3977df61b0e077aaa92c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
y6wwN8UoaC6hq0BrhASxBtSHHxvbvXeEr66y_XP9zje7C4nDt2Lv4w==
gb.svg
www.elfcosmetics.co.uk/mobify/bundle/11256/static/img/flag-icons/ 		717 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.co.uk/mobify/bundle/11256/static/img/flag-icons/gb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.198.116 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.elfcosmetics.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 10:00:28 GMT
via
1.1 4ca4c23d11f4dd31218362d2f4b766fc.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DFW55-C3
age
312227
x-yottaa-optimizations
ob/1001 si/32D1a5fec674-1715701421-7965768289 tts/1701368386279 ti/5dbb1b444f1bbf5af87e1179 ai/5dbb1b444f1bbf5af87e1113 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
754923
alt-svc
h3=":443"; ma=86400
content-length
431
x-amz-meta-bundle
11256
x-yottaa-forcecache
true
last-modified
Wed, 15 May 2024 19:15:48 GMT
etag
"f36f8f691c5607bb3170e83ef921dc03"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
3221a5fec66f/[8,4,-] 32D1a5fec674/[hit]
x-amz-cf-id
fj88vh3OwQWAE6dIQWVtE_79xPtr3_uc5mAW90B9xSYFUTolyrlAyQ==
eiua6t99sfohvskl.js
imgs.signifyd.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/
Domain
imgs.signifyd.com
URL
https://imgs.signifyd.com/eiua6t99sfohvskl.js?4qbvemklopn1zwiz=w2txo5aa&xz6izdimkge9zvvk=LzVlNTA3NzhhNzJiOGM3MzRjYWZmZGQzZTk5

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_host string| _pxAppId function| yo_loader object| content object| __LOADABLE_LOADED_CHUNKS__ function| _ object| regeneratorRuntime function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive boolean| __HYDRATING__ object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otSPAPathChange boolean| otIsInitialized function| OptanonWrapper object| DYcustom object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| __tcfapi object| otStubData object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs object| otTCF object| otIabModule object| Optanon object| OneTrust object| paypalDDL string| PaypalOffersObject function| ppq boolean| otLastAcceptAllValue object| PXXT4Gy2ig object| PX undefined| _XT4Gy2ighandler

6 Cookies

Domain/Path Name / Value
elfcosmetics.co.uk/ Name: dwsid
Value: cs28LfkDmtDFVKSnBnh_LnFHyQ653eig56V85Sa4Fm1Rbqz-E9ZnXGy39axxyhw45KPXj5A2P9uO0RewFw4Eug==
www.elfcosmetics.co.uk/ Name: _pxhd
Value: oZInAe7xbwRqmrBr9Xw-1wpaaAQ8iGn6mXyeUInlROyUoeSo9fbbMI4BzvQTRf/IjdUipJL3/ZXh54zqGsTGvg==:3b-sovvua7dc1JrmuEqnrz5aogQt1PACfL25PpJUTnfal7INWze-6fbjp4wXwWv/lhyDmDWkiW4Zvz9dd7in2LioExjG6vVXi-urbp6Ha6w=
www.elfcosmetics.co.uk/ Name: initAuthComplete
Value: true
.elfcosmetics.co.uk/ Name: ab.storage.sessionId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: %7B%22g%22%3A%22a04d1100-8671-8a3f-bfb5-d133a0a6c932%22%2C%22e%22%3A1716114625182%2C%22c%22%3A1716112825183%2C%22l%22%3A1716112825183%7D
.elfcosmetics.co.uk/ Name: ab.storage.deviceId.ee22cddf-904f-484e-a004-0181ff9a3268
Value: %7B%22g%22%3A%22b2e0f15b-60b4-1ee5-4bfc-6f33f978f7a4%22%2C%22c%22%3A1716112825186%2C%22l%22%3A1716112825186%7D
.elfcosmetics.co.uk/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sun+May+19+2024+12%3A00%3A26+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202211.2.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.elfcosmetics.co.uk%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2CSTACK42%3A0

11 Console Messages

Source Level URL
Text
security error URL: https://www.elfcosmetics.co.uk/(Line 379)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/(Line 379)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/. Domains, protocols and ports must match.
security error URL: https://www.elfcosmetics.co.uk/(Line 379)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/ from frame with URL https://www.elfcosmetics.co.uk/. Domains, protocols and ports must match.
javascript error URL: https://www.elfcosmetics.co.uk/
Message:
Access to image at 'https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=o_' from origin 'https://www.elfcosmetics.co.uk' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=o_
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_(Line 1)
Message:
Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other warning URL: https://cdn-fsly.yottaa.net/5dbb1b434f1bbf5af87e10a5/www.elfcosmetics.co.uk/v~4b.6c/mobify/bundle/11256/vendor.js?yocs=o_q_(Line 1)
Message:
Dropped srcset candidate "https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-drop-1235517"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cquotient.com
api.ipify.org
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.media.amplience.net
collector-pxxt4gy2ig.px-cloud.net
elfcosmetics.a.bigcontent.io
elfcosmetics.co.uk
geolocation.onetrust.com
imgs.signifyd.com
link.elfcosmetics.co.uk
sdk.iad-05.braze.com
t.paypal.com
www.elfcosmetics.co.uk
www.paypal.com
www.paypalobjects.com
cdn-fsly.yottaa.net
imgs.signifyd.com
104.17.247.187
108.138.26.13
151.101.193.21
151.101.65.21
151.101.65.35
151.101.66.133
165.254.198.116
172.64.145.183
172.64.155.166
172.67.74.152
192.229.221.25
2606:4700:4400::6812:205a
2606:4700:4400::6812:226c
2606:4700:4400::6812:25a1
2606:4700:4400::ac40:9b77
2606:4700::6813:b134
3.222.82.214
34.252.111.171
35.190.10.96
02886fdf19994381b137ab3f21722b060fb16ad1dcc88c84f882b07a1a9a8668
05d6a1f5cbdc45af1b0a63a615135dc1065f22f611517e428ed6ec64bddbef88
10b0a8089c1cea1328c2b06cb238c94036614502d91aec1e98309c560b3d316a
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
1569983c9add3a3e58f044dbf2a7cee3f63596eb712ef7c0fd20080f247019c6
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
27770eda84eae60bae73cf8bc03133e3cadbf6d622ec2497ee889010e43628b0
3112e5c63e9d51b903fd0531e92020dcbe8a03ffe1fdadeb77627fe4868771fc
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
45d285a7144d926836ca5136ad6a288e8458397d7f604cd79060241feb70f161
48da61030dc7ada6d202c7c6229b40b5f7ba9f6b4246af7399de53a26396ad1e
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
556439ae99de9152826ea7a09b6a485315e1a783563542df48051122040576ac
56ed64ba1a0f1af7b481c5ae8ea4124175048757a70b7e2defa1038edf0c8cf1
5e9c627c17e4acc38659c203365473e1a3fc5f5a11b68568e76e2b7327042991
5f716ce32b51c41b869f3e2325257c5fd04db650d2ff14ee234ec1e7fe54126b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60bcf01d04394617737446dc979e69c27ed9d8707decce34b5986d9be29a2d7d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
6bde8eb74a01ac578cafc6a39b41bd793453c3093c9696da2ef20ec442570c69
6c10b21f86019422fa9555d9b0b9b6768bf7549730880571e057800a3068724e
6d4040c70033d1b909ef1133deddc8d454e05467be6975afa26ac324e1fadea7
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
71bd66530457656271aa253073fb867cdc9068586f7af54e341667687162909e
74bc368a94a16811a997a1900fc024921f111f08e584af39a0483598c7a764e3
771e9cfbc5003b18e42ae1e3bb6d505ae9eafdea41cea25581876aabb5148246
783dc88ce798c3109de5e3252a40563e2b869fd0bca39fcca532c8bf769fc3d6
7b8605432e9c27615d25a6c7b17736cd04246f5e870795f30ee11af997e4e9cd
800958eddbde833b69c0477b0d0806aae5013c6618bcc78ef42fa6a5acc49dc3
80d7d34518087478f0bc00c2c6b43b8cd3dc0c649156e4857d7ecb7a6d57f430
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
944ef702f74c848d4f7c3f732c49020fa7c97f249c41fa52cfacc0f7c08bdb81
949062629321267f5e4f5d183435ab758ad7898afe2b31dc262b6b164167ffa0
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a6cbc4c9c0b39f6d4edd8d4db4e73971e23c1e4b8b9b6ddd5956164b87fd3ebc
b2e0bde8a120edcd0e126c139ff4c62dc420e43a86bb9e22c92044fdda3fc3ef
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c04c2a9e91f5c91967c8716f3d885af6beb95566f26fc386a2f74a9cebdbc616
d790874f1dd7070e825fb030f5184d25df09ce717cae40f228cbc8a474899269
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
e2719add3a6d6e8d76615ef6e4e221fdfe6075829578559adf1ca76bca25db43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99f5ec8faad8d78e033e0be0f16c54eb8fd20c7710333f090d118ce1bd6f7b4
f366287eaa5627dc7ee48d1fcb79d20bceae8238ee2f1dd772f059685fe9c799