URL: https://fr.cosmetiks.net/
Submission: On November 03 via api from US — Scanned from US

Summary

This website contacted 44 IPs in 6 countries across 36 domains to perform 138 HTTP transactions. The main IP is 172.67.223.137, located in United States and belongs to CLOUDFLARENET, US. The main domain is fr.cosmetiks.net.
TLS certificate: Issued by WE1 on October 18th 2024. Valid for: 3 months.
This is the only time fr.cosmetiks.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 172.67.223.137 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
7 209.85.201.155 15169 (GOOGLE)
1 172.67.194.199 13335 (CLOUDFLAR...)
7 141.94.102.46 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
7 173.194.205.155 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 138.199.8.196 60068 (CDN77 _)
10 172.253.63.100 15169 (GOOGLE)
1 208.115.237.110 46475 (LIMESTONE...)
1 3 148.251.40.147 24940 (HETZNER-AS)
1 35.241.45.217 15169 (GOOGLE)
1 2 34.102.243.38 396982 (GOOGLE-CL...)
1 2 2620:100:a00b... 19750 (AS-CRITEO)
2 74.119.117.17 19750 (AS-CRITEO)
3 162.19.138.118 16276 (OVH)
1 18.210.47.92 14618 (AMAZON-AES)
3 172.64.151.101 13335 (CLOUDFLAR...)
2 147.28.129.140 54825 (PACKET)
6 3.222.142.212 14618 (AMAZON-AES)
4 8.2.110.27 46636 (NATCOWEB)
3 195.244.31.11 63140 (IGUANA-WO...)
1 69.173.146.20 26667 (RUBICONPR...)
3 2602:803:c002... 26667 (RUBICONPR...)
2 68.67.160.137 29990 (ASN-APPNEX)
2 51.222.39.184 16276 (OVH)
4 18.207.157.141 14618 (AMAZON-AES)
2 185.184.8.90 204995 (RTB-HOUSE...)
2 207.65.37.179 62713 (AS-PUBMATIC)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
5 64.31.34.110 46475 (LIMESTONE...)
1 37.157.6.243 198622 (ADFORM)
5 15.204.189.240 16276 (OVH)
5 3.213.173.108 14618 (AMAZON-AES)
1 2 2600:1f18:612... ()
2 51.161.15.30 ()
1 2620:100:a00b::9 ()
1 185.167.164.52 ()
138 44
Apex Domain
Subdomains
Transfer
14 google.com
apis.google.com — Cisco Umbrella Rank: 123
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
151 KB
13 sunmedia.tv
static.sunmedia.tv — Cisco Umbrella Rank: 22917
services.sunmedia.tv — Cisco Umbrella Rank: 58827
track.sunmedia.tv — Cisco Umbrella Rank: 53680
creatives.sunmedia.tv
283 KB
13 cosmetiks.net
fr.cosmetiks.net
115 KB
9 richaudience.com
s.richaudience.com — Cisco Umbrella Rank: 10423
sync.richaudience.com — Cisco Umbrella Rank: 1514
shb.richaudience.com — Cisco Umbrella Rank: 4477
3 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
298 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 774
2 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 734
1 KB
5 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1960
9 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
mug.criteo.com — Cisco Umbrella Rank: 3626
grid-bidder.criteo.com
2 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 955
3 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 873
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
2 KB
4 admanmedia.com
pub.admanmedia.com — Cisco Umbrella Rank: 56975
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
3 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 4724
431 B
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4000
1 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
1 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
72 KB
2 tremorhub.com
cpu32-zs9v8.ads.tremorhub.com Failed
993 B
2 adform.net
adx.adform.net — Cisco Umbrella Rank: 6462
adx2.adform.net
1 KB
2 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 480
171 B
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 8337
357 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
825 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 267
3 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 777
2 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
2 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 2160
feed.pghub.io — Cisco Umbrella Rank: 2507
6 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917
288 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2543
831 B
1 tapad.com
pandg.tapad.com — Cisco Umbrella Rank: 2871
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
1 thermomagazine.net
recetas.thermomagazine.net
82 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
96 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
30 KB
0 sascdn.com Failed
ced.sascdn.com Failed
0 beauteblogchic.com Failed
beauteblogchic.com Failed
138 36
Domain Requested by
13 fr.cosmetiks.net fr.cosmetiks.net
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
7 static.sunmedia.tv fr.cosmetiks.net
static.sunmedia.tv
7 pagead2.googlesyndication.com fr.cosmetiks.net
pagead2.googlesyndication.com
6 ap.lijit.com static.sunmedia.tv
5 ad.360yield.com static.sunmedia.tv
5 prg.smartadserver.com static.sunmedia.tv
5 shb.richaudience.com static.sunmedia.tv
4 btlr.sharethrough.com static.sunmedia.tv
4 pub.admanmedia.com static.sunmedia.tv
4 fonts.googleapis.com fr.cosmetiks.net
client
3 prebid.smilewanted.com static.sunmedia.tv
3 fastlane.rubiconproject.com static.sunmedia.tv
3 hb-api.omnitagjs.com static.sunmedia.tv
3 htlb.casalemedia.com static.sunmedia.tv
3 sync.richaudience.com 1 redirects fr.cosmetiks.net
sync.richaudience.com
3 track.sunmedia.tv fr.cosmetiks.net
3 cdn.jsdelivr.net fr.cosmetiks.net
2 creatives.sunmedia.tv static.sunmedia.tv
2 cpu32-zs9v8.ads.tremorhub.com static.sunmedia.tv
2 hbopenbid.pubmatic.com static.sunmedia.tv
2 prebid-eu.creativecdn.com static.sunmedia.tv
2 onetag-sys.com static.sunmedia.tv
2 ib.adnxs.com static.sunmedia.tv
2 prebid.a-mo.net static.sunmedia.tv
2 id5-sync.com static.sunmedia.tv
2 mug.criteo.com fr.cosmetiks.net
2 gum.criteo.com 1 redirects
2 apis.google.com fr.cosmetiks.net
apis.google.com
1 adx2.adform.net static.sunmedia.tv
1 grid-bidder.criteo.com static.sunmedia.tv
1 lb.eu-1-id5-sync.com static.sunmedia.tv
1 adx.adform.net static.sunmedia.tv
1 prebid-server.rubiconproject.com static.sunmedia.tv
1 id.crwdcntrl.net static.sunmedia.tv
1 pandg.tapad.com pghub.io
1 feed.pghub.io 1 redirects
1 pghub.io fr.cosmetiks.net
1 s.richaudience.com static.sunmedia.tv
1 services.sunmedia.tv static.sunmedia.tv
1 www.google-analytics.com www.googletagmanager.com
1 recetas.thermomagazine.net fr.cosmetiks.net
1 www.googletagmanager.com fr.cosmetiks.net
1 code.jquery.com fr.cosmetiks.net
0 ced.sascdn.com Failed static.sunmedia.tv
0 beauteblogchic.com Failed fr.cosmetiks.net
138 47

This site contains no links.

Subject Issuer Validity Valid
cosmetiks.net
WE1
2024-10-18 -
2025-01-16
3 months crt.sh
*.apis.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA
2024-05-04 -
2025-05-04
a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
thermomagazine.net
WE1
2024-10-18 -
2025-01-16
3 months crt.sh
sunmedia.tv
E6
2024-10-13 -
2025-01-11
3 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.richaudience.com
RapidSSL TLS RSA CA G1
2024-02-14 -
2025-02-25
a year crt.sh
pghub.io
WR3
2024-10-30 -
2025-01-28
3 months crt.sh
pandg.tapad.com
WR3
2024-10-20 -
2025-01-18
3 months crt.sh
*.id5-sync.com
E5
2024-09-01 -
2024-11-30
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2024-09-07 -
2025-10-07
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-25
3 months crt.sh
casalemedia.com
E6
2024-10-13 -
2025-01-11
3 months crt.sh
*.a-mo.net
R10
2024-11-01 -
2025-01-30
3 months crt.sh
*.lijit.com
Amazon RSA 2048 M03
2024-02-11 -
2025-03-12
a year crt.sh
*.admanmedia.com
Sectigo RSA Domain Validation Secure Server CA
2024-05-15 -
2025-05-15
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-02 -
2025-08-01
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-23 -
2025-01-29
a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-07-15 -
2025-08-15
a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2024-04-05 -
2025-04-30
a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-19 -
2025-04-19
a year crt.sh
smilewanted.com
WE1
2024-10-10 -
2025-01-08
3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-03 -
2025-09-24
a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.360yield.com
Amazon RSA 2048 M02
2024-06-15 -
2025-07-14
a year crt.sh
*.eu-1-id5-sync.com
R10
2024-09-01 -
2024-11-30
3 months crt.sh

This page contains 13 frames:

Primary Page: https://fr.cosmetiks.net/
Frame ID: 13587A536014536108AD1BA90CDC0173
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 4896297AE1E3B6EB5B3F778038029560
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8818833347061898&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730640695&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Ffr.cosmetiks.net%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730640695177&bpp=8&bdt=627&idt=201&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4613024746631&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344190%2C95345789%2C95345962&oid=2&pvsid=2246739105905292&tmod=1428457233&uas=0&nvt=1&fsapi=1&fc=1920&brdim=330%2C330%2C330%2C330%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=234
Frame ID: 16987ECDA3DE2A0F76EF66F98706DE2A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8818833347061898&output=html&h=280&slotname=6662486355&adk=4203156479&adf=1119259538&pi=t.ma~as.6662486355&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1730640695&rafmt=1&format=1200x280&url=https%3A%2F%2Ffr.cosmetiks.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730640695186&bpp=2&bdt=636&idt=247&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4613024746631&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344190%2C95345789%2C95345962&oid=2&pvsid=2246739105905292&tmod=1428457233&uas=0&nvt=1&fc=1920&brdim=330%2C330%2C330%2C330%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=259
Frame ID: A634DC7D36F72986D3C78746135F9F4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8818833347061898&output=html&h=600&slotname=1813637107&adk=3357627370&adf=3433008094&pi=t.ma~as.1813637107&w=300&lmt=1730640695&url=https%3A%2F%2Ffr.cosmetiks.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730640695101&bpp=88&bdt=551&idt=357&shv=r20241030&mjsv=m202410280101&ptt=5&saldr=sd&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4613024746631&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1154&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344190%2C95345789%2C95345962&oid=2&pvsid=2246739105905292&tmod=1428457233&uas=0&nvt=1&fc=1920&brdim=330%2C330%2C330%2C330%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=361
Frame ID: 3217306AB7572DC495691B5E9CB913FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8818833347061898&output=html&h=600&slotname=1813637107&adk=3357627370&adf=2256998222&pi=t.ma~as.1813637107&w=300&lmt=1730640695&url=https%3A%2F%2Ffr.cosmetiks.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730640695105&bpp=85&bdt=555&idt=366&shv=r20241030&mjsv=m202410280101&ptt=5&saldr=sd&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x280&prev_slotnames=1813637107&nras=1&correlator=4613024746631&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1154&ady=2211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344190%2C95345789%2C95345962&oid=2&pvsid=2246739105905292&tmod=1428457233&uas=0&nvt=1&fc=1920&brdim=330%2C330%2C330%2C330%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=369
Frame ID: 2E5F09D286CB292594C3EB4C6ED875C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: C1780C4814916127E846CFE1C844A603
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 9C2CFC2EFC92DBE68815853865727986
Requests: 1 HTTP requests in this frame

Frame: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Frame ID: 70677AEFFE01A5539A3291E9DA7A3ACA
Requests: 41 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=1&referrer_url=&page_url=https%3A%2F%2Ffr.cosmetiks.net%2F&owner=P%26G&bp_id=sunmedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D
Frame ID: 3E6982C7696281C39CAF6B89C53D06E3
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=22192717&rd=1
Frame ID: 9E4D6F9AE8644032DB28A9CCB15C1006
Requests: 1 HTTP requests in this frame

Frame: https://static.sunmedia.tv/formats/header-bidding/1.13.5/header-bidding.js
Frame ID: 1E2E67F0C7117ADE9341442087C704B2
Requests: 22 HTTP requests in this frame

Frame: https://static.sunmedia.tv/formats/indisplay/0.7.8/indisplay.js
Frame ID: 17A4877AC4E69962D4DA450E443B576E
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

- beauté et cosmétiques Blogs

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

138
Requests

95 %
HTTPS

28 %
IPv6

36
Domains

47
Subdomains

44
IPs

6
Countries

1171 kB
Transfer

3611 kB
Size

72
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://feed.pghub.io/tag?gdpr=0&gdpr_consent=1&referrer_url=&page_url=https%3A%2F%2Ffr.cosmetiks.net%2F&owner=P%26G&bp_id=sunmedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D HTTP 302
  • https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=1&referrer_url=&page_url=https%3A%2F%2Ffr.cosmetiks.net%2F&owner=P%26G&bp_id=sunmedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D
Request Chain 57
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&cw=1&lsw=1&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=2sm22Hw5ZDZRcEhXMXFmTmlHdDVtUk1WRWJFQ1F3K3ZxeGtUZzk0WFJrY05qdm1EQnhuVDFkVU1wTkczODU0QVJIZlBrcXJZQUpkZkd0NFd4UUI2eUtOUGlTa1B6clNRZUhxQjhURFl2akJZaFVYZ2U1M3JxTG5oY2NRcE5hdEZHVWNubWxCWFVINklZRXFYUW50dmNXanNxRjkyQXJnMzNHM0tEMStzSXVHZ1hvcTc4MHdmYVhwOGc1LzlaeWFEY29EejhCeVNwSkRHVlB4OVpIMjJFK3dwbEhhUHdNNWN6R0N4bnFlVXM2QmlPK01abkQyQ3V2Rk1pTFllZ1YzaW05U2gwfA&cppv=2
Request Chain 68
  • https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=22192717 HTTP 302
  • https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=22192717&rd=1
Request Chain 110
  • https://cpu32-zs9v8.ads.tremorhub.com/ad/chnl?adCode=cpu32-8qlre&playerWidth=600&playerHeight=450&srcPageUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&schain=1.0,1!sunmedia.tv,3041f07a-a484-4265-9e48-8a1a9660a195,1,,,&gdpr=0&gdpr_consent=1&c1=T1,SM HTTP 302
  • https://cpu32-zs9v8.ads.tremorhub.com/ad/chnl?adCode=cpu32-8qlre&playerWidth=600&playerHeight=450&srcPageUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&schain=1.0,1!sunmedia.tv,3041f07a-a484-4265-9e48-8a1a9660a195,1,,,&gdpr=0&gdpr_consent=1&c1=T1,SM&_tur=T

138 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fr.cosmetiks.net/
57 KB
11 KB
Document
General
Full URL
https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af717b7cf145ab123ff14cc70e6c52895712b4fc7d327f32847df102d31340a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8dccb9b32d3d8dee-MIA
content-encoding
br
content-type
text/html
date
Sun, 03 Nov 2024 13:31:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GPy7W7AiIkrsvqSFd%2FJa8vMYnsHe3jSPDKx5WCpcIpkL7JlLf%2FjWG%2BdqYhS9RUnGC3XYavQKgGbxX1lu%2BgmZCCiyD1jIogMoH1jUm2k3%2FPrWxVILer%2BXwfGo3gdAb8p1HAdi"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31514&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4155&recv_bytes=4485&delivery_rate=491&cwnd=12000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=320&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
plusone.js
apis.google.com/js/
63 KB
24 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0f3af1e716ce7846e7c252ace160c12480d41eecd5a7e7917ee5b2ccde62b51
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
etag
"657bf145b0a7c685"
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 13:31:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
text/javascript
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="gapi-team"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
24185
x-xss-protection
0
server
sffe
csslinuz.css
fr.cosmetiks.net/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://fr.cosmetiks.net/css/csslinuz.css?v=1104113476
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd6339eb36877587d68b786b971203224babcad94c0b9579a84176cdc1efd5e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"65e88b42-1765"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0i6Czk4Dog25hKGLpvB%2BrQYBrmA8%2BQLU5w7gLXVxZVyzEi6QXGmL7vr4kx6LvZ0P4C7uPS5tKgQDW8OTeFsLjFXHZ%2B1fgIfEutGgr8Xu39ltKzNMeJ4defnxVw%2Fxv2ygA4PK"}],"group":"cf-nel","max_age":604800}
expires
Sun, 10 Nov 2024 13:31:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32863&sent=39&recv=21&lost=0&retrans=0&sent_bytes=27610&recv_bytes=6117&delivery_rate=381995&cwnd=12000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=629&x=1", cfExtPri, cfHdrFlush;dur=29
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
text/css
last-modified
Wed, 06 Mar 2024 15:26:58 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b51edb8dee-MIA
x-turbo-charged-by
LiteSpeed
server
cloudflare
nuevocss.css
fr.cosmetiks.net/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://fr.cosmetiks.net/css/nuevocss.css
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a743c6e5d856377bbf933b80b2a679019071346d6723deccf7647df1984f8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"66cc79c9-2464"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3UOysUYXBzrZMN0u8bV1CtuQxRGnlUPJzzaG2nk3dEgRb4AayO52qgZjmtIqAuDcmynsdBaNsZ9dmlIhtUi57IY6RBstGItP%2BwGFkI1pARhhXLP1s98mX8D6VVc79ENx2BFi"}],"group":"cf-nel","max_age":604800}
expires
Sun, 10 Nov 2024 13:31:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32863&sent=39&recv=21&lost=0&retrans=0&sent_bytes=27610&recv_bytes=6117&delivery_rate=381995&cwnd=12000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=637&x=1", cfExtPri, cfHdrFlush;dur=21
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
text/css
last-modified
Mon, 26 Aug 2024 12:49:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b51ede8dee-MIA
x-turbo-charged-by
LiteSpeed
server
cloudflare
css
fonts.googleapis.com/
807 B
454 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Englebert
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
892d7641368451c3fb1a1bf108724b28e41662c4a7bff1e168d40f7efdd4c431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 13:31:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 03 Nov 2024 13:31:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
407 B
768 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Original+Surfer
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c58396ed32968f1ff859badfdbec0fc8b05df8d5fc808cf7ea9f4369e72bd357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 13:31:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 03 Nov 2024 13:31:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
807 B
455 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Romanesco
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b92b4255be4bac210ed50b637623a15798fc473f30522095a91b98a1c2ff592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 13:31:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 03 Nov 2024 13:31:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/
227 KB
35 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://fr.cosmetiks.net
Referer
https://fr.cosmetiks.net/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
age
928757
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZK51ALoMjqTjSv4%2Fpj6f7yIFbeHxZLlmAgqa4X62nZOFUjAKOZD5DgNrk2x5HU1%2Fxjco%2B2PadvUqt54ByqVJtTo1Os7lKaKkSlPgyg1QTVnqwGt4wcg6MNF%2BLu47i5luCgJLQYK9FcsYUAQHkYY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220083-FRA, cache-lga21942-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8dccb9b65a90b3e5-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
34902
server
cloudflare
x-jsd-version
5.3.2
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.0/font/
96 KB
15 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.0/font/bootstrap-icons.css
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9e2ee3ee86f447aebb15c14fe952200ce9afcde0e6b8b693bdc0907ea444b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
HIT
etag
W/"17fcf-mLlAafcysxqu0GOyH4yN8n/u/RI"
age
10782925
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jYwAXGuihok%2B5hV4fF8SZca2j%2FEPKXIUbPGGPCmIN3GeDnRWAnoGx6MT0M4g%2FcoOxOU8xjh4ZaJIsbYKrBz97dw6OasdWu0Meg3VDQ7YRiGMNengnR8nZ0iNdlho%2Bm4b8kKav6emssRHtNVkuCU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220053-FRA, cache-lga21925-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8dccb9b65cfa09c6-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
14113
server
cloudflare
x-jsd-version
1.11.0
jquery-3.7.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
etag
W/"28feccc0-155ed"
age
634123
x-cache
HIT, HIT
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
29, 96158
x-served-by
cache-lga21978-LGA, cache-mia-kmia1760070-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1730640695.649667,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30336
server
nginx
js
www.googletagmanager.com/gtag/
272 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N56HFM76NZ
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ecc5dd8413a5156e3a0c861bcf5fc2eabbd96b38b9d878f7352527a9c20a6173
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 03 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97225
x-xss-protection
0
server
Google Tag Manager
logoweb2.jpg
fr.cosmetiks.net/images/
32 KB
33 KB
Image
General
Full URL
https://fr.cosmetiks.net/images/logoweb2.jpg
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa9a6aed6049e20d120caba66c9cb79c330c8afee8c0669b2e78cf2d2ce0598f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cf-cache-status
MISS
etag
"663e3605-7f6a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CMHW0ZBWqBpLD9jXuuNzF56KD%2F1INy7fFSiqwG%2F2vTWs6AjmxME6PtfLsQIRn3pwVmCnv82DrTsrGeviRfcbCMyiD0%2Fuf6nBDcEc0dftGQ7hLtJ63fiH4o32HjugjiXx5RK7"}],"group":"cf-nel","max_age":604800}
expires
Sun, 10 Nov 2024 13:31:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32863&sent=29&recv=21&lost=0&retrans=0&sent_bytes=15610&recv_bytes=6117&delivery_rate=381995&cwnd=12000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=627&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
image/jpeg
last-modified
Fri, 10 May 2024 14:58:13 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b51ee28dee-MIA
accept-ranges
bytes
content-length
32618
x-turbo-charged-by
LiteSpeed
server
cloudflare
pinrss.gif
fr.cosmetiks.net/images/
517 B
1 KB
Image
General
Full URL
https://fr.cosmetiks.net/images/pinrss.gif
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdb8ec82cdd7d5ce21b94573529c4c241732d967ccaef6486659c5065710b85e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cf-cache-status
MISS
etag
"663e3605-205"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZfnO%2Ft9R%2Fc%2BhXiRioN9OwRw4BFW29xaCnyupgmKjLh3kSOBM%2F%2FyyevMsj1%2F5L0UAfCoaKXCFB0JAicP1IJ%2F7hzKiQgylD99oyc%2FhDUPj6DTiWlIb3JUWYx96IEUJmyOHeRox"}],"group":"cf-nel","max_age":604800}
expires
Sun, 10 Nov 2024 13:31:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32863&sent=39&recv=21&lost=0&retrans=0&sent_bytes=27610&recv_bytes=6117&delivery_rate=381995&cwnd=12000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=639&x=1", cfExtPri, cfHdrFlush;dur=19
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
image/gif
last-modified
Fri, 10 May 2024 14:58:13 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b51ee38dee-MIA
accept-ranges
bytes
content-length
517
x-turbo-charged-by
LiteSpeed
server
cloudflare
pinpinterest.gif
fr.cosmetiks.net/images/
952 B
2 KB
Image
General
Full URL
https://fr.cosmetiks.net/images/pinpinterest.gif
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9161ad61619a9765102b160322648a2c3edc74c5f281cc6825041eb771dca806

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cf-cache-status
MISS
etag
"663e3605-3b8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZpD7jOwBYB3SXM%2F5yExAyl2D6XNBa4imBvU1ecUcV8TyiUGLm23j1DGKi414HCpRvDHPInUtxg0LbmO0qtLoe8D8vKWvhmhEo3oIzBBwRmIgY%2F1LbSOyuMMIZbU4DIfGolG"}],"group":"cf-nel","max_age":604800}
expires
Sun, 10 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39999&sent=72&recv=49&lost=0&retrans=0&sent_bytes=56812&recv_bytes=9720&delivery_rate=281493&cwnd=24000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=949&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
image/gif
last-modified
Fri, 10 May 2024 14:58:13 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b718be8dee-MIA
accept-ranges
bytes
content-length
952
x-turbo-charged-by
LiteSpeed
server
cloudflare
pinfacebook.gif
fr.cosmetiks.net/images/
628 B
1 KB
Image
General
Full URL
https://fr.cosmetiks.net/images/pinfacebook.gif
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb25e92468c6a47a74c18eaa01b3e9a736c06a2dce37eb262a0f7dab806551c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cf-cache-status
MISS
etag
"663e3605-274"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5fOqw3u0mR6po3ljxCrOYparN3%2FcWEKXwCtabXNfmD395hJAAWI4fUcPBmbyfqveBFNs44Otpf1JmdMnE0gQhfFwPKIH%2FxsdFVs0MyQSeVq9nuujDDtX9LkcMWobJJTx6Q%2F"}],"group":"cf-nel","max_age":604800}
expires
Sun, 10 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38768&sent=90&recv=50&lost=0&retrans=0&sent_bytes=75279&recv_bytes=9764&delivery_rate=56598&cwnd=24000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=1015&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
image/gif
last-modified
Fri, 10 May 2024 14:58:13 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b768fe8dee-MIA
accept-ranges
bytes
content-length
628
x-turbo-charged-by
LiteSpeed
server
cloudflare
pintwitter.gif
fr.cosmetiks.net/images/
688 B
1 KB
Image
General
Full URL
https://fr.cosmetiks.net/images/pintwitter.gif
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29d5b8392509abb22d476635a91ba4777c3375eb47ecc82ba173589e8ed82ca6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cf-cache-status
MISS
etag
"663e3605-2b0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XkM1VyHkJKgtE4xhvWJmVG7zFy0TsSnaoh2Nn8sAt8Q3X7rkcI%2FDESkWSIf9w3ugSRNP3bLdcpxaQ%2FNgAxAvc2Nbi%2Bby99yokvvjv38ab3NpR6gd%2FT0id6BZz25LLmeA5tY0"}],"group":"cf-nel","max_age":604800}
expires
Sun, 10 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38768&sent=92&recv=50&lost=0&retrans=0&sent_bytes=76663&recv_bytes=9764&delivery_rate=56598&cwnd=24000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=1016&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
image/gif
last-modified
Fri, 10 May 2024 14:58:13 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b769028dee-MIA
accept-ranges
bytes
content-length
688
x-turbo-charged-by
LiteSpeed
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
158 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8818833347061898
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
cafe /
Resource Hash
47179187743f7d17557fbc51966d96f928c997bfe3531b6e0c085267ae5b5713
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://fr.cosmetiks.net
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
br
etag
3905824857388725397
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53479
x-xss-protection
0
server
cafe
salsa-de-queso-con-pimiento__66dc83042b917.jpg
recetas.thermomagazine.net/uploads/
81 KB
82 KB
Image
General
Full URL
https://recetas.thermomagazine.net/uploads/salsa-de-queso-con-pimiento__66dc83042b917.jpg
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0631273a36b493eee86d239592b4c553253ecc5ada063b0af4083079764d94f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cf-cache-status
HIT
etag
"66dc8304-14568"
age
312709
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3xqzGd2NrJnuhwKHA6QvcR96x9OnGXw%2B9VQYOB92lL1jccTEzUBLcvMfeh1OTy5D%2BEZjoCqAAbErgAy1KJUVK5SUjk%2Bmes%2FG4j75A4l0NPx4QLbMH3tO%2B6X6oCRodbE4jOmc1Wr2DUeQKghHw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 06 Nov 2024 22:39:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29509&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4138&recv_bytes=4349&delivery_rate=101597&cwnd=12000&unsent_bytes=0&cid=41dac1a8486ee3a6&ts=57&x=1", cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
image/jpeg
last-modified
Sat, 07 Sep 2024 16:44:52 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b81a106dc7-MIA
accept-ranges
bytes
content-length
83304
x-turbo-charged-by
LiteSpeed
server
cloudflare
defect3.gif
fr.cosmetiks.net/images/
18 KB
19 KB
Image
General
Full URL
https://fr.cosmetiks.net/images/defect3.gif
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b1f7dc0c365805c3d8e4f83997bad5ba1df91c87a8e9358d2079186380f683

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cf-cache-status
MISS
etag
"663e3605-47fd"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WDWi2cYhONBxSUBZfQGR7n%2FGrRbNKBcr6XPPVEM0FiyhSbEu4RxaKcUBLpUVSNd4sVugZNXnM6r8zacEU2GeV2Q8HUb2%2FSage%2BiBh%2FxrNQs1%2BFwTORFNycXv8tSErEHsR547"}],"group":"cf-nel","max_age":604800}
expires
Sun, 10 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37113&sent=105&recv=60&lost=0&retrans=0&sent_bytes=87402&recv_bytes=10209&delivery_rate=650415&cwnd=24000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=1120&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
image/gif
last-modified
Fri, 10 May 2024 14:58:13 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b769048dee-MIA
accept-ranges
bytes
content-length
18429
x-turbo-charged-by
LiteSpeed
server
cloudflare
huda-beauty-liquid-matte.jpg
beauteblogchic.com/wp-content/uploads/2016/10/
0
0

sephora-eponge-nettoyante-pinceaux.jpg
beauteblogchic.com/wp-content/uploads/2016/09/
0
0

defect2.gif
fr.cosmetiks.net/images/
23 KB
23 KB
Image
General
Full URL
https://fr.cosmetiks.net/images/defect2.gif
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71a8864f7ffff26ae83c89da4b8714c0fcf61d96e7a16bf0bb3cbb651a6f2f03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cf-cache-status
MISS
etag
"663e3605-5a5f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wBWnH6SlBJ6pxV7%2BP%2BnRHrp%2FUObLqMd%2FBgMCiemPXk%2Fpw8EahMzBp%2BicKaJmscA%2FU%2BXBSa2z%2BedsMUySZsqpfOyo4ny%2FK5yG60Y1XWh%2B7fGTaPFkxG7h5uAocIfMTbBKlGh8"}],"group":"cf-nel","max_age":604800}
expires
Sun, 10 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38768&sent=74&recv=50&lost=0&retrans=0&sent_bytes=58519&recv_bytes=9764&delivery_rate=56598&cwnd=24000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=1001&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
image/gif
last-modified
Fri, 10 May 2024 14:58:13 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b769068dee-MIA
accept-ranges
bytes
content-length
23135
x-turbo-charged-by
LiteSpeed
server
cloudflare
defect1.gif
fr.cosmetiks.net/images/
16 KB
17 KB
Image
General
Full URL
https://fr.cosmetiks.net/images/defect1.gif
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680725acdd56050e3b7d730688baa12a31f8ec0abfee1154a7c3a7c614d43582

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cf-cache-status
MISS
etag
"663e3605-4108"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8DdLOM9Q2UQfJ%2Fxo7%2B9uS8fI0LZ%2F%2FEuDV7nP6T7LSsdJHP8EIud%2Fbm8Sg8Grhrh9J%2FSydJXwYtvZYBMNsPc46wqxia0GmEDeF1IkLAj5qCpBd3fPBr2IWM4hpabj0A3jI7K9"}],"group":"cf-nel","max_age":604800}
expires
Sun, 10 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37113&sent=118&recv=60&lost=0&retrans=0&sent_bytes=102129&recv_bytes=10209&delivery_rate=650415&cwnd=24000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=1144&x=1", cfExtPri, cfHdrFlush;dur=3
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
image/gif
last-modified
Fri, 10 May 2024 14:58:13 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b769098dee-MIA
accept-ranges
bytes
content-length
16648
x-turbo-charged-by
LiteSpeed
server
cloudflare
show_ads.js
pagead2.googlesyndication.com/pagead/
26 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
cafe /
Resource Hash
6ecb23174a0e3ef7cdf0095a5226a9df6cb77538fa8d5da75e1bea1ceff88b4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
br
etag
13522692200005778605
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
10519
x-xss-protection
0
server
cafe
aa4.png
fr.cosmetiks.net/images/
821 B
1 KB
Image
General
Full URL
https://fr.cosmetiks.net/images/aa4.png
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e725ac5137b674274cd6ad1303a03515a5320d0e987dd3aa10e9b2e086619307

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cf-cache-status
MISS
etag
"663e3605-335"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckKi0gOkh39McqLK2zaeMX5wn1rap9My0wqaCA2raP74XJTvgbamXxR%2FQA77vpFDufntLSb6GlsTtBwdEGKZbNbSJ4kkc8aflCqUt%2FPCMvupxqZQAZVleEWB7n7z3ifmjufH"}],"group":"cf-nel","max_age":604800}
expires
Sun, 10 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38768&sent=88&recv=50&lost=0&retrans=0&sent_bytes=73705&recv_bytes=9764&delivery_rate=56598&cwnd=24000&unsent_bytes=0&cid=9a7f0f2b7bccfa2f&ts=1008&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
image/png
last-modified
Fri, 10 May 2024 14:58:13 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dccb9b7690b8dee-MIA
accept-ranges
bytes
content-length
821
x-turbo-charged-by
LiteSpeed
server
cloudflare
email-decode.min.js
fr.cosmetiks.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://fr.cosmetiks.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"672112ce-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hk8pq2U9J47Ak99pCAPD%2BuBEQPupYoaFMb7pe4GtE2FHfu8jk%2FRL57j656jf1YoU48tBRJ3DzFsZPUYuA%2B1zRazORa%2FVwZa9lONzA7B4luFiW3icxu3rU%2BVyvGax41SHWQkG"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8dccb9b769038dee-MIA
expires
Tue, 05 Nov 2024 13:31:34 GMT
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 16:52:30 GMT
server
cloudflare
vary
Accept-Encoding
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/
79 KB
23 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://fr.cosmetiks.net
Referer
https://fr.cosmetiks.net/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
age
930767
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1d2lTLfGCGkx18TNPSHHRNaw4K860zlT%2FHcfDxlukNQl325elLc8TQpGhYuu8ZywBqocDbsLHH9pFGve2ts7g6sk0A%2FdpC%2FLKIgy3k8dEmpuN96B3HiKp%2F3Byxal13Mv5pol6xLsHXPkvNdPEwY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sun, 03 Nov 2024 13:31:34 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220085-FRA, cache-lga21986-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8dccb9b77bf4b3e5-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
22772
server
cloudflare
x-jsd-version
5.3.2
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.N4A9eqvTwsI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo_O6fwbR1aR8YHQkB3I0FTV0L0UIA/
155 KB
54 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.N4A9eqvTwsI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo_O6fwbR1aR8YHQkB3I0FTV0L0UIA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54ccfcc9fc6ef004a9ab606b1e4517c8b900573ffadd35f9a3ba2dd1fd6e9ad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
age
222440
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 23:44:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 23:44:14 GMT
last-modified
Thu, 10 Oct 2024 20:03:27 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges
bytes
access-control-allow-origin
*
content-length
54429
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/
0
0

e6c4e2fe-6602-44a2-bf06-bd9aca1f3fc6.js
static.sunmedia.tv/integrations/e6c4e2fe-6602-44a2-bf06-bd9aca1f3fc6/
11 KB
3 KB
Script
General
Full URL
https://static.sunmedia.tv/integrations/e6c4e2fe-6602-44a2-bf06-bd9aca1f3fc6/e6c4e2fe-6602-44a2-bf06-bd9aca1f3fc6.js
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.102.46 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31432935.ip-141-94-102.eu
Software
nginx /
Resource Hash
fce01b0f49ab9468e8d7bd1e9fa2ce07a7bd053f09285f8781d9fd50775dbe05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-control
max-age=0, s-maxage=2592001
TP-Cache
MISS
Content-Encoding
gzip
Age
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Accept-Ranges
bytes
Content-Length
2944
X-Device
desktop
Date
Sun, 03 Nov 2024 13:31:35 GMT
Content-Type
application/javascript
Last-Modified
Wed, 30 Oct 2024 12:53:42 GMT
Server
nginx
Vary
Accept-Encoding
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/
91 KB
32 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8818833347061898
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
cafe /
Resource Hash
ec30e0a413fcd365564d9779c59ce5ef8a1b9cc2d1bd80bc68738da5770d3f6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
br
etag
4983884097084840209
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
32238
x-xss-protection
0
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/
434 KB
145 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8818833347061898
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
cafe /
Resource Hash
ab95dba496a305a54998e9f115b513f14601b0606355ba282844810d4cfdad08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
br
etag
4757843948016217233
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 13:31:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147967
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N56HFM76NZ&gtm=45je4au0v9114493734za200&_p=1730640694922&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=539149792.1730640695&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1730640695&sct=1&seg=0&dl=https%3A%2F%2Ffr.cosmetiks.net%2F&dt=-%20beaut%C3%A9%20et%20cosm%C3%A9tiques%20Blogs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1197
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N56HFM76NZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://fr.cosmetiks.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:35 GMT
content-type
text/plain
server
Golfe2
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 4896
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.cosmetiks.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
71653
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 17:37:22 GMT
etag
7893594074132303741
expires
Sat, 16 Nov 2024 17:37:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1698
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8818833347061898&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730640695&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Ffr.cosmetiks.net%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730640695177&bpp=8&bdt=627&idt=201&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4613024746631&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344190%2C95345789%2C95345962&oid=2&pvsid=2246739105905292&tmod=1428457233&uas=0&nvt=1&fsapi=1&fc=1920&brdim=330%2C330%2C330%2C330%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=234
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.cosmetiks.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
73003
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Nov 2024 13:31:36 GMT
expires
Sun, 03 Nov 2024 13:31:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A634
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8818833347061898&output=html&h=280&slotname=6662486355&adk=4203156479&adf=1119259538&pi=t.ma~as.6662486355&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1730640695&rafmt=1&format=1200x280&url=https%3A%2F%2Ffr.cosmetiks.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730640695186&bpp=2&bdt=636&idt=247&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4613024746631&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344190%2C95345789%2C95345962&oid=2&pvsid=2246739105905292&tmod=1428457233&uas=0&nvt=1&fc=1920&brdim=330%2C330%2C330%2C330%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=259
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.cosmetiks.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46709
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Nov 2024 13:31:35 GMT
expires
Sun, 03 Nov 2024 13:31:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8818833347061898
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://fr.cosmetiks.net/

Response headers

ads
googleads.g.doubleclick.net/pagead/ Frame 3217
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8818833347061898&output=html&h=600&slotname=1813637107&adk=3357627370&adf=3433008094&pi=t.ma~as.1813637107&w=300&lmt=1730640695&url=https%3A%2F%2Ffr.cosmetiks.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730640695101&bpp=88&bdt=551&idt=357&shv=r20241030&mjsv=m202410280101&ptt=5&saldr=sd&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4613024746631&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1154&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344190%2C95345789%2C95345962&oid=2&pvsid=2246739105905292&tmod=1428457233&uas=0&nvt=1&fc=1920&brdim=330%2C330%2C330%2C330%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=361
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.cosmetiks.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44908
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Nov 2024 13:31:36 GMT
expires
Sun, 03 Nov 2024 13:31:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2E5F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8818833347061898&output=html&h=600&slotname=1813637107&adk=3357627370&adf=2256998222&pi=t.ma~as.1813637107&w=300&lmt=1730640695&url=https%3A%2F%2Ffr.cosmetiks.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730640695105&bpp=85&bdt=555&idt=366&shv=r20241030&mjsv=m202410280101&ptt=5&saldr=sd&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x280&prev_slotnames=1813637107&nras=1&correlator=4613024746631&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1154&ady=2211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344190%2C95345789%2C95345962&oid=2&pvsid=2246739105905292&tmod=1428457233&uas=0&nvt=1&fc=1920&brdim=330%2C330%2C330%2C330%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=369
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.cosmetiks.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45995
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Nov 2024 13:31:36 GMT
expires
Sun, 03 Nov 2024 13:31:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
inhome.js
static.sunmedia.tv/sdks/inhome/1.57.5/
232 KB
90 KB
Script
General
Full URL
https://static.sunmedia.tv/sdks/inhome/1.57.5/inhome.js
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/e6c4e2fe-6602-44a2-bf06-bd9aca1f3fc6/e6c4e2fe-6602-44a2-bf06-bd9aca1f3fc6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.102.46 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31432935.ip-141-94-102.eu
Software
nginx /
Resource Hash
dd77c96829672de01efa2b6026f30a4e52e0f6c3bddc57bf6c0c80269f9b3f0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-control
max-age=31536000
TP-Cache
HIT
Content-Encoding
gzip
Age
23
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92131
X-Device
mobile
Date
Sun, 03 Nov 2024 13:31:35 GMT
Content-Type
application/javascript
Last-Modified
Wed, 30 Oct 2024 12:45:52 GMT
Server
nginx
Vary
Accept-Encoding
adblockDetector.min.js
static.sunmedia.tv/AdBlockDetection/
3 KB
2 KB
Script
General
Full URL
https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=-adserver-%7C-doubleclick.js%7C-google-ad.%7C-google-adsense.&ref=https%3A%2F%2Ffr.cosmetiks.net%2F
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/inhome/1.57.5/inhome.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.102.46 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31432935.ip-141-94-102.eu
Software
nginx /
Resource Hash
051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-control
max-age=3600, s-maxage=2592000
TP-Cache
HIT
Content-Encoding
gzip
Age
24
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1634
X-Device
mobile
Date
Sun, 03 Nov 2024 13:31:36 GMT
Content-Type
application/javascript
Last-Modified
Mon, 21 Dec 2020 17:00:21 GMT
Server
nginx
Vary
Accept-Encoding
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/
178 KB
60 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
cafe /
Resource Hash
a8566b6c9d9a12543b5abdb92f9ee63fd4058eeac8c119fe0caa6c2fbe642ce6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
br
etag
6058901520584008587
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 13:31:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 03 Nov 2024 13:31:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
61041
x-xss-protection
0
server
cafe
ca-pub-8818833347061898
fundingchoicesmessages.google.com/i/
196 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8818833347061898?href=https%3A%2F%2Ffr.cosmetiks.net&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
548542367e6be287c51a07289eff769297883e60b57111947afadaa0ab57f6af
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TyZalIhbzd_Wygs1tBixIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw15BikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4dnybu5NN4MDWpUcZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDYwN9AwM4gsMAItnQCM"
content-security-policy
script-src 'report-sample' 'nonce-TyZalIhbzd_Wygs1tBixIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
geocity.php
services.sunmedia.tv/geotarget/
67 B
517 B
Fetch
General
Full URL
https://services.sunmedia.tv/geotarget/geocity.php?dnt=1
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/inhome/1.57.5/inhome.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.199.8.196 Los Angeles, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
unn-138-199-8-196.datapacket.com
Software
nginx /
Resource Hash
7377e9cccd253852c50a38b45c09cd22d967b29bf72352c7f9a3ed528955194e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-Control
max-age=0, s-maxage=3600
TP-Cache
HIT
Content-Encoding
gzip
Age
1779
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://fr.cosmetiks.net
Content-Length
88
X-Device
desktop
Date
Sun, 03 Nov 2024 13:31:37 GMT
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NmD9pygae8-qcp4RuAKG7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:36 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHY8W3uTjaBB--uP2NScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBsaGegbm8QUGAHb4Kbs"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NmD9pygae8-qcp4RuAKG7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUAT0fwEtiO64DLNweUDplT8B4YfoKVuPLNGosR7C6aGGZqLhoP3UxjS0Os08nO4wvCb2VTwfaZ7BYAYd00fUlJIkx4EPX-jBxZh0CyP6BcLvKExKukO1cBgoEETZ_9ztNWLYO0qg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUAT0fwEtiO64DLNweUDplT8B4YfoKVuPLNGosR7C6aGGZqLhoP3UxjS0Os08nO4wvCb2VTwfaZ7BYAYd00fUlJIkx4EPX-jBxZh0CyP6BcLvKExKukO1cBgoEETZ_9ztNWLYO0qg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNjQwNjk2LDYzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mci5jb3NtZXRpa3MubmV0LyIsbnVsbCxbWzgsIllzZ09PY3R1a3JJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd618c4e3644053b35a11aa5494f78c32272eadf7684df22b4bd42c58e7e2320
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UE52lKPRpUhB1lzkWqMLDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4dnybu5NNYMPyB4eZlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDYwN9AwM4gsMAIedQDE"
content-security-policy
script-src 'report-sample' 'nonce-UE52lKPRpUhB1lzkWqMLDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame C178
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.cosmetiks.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
71653
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 17:37:22 GMT
etag
7893594074132303741
expires
Sat, 16 Nov 2024 17:37:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 9C2C
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.cosmetiks.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
71653
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 17:37:22 GMT
etag
7893594074132303741
expires
Sat, 16 Nov 2024 17:37:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxUK9Vj770zwJR7OahtwjvmpSRPteBvu0q5G2H53tcTIZBA_fGTIBRfThz4My4MztCKm2bQaQ6eoB-2zYG8joFsjZw9KJB2Zw_KV-b4GesZmu0GYj5FP32azRm89dxxYLSsoAWjXbQ==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUK9Vj770zwJR7OahtwjvmpSRPteBvu0q5G2H53tcTIZBA_fGTIBRfThz4My4MztCKm2bQaQ6eoB-2zYG8joFsjZw9KJB2Zw_KV-b4GesZmu0GYj5FP32azRm89dxxYLSsoAWjXbQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNjQwNjk2LDk0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVzIl0sImh0dHBzOi8vZnIuY29zbWV0aWtzLm5ldC8iLG51bGwsW1s4LCJZc2dPT2N0dWtySSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
ESF /
Resource Hash
7c97585d0cb56a845729ab93506983f5b4bd111ff713c228d4c96e4ce42cfe54
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kdr9yFuSVoUEdHBWERQGlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4dnybu5NNYMXxhbeZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDYwN9AwM4gsMAIlhQCo"
content-security-policy
script-src 'report-sample' 'nonce-kdr9yFuSVoUEdHBWERQGlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
/
track.sunmedia.tv/
42 B
403 B
Image
General
Full URL
https://track.sunmedia.tv/?ap=smptf&it=e6c4e2fe-6602-44a2-bf06-bd9aca1f3fc6&tp=op&pos=0&loop=1&pb=1&dnt=1&rnd=1730640697176
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.199.8.196 Los Angeles, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
unn-138-199-8-196.datapacket.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-control
max-age=0, s-maxage=31536000
TP-Cache
HIT
Age
1782
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
42
X-Device
desktop
Date
Sun, 03 Nov 2024 13:31:37 GMT
Content-Type
image/gif
Last-Modified
Thu, 15 Nov 2018 09:59:07 GMT
Server
nginx
Vary
Accept-Encoding
/
s.richaudience.com/ex/
3 KB
2 KB
Fetch
General
Full URL
https://s.richaudience.com/ex/
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/inhome/1.57.5/inhome.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.237.110 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
110-237-115-208.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
a24030171b433436b86d09c2ae6909819429dd67c07fdfa6e935c1d29a556774

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://fr.cosmetiks.net/

Response headers

access-control-allow-origin
*
content-encoding
gzip
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding
server
nginx/1.14.1
/
track.sunmedia.tv/
42 B
403 B
Image
General
Full URL
https://track.sunmedia.tv/?ap=smptf&it=e6c4e2fe-6602-44a2-bf06-bd9aca1f3fc6&tp=ef&pos=0&loop=1&pb=1&rnd=1730640697193
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.199.8.196 Los Angeles, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
unn-138-199-8-196.datapacket.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-control
max-age=0, s-maxage=31536000
TP-Cache
HIT
Age
1782
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
42
X-Device
desktop
Date
Sun, 03 Nov 2024 13:31:37 GMT
Content-Type
image/gif
Last-Modified
Thu, 15 Nov 2018 09:59:07 GMT
Server
nginx
Vary
Accept-Encoding
css
fonts.googleapis.com/
774 B
493 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 13:31:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 03 Nov 2024 13:09:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
301 B
326 B
Script
General
Full URL
https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.40.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.147.40.251.148.clients.your-server.de
Software
nginx / PHP/8.1.30
Resource Hash
f27128bca3747bcd75818a0e53017eb462cba3ff1eaf59fa0229739f6d0e053c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
nginx
x-powered-by
PHP/8.1.30
pandg-sdk.js
pghub.io/js/
17 KB
5 KB
Script
General
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Access-Control-Allow-Origin
content-encoding
gzip
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
etag
"47a886353056caf33a998c6041e20896"
age
1177
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5009
date
Sun, 03 Nov 2024 13:12:00 GMT
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0avAohquXen4auI4nBubzjkWNSNT2a6mskgyAKQ4jlZX-35B1xRIMqLUEsEEQYovSJHto
cache-control
public,max-age=3600
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1685983010517890
content-length
5009
server
UploadServer
sm-prebid.js
static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/ Frame 7067
473 KB
157 KB
Script
General
Full URL
https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/inhome/1.57.5/inhome.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.102.46 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31432935.ip-141-94-102.eu
Software
nginx /
Resource Hash
ad7e8f2a8553359305e722a0391fcb74587fc9f200fd2078a6349d2324283637

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Cache-control
max-age=31536000
TP-Cache
HIT
Content-Encoding
gzip
Age
25
Connection
keep-alive
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
160423
X-Device
mobile
Date
Sun, 03 Nov 2024 13:31:37 GMT
Content-Type
application/javascript
Last-Modified
Thu, 04 Jul 2024 11:56:32 GMT
Server
nginx
Vary
Accept-Encoding
/
track.sunmedia.tv/
42 B
403 B
Image
General
Full URL
https://track.sunmedia.tv/?ap=smptf&it=e6c4e2fe-6602-44a2-bf06-bd9aca1f3fc6&tp=req&pos=0&loop=1&pb=1&rnd=1730640697201
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.199.8.196 Los Angeles, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
unn-138-199-8-196.datapacket.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-control
max-age=0, s-maxage=31536000
TP-Cache
HIT
Age
1782
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
42
X-Device
desktop
Date
Sun, 03 Nov 2024 13:31:37 GMT
Content-Type
image/gif
Last-Modified
Thu, 15 Nov 2018 09:59:07 GMT
Server
nginx
Vary
Accept-Encoding
tag
pandg.tapad.com/ Frame 3E69
Redirect Chain
  • https://feed.pghub.io/tag?gdpr=0&gdpr_consent=1&referrer_url=&page_url=https%3A%2F%2Ffr.cosmetiks.net%2F&owner=P%26G&bp_id=sunmedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22b...
  • https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=1&referrer_url=&page_url=https%3A%2F%2Ffr.cosmetiks.net%2F&owner=P%26G&bp_id=sunmedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%2...
0
0
Document
General
Full URL
https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=1&referrer_url=&page_url=https%3A%2F%2Ffr.cosmetiks.net%2F&owner=P%26G&bp_id=sunmedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fr.cosmetiks.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Sun, 03 Nov 2024 13:31:37 GMT
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-length
0
date
Sun, 03 Nov 2024 13:31:37 GMT
location
https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=1&referrer_url=&page_url=https%3A%2F%2Ffr.cosmetiks.net%2F&owner=P%26G&bp_id=sunmedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
sid
mug.criteo.com/ Frame 7067
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&cw=1&lsw=1&gdpr=0
  • https://mug.criteo.com/sid?cpp=2sm22Hw5ZDZRcEhXMXFmTmlHdDVtUk1WRWJFQ1F3K3ZxeGtUZzk0WFJrY05qdm1EQnhuVDFkVU1wTkczODU0QVJIZlBrcXJZQUpkZkd0NFd4UUI2eUtOUGlTa1B6clNRZUhxQjhURFl2akJZaFVYZ2U1M3JxTG5oY2NRcE...
357 B
946 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=2sm22Hw5ZDZRcEhXMXFmTmlHdDVtUk1WRWJFQ1F3K3ZxeGtUZzk0WFJrY05qdm1EQnhuVDFkVU1wTkczODU0QVJIZlBrcXJZQUpkZkd0NFd4UUI2eUtOUGlTa1B6clNRZUhxQjhURFl2akJZaFVYZ2U1M3JxTG5oY2NRcE5hdEZHVWNubWxCWFVINklZRXFYUW50dmNXanNxRjkyQXJnMzNHM0tEMStzSXVHZ1hvcTc4MHdmYVhwOGc1LzlaeWFEY29EejhCeVNwSkRHVlB4OVpIMjJFK3dwbEhhUHdNNWN6R0N4bnFlVXM2QmlPK01abkQyQ3V2Rk1pTFllZ1YzaW05U2gwfA&cppv=2
Requested by
Host: fr.cosmetiks.net
URL: https://fr.cosmetiks.net/
Protocol
H2
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ed8c3f014e2444862921637c0908e07ec9dae1b189f504bfa6f08c960b4db6ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
568210
expires
0
access-control-allow-origin
null
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
location
https://mug.criteo.com/sid?cpp=2sm22Hw5ZDZRcEhXMXFmTmlHdDVtUk1WRWJFQ1F3K3ZxeGtUZzk0WFJrY05qdm1EQnhuVDFkVU1wTkczODU0QVJIZlBrcXJZQUpkZkd0NFd4UUI2eUtOUGlTa1B6clNRZUhxQjhURFl2akJZaFVYZ2U1M3JxTG5oY2NRcE5hdEZHVWNubWxCWFVINklZRXFYUW50dmNXanNxRjkyQXJnMzNHM0tEMStzSXVHZ1hvcTc4MHdmYVhwOGc1LzlaeWFEY29EejhCeVNwSkRHVlB4OVpIMjJFK3dwbEhhUHdNNWN6R0N4bnFlVXM2QmlPK01abkQyQ3V2Rk1pTFllZ1YzaW05U2gwfA&cppv=2
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
212107
expires
0
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
date
Sun, 03 Nov 2024 13:31:37 GMT
server
Kestrel
prebid
id5-sync.com/api/config/ Frame 7067
194 B
665 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f1688aa09a4db40d836703c360c53ea55d439d2de1f3df2c79cd63811a12f643
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP="CAO PSA OUR"
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/ Frame 7067
75 B
831 B
Fetch
General
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.47.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-47-92.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2a22ddc0fa6db3da94e79da6d534be63a8a2516ee90d520937d4b40e0b4e8465

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
75
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
application/json;charset=utf-8
x-server
10.40.49.73
server
Jetty(9.4.38.v20210224)
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&cw=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://fr.cosmetiks.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://fr.cosmetiks.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 03 Nov 2024 13:31:37 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
240731
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
avw.
fundingchoicesmessages.google.com/f/AGSKWxXPso5RsmKjH6JHIzsFBT4tlOD-O1boKMKg-ClHeFcwHDhN5bGi8inu5CzvTkwcUKffjQuWuqFPjx1D6KffscI68qN7SWRcMYa8njhK2h2EN5qR4DW_vnEWcO7Zo7kz3zKq-straxHGhhpo594UND2OKFDUb...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXPso5RsmKjH6JHIzsFBT4tlOD-O1boKMKg-ClHeFcwHDhN5bGi8inu5CzvTkwcUKffjQuWuqFPjx1D6KffscI68qN7SWRcMYa8njhK2h2EN5qR4DW_vnEWcO7Zo7kz3zKq-straxHGhhpo594UND2OKFDUbnggIRgsIs4p1ZBtSmVXT4pbDJUtbK0d/__ads_single_/ad_parts./footer_ad_-ad/main./delivery/avw.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwRucCMv51l-lu8z-L8hWxPWa3zzg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
ESF /
Resource Hash
75ef3b8a6a9a4c3feb49f60fadf4799242e4efa1bdb189877f10027f6158a8a9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AO0KFe-2XHBsEM1P9rHhsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0JBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-IiiSusDUB8u-kK62MgZvh6hZUDiIV4OHZ-m7uTTWDGk4bXTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgbGBnoGBvEFBgCpBUUu"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AO0KFe-2XHBsEM1P9rHhsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
67 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwRucCMv51l-lu8z-L8hWxPWa3zzg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
br
etag
13036835877489095579
age
58475
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 21:17:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 02 Nov 2024 21:17:02 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
42
x-xss-protection
0
server
cafe
AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uTQ_7J1f2-2nfRzqeuV8Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHY-W3uTjaBHVP_vWRScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBsaGegbm8QUGAF8eKWg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uTQ_7J1f2-2nfRzqeuV8Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mNxsS2F6CBD_rjWrVLKJiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHY-W3uTjaBG59ONDEruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA2NDPQPz-AIDAFnpKU8"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mNxsS2F6CBD_rjWrVLKJiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-D3n-BhqsnI4mtETBCUfesQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHY-W3uTjaBGa_-TmFWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBsaGegbm8QUGAFiWKU0"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-D3n-BhqsnI4mtETBCUfesQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--ra8g7c7S78QB_gAZF5RmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHY-W3uTjaBFf33pzIruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA2NDPQPz-AIDADcyKN0"
content-security-policy
script-src 'report-sample' 'nonce--ra8g7c7S78QB_gAZF5RmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVrQ-cf3NeumkaLvo8TNtXDPqn6d0tsQxOgDKpYaOcdln2qN7J6Yak3okqDsSmyzBPdcmpugBl3dQT1ocqKN_CK_UxJVp58doI2MbSQmVKB8HsuffgJNH5ujCjz8ZEWZI8wRX7q_A==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVrQ-cf3NeumkaLvo8TNtXDPqn6d0tsQxOgDKpYaOcdln2qN7J6Yak3okqDsSmyzBPdcmpugBl3dQT1ocqKN_CK_UxJVp58doI2MbSQmVKB8HsuffgJNH5ujCjz8ZEWZI8wRX7q_A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNjQwNjk3LDgwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZXMiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9mci5jb3NtZXRpa3MubmV0LyIsbnVsbCxbWzgsIllzZ09PY3R1a3JJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
ESF /
Resource Hash
27f320e0c9126fb1f9129506103276c5876a017f98ad610782a5954263a78ad8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7KuQDXb4AGuVzGpAM76fmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1JBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-IiiSusDUB8u-kK62MgZvh6hZUDiIV4OHZ-m7uTTeDC60UzmZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA2MDfQMDOILDAC2REVN"
content-security-policy
script-src 'report-sample' 'nonce-7KuQDXb4AGuVzGpAM76fmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
/
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/ Frame 9E4D
Redirect Chain
  • https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=22192717
  • https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=22192717&rd=1
0
0
Document
General
Full URL
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=22192717&rd=1
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.40.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.147.40.251.148.clients.your-server.de
Software
nginx / PHP/8.1.30
Resource Hash

Request headers

Referer
https://fr.cosmetiks.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 03 Nov 2024 13:31:38 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.1.30

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 03 Nov 2024 13:31:38 GMT
location
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=22192717&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.1.30
AGSKWxUuX_BLUZ9oPcz0d5rCFjUiqNJrIdjIwwUY2WBwXqPoQo5uYd2cuVIjNToA_jFiYiA3Jza38VU0vlSLJdcWDSr-qVQDGeA9WXXSxSBxaqw5Rjl9e9ciXuxaTEa9QZrGplOZmWtg-w==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUuX_BLUZ9oPcz0d5rCFjUiqNJrIdjIwwUY2WBwXqPoQo5uYd2cuVIjNToA_jFiYiA3Jza38VU0vlSLJdcWDSr-qVQDGeA9WXXSxSBxaqw5Rjl9e9ciXuxaTEa9QZrGplOZmWtg-w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o0ILkdccPh0kDPgtbG3jmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHY-W3uTjaBB3cOHGZWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBsaGegbm8QUGAGnVKYM"
content-security-policy
script-src 'report-sample' 'nonce-o0ILkdccPh0kDPgtbG3jmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWDr9spI0MPy8fXGFvshGKwh39RC3V4xvIwCcthOS3tFU8j26gowuBJ-E6VChZCZK4Nj8628pHrPVSLmwwgpmiHAVwNQyfJYHTQkEfsDogeFyjMIWtx11XLLfcnXQf3jMIz_SsjkA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vLQ52jU5crPGeLiiBciI3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHY-W3uTjaBDV_3HmZWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBsaGegbm8QUGAGDUKWY"
content-security-policy
script-src 'report-sample' 'nonce-vLQ52jU5crPGeLiiBciI3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
x-xss-protection
0
server
ESF
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=2sm22Hw5ZDZRcEhXMXFmTmlHdDVtUk1WRWJFQ1F3K3ZxeGtUZzk0WFJrY05qdm1EQnhuVDFkVU1wTkczODU0QVJIZlBrcXJZQUpkZkd0NFd4UUI2eUtOUGlTa1B6clNRZUhxQjhURFl2akJZaFVYZ2U1M3JxTG5oY2NRcE5hdEZHVWNubWxCWFVINklZRXFYUW50dmNXanNxRjkyQXJnMzNHM0tEMStzSXVHZ1hvcTc4MHdmYVhwOGc1LzlaeWFEY29EejhCeVNwSkRHVlB4OVpIMjJFK3dwbEhhUHdNNWN6R0N4bnFlVXM2QmlPK01abkQyQ3V2Rk1pTFllZ1YzaW05U2gwfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 03 Nov 2024 13:31:37 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
164579
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ Frame 7067
36 B
312 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844716
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82883ab46939e10fe4f5aa6d0ad6d45947c5021a6e6d4013f2b6f20f66c0b0ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJNdq%2FpmTmkk6zkUeLdPXoZ9d%2Bie7cvz15kNJhTkG1ktiDn%2BBebjFWLUPRw2Bu5VvcF%2FQpP2Grp5y0N9oIgJyicozaz6JrkTrfTcWdwMyjSDvULWg04FrHQTZaI8BGAFB7uH9DEN"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8dccb9ccb9fa5c69-MIA
access-control-allow-origin
https://fr.cosmetiks.net
content-length
36
server
cloudflare
pbjs
htlb.casalemedia.com/openrtb/ Frame 7067
36 B
686 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844716
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82883ab46939e10fe4f5aa6d0ad6d45947c5021a6e6d4013f2b6f20f66c0b0ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8tIysEffA0%2FEQMY4wsa7rg%2FBh3gVxOrCuSNO2ezF9GHioA%2BtI0CCduXiDBaIOg6Bk3gPh0gXrurAOREiJ2hRSWyTT8vFoh9sYyrhmtHbzs3oOEMe2HusceRihq6CHouFTbhZMPM5"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8dccb9ccb9f75c69-MIA
access-control-allow-origin
https://fr.cosmetiks.net
content-length
36
server
cloudflare
c
prebid.a-mo.net/a/ Frame 7067
1014 B
1 KB
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
83e58ee5a4d8dc7b6406404feab66b4bce14d4235cf3d12b9708d290adc71232

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
x-envoy-upstream-service-time
229
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
content-length
495
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
server
envoy
bid
ap.lijit.com/rtb/ Frame 7067
24 B
361 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_9.4.0
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.142.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-142-212.compute-1.amazonaws.com
Software
/
Resource Hash
b96a137caff72f93367ca52ccb878ee0e981c79a2796838da96f8f0674da3d9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://fr.cosmetiks.net
content-length
24
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
/
pub.admanmedia.com/ Frame 7067
2 B
288 B
Fetch
General
Full URL
https://pub.admanmedia.com/?c=o&m=multi
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.27 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://fr.cosmetiks.net
Content-Length
22
Date
Sun, 03 Nov 2024 13:31:38 GMT
Content-Type
application/json
Server
nginx
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 7067
358 B
816 B
Fetch
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&PageUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&PageReferrer=https%3A%2F%2Ffr.cosmetiks.net%2F&CanonicalUrl=https%3A%2F%2Ffr.cosmetiks.net%2F%2F%253E%253Clink%2520rel%3D
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
861ea70c56be77c4c2b517c7eebead8f70d10cf54c641ba79ca0fb3c4ae04602
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
x-content-type-options
nosniff
expires
0
p3p
CP="CAO PSA OUR"
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
36
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
content-length
358
server
ayl-lb-usa02
bid
ap.lijit.com/rtb/ Frame 7067
24 B
361 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_9.4.0
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.142.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-142-212.compute-1.amazonaws.com
Software
/
Resource Hash
4fca81f64c81908a5d79ed8404f26b29f847530a7de1937c6cbfabd10ec7a9cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://fr.cosmetiks.net
content-length
24
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
bid
ap.lijit.com/rtb/ Frame 7067
24 B
362 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_9.4.0
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.142.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-142-212.compute-1.amazonaws.com
Software
/
Resource Hash
e0928f3fab8079537a0e1827dae330b96841cc5b4432d8380de8b3affe320c79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://fr.cosmetiks.net
content-length
24
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 7067
184 B
358 B
Fetch
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.20 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
bfc96b05b4939156ae65230bdea61e8960aa15f1f217e8b0a21456cf1fdcc8e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
0
access-control-allow-origin
https://fr.cosmetiks.net
content-length
173
x-prebid
pbs-java/3.14.0
content-type
application/json
vary
origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7067
342 B
869 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22328&site_id=324792&zone_id=1686040&size_id=15&alt_size_ids=2%2C10%2C43%2C67%2C117%2C198&p_pos=atf&gdpr=0&rp_schain=1.0,1!sunmedia.tv,3041f07a-a484-4265-9e48-8a1a9660a195,1,,,&eid_pubcid.org=c2591ee6-a515-4de0-9521-b47fafce5f67%5E1&rf=https%3A%2F%2Ffr.cosmetiks.net%2F&tg_i.domain=fr.cosmetiks.net&tg_i.page=https%3A%2F%2Ffr.cosmetiks.net%2F&tk_flint=pbjs_lite_v9.4.0&l_pb_bid_id=29684c2730438b1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.7877119389020122
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
b5217e66b6cf4a4f07984408a5cf0a82bfb62b0ce8e46bc2f6991f641925c140

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://fr.cosmetiks.net
content-length
342
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.6
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7067
342 B
692 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22328&site_id=324792&zone_id=1686042&size_id=15&alt_size_ids=2%2C10%2C43%2C67%2C117%2C198&p_pos=atf&gdpr=0&rp_schain=1.0,1!sunmedia.tv,3041f07a-a484-4265-9e48-8a1a9660a195,1,,,&eid_pubcid.org=c2591ee6-a515-4de0-9521-b47fafce5f67%5E1&rf=https%3A%2F%2Ffr.cosmetiks.net%2F&tg_i.domain=fr.cosmetiks.net&tg_i.page=https%3A%2F%2Ffr.cosmetiks.net%2F&tk_flint=pbjs_lite_v9.4.0&l_pb_bid_id=30e5e2349de80e8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.5708313882462666
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
9d0ef211af319a10136976ff9958294572073cbebd0ad78ae923595e7bc809bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://fr.cosmetiks.net
content-length
342
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.6
prebid
ib.adnxs.com/ut/v3/ Frame 7067
483 B
2 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
34e2d0eddd9ed9e872fc7fcaf1788b1be52d5c4ee91c8e91a9dc02d699703fde
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
38.132.118.73; 38.132.118.73; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://fr.cosmetiks.net
an-x-request-uuid
fc098b6a-a66b-4786-a722-3c7e39a645dc
content-length
483
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sun, 03 Nov 2024 13:31:38 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
prebid-request
onetag-sys.com/ Frame 7067
15 B
413 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
v1
btlr.sharethrough.com/universal/ Frame 7067
604 B
734 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.207.157.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-157-141.compute-1.amazonaws.com
Software
/
Resource Hash
5754bf404a37a19b5394f2e37bd2bd849ccee4b66ca20357d410e04b39673d98
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://fr.cosmetiks.net
content-encoding
gzip
content-length
371
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ Frame 7067
860 B
874 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.207.157.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-157-141.compute-1.amazonaws.com
Software
/
Resource Hash
74f429ae7fecc04c4e3965f34cd2b88b4b78efcd45df45d6ca80d5cec6987ace
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://fr.cosmetiks.net
content-encoding
gzip
content-length
512
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ Frame 7067
481 B
656 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.207.157.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-157-141.compute-1.amazonaws.com
Software
/
Resource Hash
521dc2a2deaa4cc4c47099fda74404a1ef6caf4b6bb55dcc5d6bdad09ac94016
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://fr.cosmetiks.net
content-encoding
gzip
content-length
294
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 7067
0
179 B
Fetch
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-max-age
3600
access-control-allow-origin
https://fr.cosmetiks.net
date
Sun, 03 Nov 2024 13:31:38 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame 7067
0
114 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://fr.cosmetiks.net
date
Sun, 03 Nov 2024 13:31:38 GMT
access-control-allow-credentials
true
/
prebid.smilewanted.com/ Frame 7067
0
37 B
Fetch
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-ray
8dccb9cddfc8da8f-MIA
expires
-1
access-control-allow-origin
https://fr.cosmetiks.net
date
Sun, 03 Nov 2024 13:31:39 GMT
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ Frame 7067
0
333 B
Fetch
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-ray
8dccb9cddfcbda8f-MIA
expires
-1
access-control-allow-origin
https://fr.cosmetiks.net
date
Sun, 03 Nov 2024 13:31:39 GMT
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bid
ap.lijit.com/rtb/ Frame 7067
24 B
361 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_9.4.0
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.142.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-142-212.compute-1.amazonaws.com
Software
/
Resource Hash
1cf64c1b5d6c426ea04ee58aa8996b27f1324c0442113e11dd5722ab9f834eee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://fr.cosmetiks.net
content-length
24
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
/
shb.richaudience.com/hb/ Frame 7067
0
174 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.34.110 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
110-34-31-64.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx/1.14.1
/
shb.richaudience.com/hb/ Frame 7067
0
174 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.34.110 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
110-34-31-64.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx/1.14.1
/
shb.richaudience.com/hb/ Frame 7067
0
175 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.34.110 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
110-34-31-64.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx/1.14.1
/
shb.richaudience.com/hb/ Frame 7067
0
174 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.34.110 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
110-34-31-64.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx/1.14.1
openrtb
adx.adform.net/adx/ Frame 7067
0
533 B
Fetch
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
expires
-1
access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Sun, 03 Nov 2024 13:31:38 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
v1
prg.smartadserver.com/prebid/ Frame 7067
1 KB
2 KB
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
15.204.189.240 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ip240.ip-15-204-189.us
Software
/
Resource Hash
3d2f2caa2dab5d285abcd153726d2029f45c53723501a4be3c5a9dccbccc4659

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sun, 03 Nov 2024 13:31:37 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
v1
prg.smartadserver.com/prebid/ Frame 7067
1 KB
2 KB
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
15.204.189.240 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ip240.ip-15-204-189.us
Software
/
Resource Hash
d43e8c1c5125df1098ae64df35406094b501280da142f1f4e2a402e803603368

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
v1
prg.smartadserver.com/prebid/ Frame 7067
914 B
2 KB
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
15.204.189.240 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ip240.ip-15-204-189.us
Software
/
Resource Hash
44df34d2a0f6083c17b8773f3654428563a849fac158625f436bd778d2eef98a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
v1
prg.smartadserver.com/prebid/ Frame 7067
986 B
2 KB
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
15.204.189.240 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ip240.ip-15-204-189.us
Software
/
Resource Hash
1b6ac1cbb93964c9cd99d4a9ca3537e9a030f1eaa475e9cb8884b73e3d49fc45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
/
pub.admanmedia.com/ Frame 7067
2 B
288 B
Fetch
General
Full URL
https://pub.admanmedia.com/?c=o&m=multi
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.27 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://fr.cosmetiks.net
Content-Length
22
Date
Sun, 03 Nov 2024 13:31:38 GMT
Content-Type
application/json
Server
nginx
pb
ad.360yield.com/1062/ Frame 7067
0
385 B
Fetch
General
Full URL
https://ad.360yield.com/1062/pb
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.173.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-173-108.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sun, 03 Nov 2024 13:31:38 GMT
access-control-allow-credentials
true
pb
ad.360yield.com/1062/ Frame 7067
0
103 B
Fetch
General
Full URL
https://ad.360yield.com/1062/pb
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.173.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-173-108.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

date
Sun, 03 Nov 2024 13:31:38 GMT
access-control-allow-origin
https://fr.cosmetiks.net
access-control-allow-credentials
true
pb
ad.360yield.com/1062/ Frame 7067
0
102 B
Fetch
General
Full URL
https://ad.360yield.com/1062/pb
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.173.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-173-108.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

date
Sun, 03 Nov 2024 13:31:38 GMT
access-control-allow-origin
https://fr.cosmetiks.net
access-control-allow-credentials
true
pb
ad.360yield.com/1062/ Frame 7067
0
385 B
Fetch
General
Full URL
https://ad.360yield.com/1062/pb
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.173.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-173-108.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sun, 03 Nov 2024 13:31:38 GMT
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ Frame 7067
45 B
288 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
81eb0095cc15fcb6dab4efcf04a9281e85e413d8004693fedab9bf0f342e5c52
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://fr.cosmetiks.net
date
Sun, 03 Nov 2024 13:31:38 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
673.json
id5-sync.com/g/v2/ Frame 7067
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/673.json
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
70713e00d57095a4f7abe484403582c6730b1932df4c9d80be24bd6515a494bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP="CAO PSA OUR"
date
Sun, 03 Nov 2024 13:31:39 GMT
content-type
application/json
vary
Origin
chnl
cpu32-zs9v8.ads.tremorhub.com/ad/
0
0

chnl
cpu32-zs9v8.ads.tremorhub.com/ad/
Redirect Chain
  • https://cpu32-zs9v8.ads.tremorhub.com/ad/chnl?adCode=cpu32-8qlre&playerWidth=600&playerHeight=450&srcPageUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&schain=1.0,1!sunmedia.tv,3041f07a-a484-4265-9e48-8a1a9...
  • https://cpu32-zs9v8.ads.tremorhub.com/ad/chnl?adCode=cpu32-8qlre&playerWidth=600&playerHeight=450&srcPageUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&schain=1.0,1!sunmedia.tv,3041f07a-a484-4265-9e48-8a1a9...
119 B
522 B
Fetch
General
Full URL
https://cpu32-zs9v8.ads.tremorhub.com/ad/chnl?adCode=cpu32-8qlre&playerWidth=600&playerHeight=450&srcPageUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&schain=1.0,1!sunmedia.tv,3041f07a-a484-4265-9e48-8a1a9660a195,1,,,&gdpr=0&gdpr_consent=1&c1=T1,SM&_tur=T
Protocol
H2
Server
2600:1f18:612b:4216:b842:fe45:937e:4b56 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 03 Nov 2024 13:31:39 GMT
content-type
text/xml;charset=UTF-8
server
nginx
x-tremorvideo-status
NO_AD

Redirect headers

access-control-allow-origin
https://fr.cosmetiks.net
location
https://cpu32-zs9v8.ads.tremorhub.com/ad/chnl?adCode=cpu32-8qlre&playerWidth=600&playerHeight=450&srcPageUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&schain=1.0,1!sunmedia.tv,3041f07a-a484-4265-9e48-8a1a9660a195,1,,,&gdpr=0&gdpr_consent=1&c1=T1,SM&_tur=T
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 03 Nov 2024 13:31:39 GMT
server
nginx
access-control-allow-credentials
true
7ca8ce72-29a8-45b0-a728-fe7a4043ee1e.xml
creatives.sunmedia.tv/7ca8ce72-29a8-45b0-a728-fe7a4043ee1e/
3 KB
4 KB
Fetch
General
Full URL
https://creatives.sunmedia.tv/7ca8ce72-29a8-45b0-a728-fe7a4043ee1e/7ca8ce72-29a8-45b0-a728-fe7a4043ee1e.xml
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/inhome/1.57.5/inhome.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.161.15.30 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d4bf019113531f6fa467102669af1d8455638910a5f194476f5c5ddb01f9777c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-control
max-age=0, s-maxage=2592000
TP-Cache
HIT
Age
1946
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://fr.cosmetiks.net
Content-Length
3181
X-Device
mobile
Date
Sun, 03 Nov 2024 13:31:40 GMT
Content-Type
application/xml
Last-Modified
Thu, 10 Oct 2024 10:33:47 GMT
Server
nginx
Vary
Accept-Encoding
header-bidding.js
static.sunmedia.tv/formats/header-bidding/1.13.5/ Frame 1E2E
41 KB
18 KB
Script
General
Full URL
https://static.sunmedia.tv/formats/header-bidding/1.13.5/header-bidding.js
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/inhome/1.57.5/inhome.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.102.46 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31432935.ip-141-94-102.eu
Software
nginx /
Resource Hash
450fbca9d1568fa35dc6bd055df721ed8a69ec46abb83fc84f4dc863391ebdb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-control
max-age=31536000
TP-Cache
HIT
Content-Encoding
gzip
Age
28
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17717
X-Device
mobile
Date
Sun, 03 Nov 2024 13:31:40 GMT
Content-Type
application/javascript
Last-Modified
Thu, 10 Oct 2024 10:06:01 GMT
Server
nginx
Vary
Accept-Encoding
sm-prebid.js
static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/ Frame 1E2E
473 KB
0
Script
General
Full URL
https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/formats/header-bidding/1.13.5/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.102.46 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31432935.ip-141-94-102.eu
Software
nginx /
Resource Hash
ad7e8f2a8553359305e722a0391fcb74587fc9f200fd2078a6349d2324283637

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-control
max-age=31536000
TP-Cache
HIT
Content-Encoding
gzip
Age
25
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
160423
X-Device
mobile
Date
Sun, 03 Nov 2024 13:31:37 GMT
Content-Type
application/javascript
Last-Modified
Thu, 04 Jul 2024 11:56:32 GMT
Server
nginx
Vary
Accept-Encoding
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ Frame 1E2E
0
223 B
Fetch
General
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.4.0&cb=11891475165&lsavail=1&bundle=Dr12TF9jcEhWZjM3RHo3ZURnWlI2NmNvVGtwaEwlMkZOYVNZWkxqdm54T1NFQzFuQmZwMDBRWFM2Q1RPWkglMkZIeGJFOU5SOWtGUmxJeXZhRW42WHp5Y3MxNzJWQ2dHZ0RzYU9xQlVDWkhmaUV4RXBmd2pqVDNVMnE3UjN0JTJCbTVvT2NsNVNjZg
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://fr.cosmetiks.net
date
Sun, 03 Nov 2024 13:31:40 GMT
vary
Origin
server
Kestrel
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1E2E
342 B
399 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22328&site_id=324792&zone_id=1970072&size_id=15&alt_size_ids=2%2C10%2C43%2C67%2C117%2C198&p_pos=atf&gdpr=0&rp_schain=1.0,1!sunmedia.tv,3041f07a-a484-4265-9e48-8a1a9660a195,1,,,&rf=https%3A%2F%2Ffr.cosmetiks.net%2F&tg_i.domain=fr.cosmetiks.net&tg_i.page=https%3A%2F%2Ffr.cosmetiks.net%2F&tk_flint=pbjs_lite_v9.4.0&l_pb_bid_id=5c2524c67d7b0b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.2953229359636873
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
436b1ec5b01d892c3a2b8609c32ceaddf461fa38869365da32ad7ffca87f285b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://fr.cosmetiks.net
content-length
342
date
Sun, 03 Nov 2024 13:31:40 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.6
bid
ap.lijit.com/rtb/ Frame 1E2E
24 B
360 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_9.4.0
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.142.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-142-212.compute-1.amazonaws.com
Software
/
Resource Hash
e098070ba13215c9326ad36ec73f8150e5bfb97f958db9c1337b41e7c21253dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://fr.cosmetiks.net
content-length
24
date
Sun, 03 Nov 2024 13:31:40 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
v1
btlr.sharethrough.com/universal/ Frame 1E2E
571 B
783 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.207.157.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-157-141.compute-1.amazonaws.com
Software
/
Resource Hash
172af91585a1635c1e4820a0b332c82993efb712654292fe5697a8338f7063b8
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://fr.cosmetiks.net
content-encoding
gzip
content-length
421
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 1E2E
24 B
360 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_9.4.0
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.142.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-142-212.compute-1.amazonaws.com
Software
/
Resource Hash
5bdf55caec829ea4ee03acde79dc4281d8c94435d3a36f44f1be0c0c81abd79b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://fr.cosmetiks.net
content-length
24
date
Sun, 03 Nov 2024 13:31:40 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
v1
prg.smartadserver.com/prebid/ Frame 1E2E
1 KB
1 KB
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
15.204.189.240 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ip240.ip-15-204-189.us
Software
/
Resource Hash
8d2b6452db49a1d1eb30461afd81406cdba5eee01cae5f7df6e65041e0d9fb1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sun, 03 Nov 2024 13:31:39 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1E2E
180 B
341 B
Fetch
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&PageUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&PageReferrer=https%3A%2F%2Ffr.cosmetiks.net%2F&CanonicalUrl=https%3A%2F%2Ffr.cosmetiks.net%2F%2F%253E%253Clink%2520rel%3D
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
0c1727e8c0ac8a4601d9e0a6b39d0861c0bdf5c74e6382700d4150c9a5b3c01d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
x-content-type-options
nosniff
expires
0
p3p
CP="CAO PSA OUR"
date
Sun, 03 Nov 2024 13:31:40 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
33
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
content-length
180
server
ayl-lb-usa02
pbjs
htlb.casalemedia.com/openrtb/ Frame 1E2E
37 B
454 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844716
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c8fd6eabce93065088ec9c0a3aa8e61f931f54488d54bbef7091801a57a8f11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kTgp22YjGCi0AoghbL9WloczfNFdjnb36ifuxw3xhnoZVPVHT7vEfeJH1PmagtMlKtTdYnKDsDvE6QqHZBX88b6oYBaFaLZ4Ti5dEIF%2B2Ts8sRlHLeCJuYhiZMbJuE2%2FKz5j2m3"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Sun, 03 Nov 2024 13:31:40 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8dccb9d9c8945c69-MIA
access-control-allow-origin
https://fr.cosmetiks.net
content-length
37
server
cloudflare
/
pub.admanmedia.com/ Frame 1E2E
2 B
288 B
Fetch
General
Full URL
https://pub.admanmedia.com/?c=o&m=multi
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.27 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://fr.cosmetiks.net
Content-Length
22
Date
Sun, 03 Nov 2024 13:31:40 GMT
Content-Type
application/json
Server
nginx
/
pub.admanmedia.com/ Frame 1E2E
2 B
288 B
Fetch
General
Full URL
https://pub.admanmedia.com/?c=o&m=multi
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.27 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://fr.cosmetiks.net
Content-Length
22
Date
Sun, 03 Nov 2024 13:31:40 GMT
Content-Type
application/json
Server
nginx
/
shb.richaudience.com/hb/ Frame 1E2E
0
173 B
Fetch
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.34.110 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
110-34-31-64.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
content-length
0
date
Sun, 03 Nov 2024 13:31:40 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx/1.14.1
prebid-request
onetag-sys.com/ Frame 1E2E
15 B
412 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
prebid
ib.adnxs.com/ut/v3/ Frame 1E2E
145 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e7ff0cfb76e0735b816ab68a644e0f7592c1b635b75bcced44576cb796774cde
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
38.132.118.73; 38.132.118.73; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://fr.cosmetiks.net
an-x-request-uuid
faf34cd8-ad08-40c9-91a6-5c6ea0489c6e
content-length
145
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sun, 03 Nov 2024 13:31:40 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
translator
hbopenbid.pubmatic.com/ Frame 1E2E
0
57 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://fr.cosmetiks.net
date
Sun, 03 Nov 2024 13:31:40 GMT
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 1E2E
988 B
664 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
9643ce179ef7fa97c36e8df86ca5f9e80e6bf37a5f2db8529fae35fad962ac97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
x-envoy-upstream-service-time
344
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
content-length
488
date
Sun, 03 Nov 2024 13:31:40 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
server
envoy
openrtb
adx2.adform.net/adx/ Frame 1E2E
0
532 B
Fetch
General
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.52 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
expires
-1
access-control-allow-origin
https://fr.cosmetiks.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Sun, 03 Nov 2024 13:31:40 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
pb
ad.360yield.com/1062/ Frame 1E2E
0
101 B
Fetch
General
Full URL
https://ad.360yield.com/1062/pb
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.173.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-173-108.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

date
Sun, 03 Nov 2024 13:31:40 GMT
access-control-allow-origin
https://fr.cosmetiks.net
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1E2E
180 B
317 B
Fetch
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&PageUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&PageReferrer=https%3A%2F%2Ffr.cosmetiks.net%2F&CanonicalUrl=https%3A%2F%2Ffr.cosmetiks.net%2F%2F%253E%253Clink%2520rel%3D
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
83d93a5f598605490249cecc5ac8e71351415dc13d474366c6711ad7321fc89b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
x-content-type-options
nosniff
expires
0
p3p
CP="CAO PSA OUR"
date
Sun, 03 Nov 2024 13:31:40 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
39
access-control-allow-credentials
true
access-control-allow-origin
https://fr.cosmetiks.net
content-length
180
server
ayl-lb-usa02
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1E2E
0
178 B
Fetch
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://fr.cosmetiks.net
date
Sun, 03 Nov 2024 13:31:40 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
/
prebid.smilewanted.com/ Frame 1E2E
0
61 B
Fetch
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/3p/prebid-js/0.4.0/sm-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://fr.cosmetiks.net/

Response headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-ray
8dccb9d9cc45da8f-MIA
expires
-1
access-control-allow-origin
https://fr.cosmetiks.net
date
Sun, 03 Nov 2024 13:31:40 GMT
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
2cda9eed-462d-4d4c-a308-786a00b8bf95.xml
creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/
1 KB
2 KB
Fetch
General
Full URL
https://creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/inhome/1.57.5/inhome.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.161.15.30 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
cc626279c47ac6a857f9ccd68dd0828632cc1ca00bcd566e5fa3cb6cddd5e9cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-control
max-age=0, s-maxage=2592000
TP-Cache
HIT
Age
1947
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://fr.cosmetiks.net
Content-Length
1106
X-Device
mobile
Date
Sun, 03 Nov 2024 13:31:40 GMT
Content-Type
application/xml
Last-Modified
Thu, 03 Oct 2024 08:34:56 GMT
Server
nginx
Vary
Accept-Encoding
indisplay.js
static.sunmedia.tv/formats/indisplay/0.7.8/ Frame 17A4
14 KB
6 KB
Script
General
Full URL
https://static.sunmedia.tv/formats/indisplay/0.7.8/indisplay.js
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/inhome/1.57.5/inhome.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.102.46 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31432935.ip-141-94-102.eu
Software
nginx /
Resource Hash
960fbdf208313c8357e4802affbb8dcd1922d12b0cbd40dd159397cc2b004e4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://fr.cosmetiks.net/

Response headers

Cache-control
max-age=31536000
TP-Cache
HIT
Content-Encoding
gzip
Age
29
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5691
X-Device
mobile
Date
Sun, 03 Nov 2024 13:31:41 GMT
Content-Type
application/javascript
Last-Modified
Mon, 02 Oct 2023 14:48:09 GMT
Server
nginx
Vary
Accept-Encoding
smart.js
ced.sascdn.com/tag/1999/ Frame 17A4
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
beauteblogchic.com
URL
https://beauteblogchic.com/wp-content/uploads/2016/10/huda-beauty-liquid-matte.jpg
Domain
beauteblogchic.com
URL
https://beauteblogchic.com/wp-content/uploads/2016/09/sephora-eponge-nettoyante-pinceaux.jpg
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300italic,700
Domain
cpu32-zs9v8.ads.tremorhub.com
URL
https://cpu32-zs9v8.ads.tremorhub.com/ad/chnl?adCode=cpu32-8qlre&playerWidth=600&playerHeight=450&srcPageUrl=https%3A%2F%2Ffr.cosmetiks.net%2F&schain=1.0,1!sunmedia.tv,3041f07a-a484-4265-9e48-8a1a9660a195,1,,,&gdpr=0&gdpr_consent=1&c1=T1,SM
Domain
ced.sascdn.com
URL
https://ced.sascdn.com/tag/1999/smart.js

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| gapi object| ___jsl object| time number| randnum function| Item function| Fecha function| toggleMobileMenu function| closeMobileMenu function| $ function| jQuery function| a object| n object| s function| gtag object| dataLayer object| adsbygoogle object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| google_js_reporting_queue number| google_srt number| uidEvent object| bootstrap object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| gaGlobal function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| sunmediatag object| __sm__ object| googlefc boolean| adsbygoogle_ama_fc_has_run object| adblockDetector object| googletag object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| NGYxOGUyYWFiYWY1OTAzY2xvYWRlcl9qcw== string| NGYxOGUyYWFiYWY1OTAzY2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady string| raEuconsent string| raReferrer object| h function| Tapad boolean| google_empty_script_included boolean| e255420a-fe7b-4ac5-943a-a94146295fbc

72 Cookies

Domain/Path Name / Value
.cosmetiks.net/ Name: _ga_N56HFM76NZ
Value: GS1.1.1730640695.1.0.1730640695.0.0.0
.cosmetiks.net/ Name: _ga
Value: GA1.1.539149792.1730640695
.doubleclick.net/ Name: IDE
Value: AHWqTUlUbQTZL7Xe38r_Rhtwd4h1jRsDZXv_-rWbbk7qCBNdFnn3eBEw9_2ER0Rcp3Y
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.cosmetiks.net/ Name: __gads
Value: ID=0399a700adc07b9c:T=1730640695:RT=1730640695:S=ALNI_Mb3_ND82FVgxKCkgupDq6MJStRnag
.cosmetiks.net/ Name: __gpi
Value: UID=00000f50ee9dcb90:T=1730640695:RT=1730640695:S=ALNI_MaHUoquX3B_a1BCnihxhZcS0rJdkg
.cosmetiks.net/ Name: __eoi
Value: ID=25c79c03b287f79f:T=1730640695:RT=1730640695:S=AA-AfjaFI4fGX9bn1-f1Yck10jPl
.casalemedia.com/ Name: CMID
Value: Zyd7ONHM42kAAHBxAKc6UQAA
.casalemedia.com/ Name: CMPS
Value: 933
.casalemedia.com/ Name: CMPRO
Value: 933
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
fr.cosmetiks.net/ Name: TAPAD
Value: %7B%22id%22%3A%22e32280af-325a-4ebe-a0a1-002cb2d5dc40%22%7D
.teads.tv/ Name: tt_viewer
Value: b16e407f-4c58-4af7-bce4-bf691c56b170
gtracenep.admaster.cc/ Name: cst_44
Value: ts=1730640697
gtracenep.admaster.cc/ Name: cst_70
Value: ts=1730640697
gtracenep.admaster.cc/ Name: cst_78
Value: ts=1730640697
.admaster.cc/ Name: __mguid_
Value: 9e90f00bd4d3a4a524tc4k00m31mscrr
.cosmetiks.net/ Name: FCNEC
Value: %5B%5B%22AKsRol9NWhOkGPaD9UY8IVZgStkgqFy8c2VwK5YosEev61aLN9o-KVfJhGIOLjH9XEBpeJoGvZEjJalQc7_UHSCN_WWZz2zUmVj4rYmnq4rYzR5DM4hoCckY2zR0oVkM4oGOcsjC1lgx3wrp8-O8x0y_RdTG59g-wA%3D%3D%22%5D%5D
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 3ccaa0fd18d8f8af7b41fea7ddf524c1
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQME5OTkw0SEsxtEixSLNITDNPMjFMS000T0lJMzUySTZkAIJ09WpLBgQAAHmIC0A%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBIV6%2B2ZIADAA%2FmAUM%3D"
fr.cosmetiks.net/ Name: panoramaId_expiry
Value: 1730727097905
fr.cosmetiks.net/ Name: _cc_id
Value: 3ccaa0fd18d8f8af7b41fea7ddf524c1
.tapad.com/ Name: TapAd_TS
Value: 1730640697966
.tapad.com/ Name: TapAd_DID
Value: 4d8a9a3f-603a-4bd4-8284-060cb2736934
.richaudience.com/ Name: pdid
Value: 57e22951-1501-49df-a058-1zz1730640698
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDID
Value: 6c3081b1-ceae-4769-a603-87c32a02281d
.lijit.com/ Name: ljt_reader
Value: JmurABZHU7bp9jdUQA2XzOG_
.criteo.com/ Name: cto_bundle
Value: 2brdwV9QaDBHcTBIJTJCTUt0aEd1TVZ6T0xyNG5sbyUyRmFjSHozWXhuS00lMkJNaGUzMnR5MFNEdkVqV0ElMkJGNXNwcHhQZjQ5MEhDTWpUWFZ6N2hINUNET0dwek5vNHF6VG8ycXlZM3FTVENtJTJCd1lKSE9qJTJGMCUzRA
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjw3dGKvIW-PRAFGAUgASgCMgsI-KaMt9KFvj0QBTgB
.richaudience.com/ Name: raibs
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7405
.360yield.com/ Name: tuuid_lu
Value: 1730640698
.360yield.com/ Name: tuuid
Value: 88714fe8-bab2-4f1b-8c6c-49018a1e7843
.omnitagjs.com/ Name: ayl_visitor
Value: b61ce8ed547fc5270733f2ed47501fef
.prebid.a-mo.net/ Name: __amc
Value: 1_1730640698_1730640698
.a-mo.net/ Name: amuid2
Value: ce49b02c-0292-4ad4-a415-9d5d22bef89a
.a-mo.net/ Name: pamuid2
Value: ce49b02c-0292-4ad4-a415-9d5d22bef89a
.prebid.a-mo.net/ Name: psd_amuid2
Value: ce49b02c-0292-4ad4-a415-9d5d22bef89a
.prebid.a-mo.net/ Name: sd_amuid2
Value: ce49b02c-0292-4ad4-a415-9d5d22bef89a
.sharethrough.com/ Name: stx_user_id
Value: b5bb116e-ab29-47d3-8ed8-ad7eddb438b8
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d99999
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: receive-cookie-deprecation
Value: 1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500046471%3B%24ql%3DHigh%3B%24qpc%3D33144%3B%24qt%3D152_581_33100t%3B%24dma%3D528%3B%24qo%3D6
.smartadserver.com/ Name: pid
Value: 6251092177177029495
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500046471%3B%24ql%3DHigh%3B%24qpc%3D33144%3B%24qt%3D152_581_33100t%3B%24dma%3D528%3B%24qo%3D6&c=1&l&lo&lt=638662374986030739&o=1
.adnxs.com/ Name: XANDR_PANID
Value: G4wSjSMyCwQxlHenz_syrvffKHq8wVpV7U1cmRYdiLqYLFWR-HtsLOAfxkJr2VrX_UhSMow6HMEA-VcOyS6_AochcHJmJ_JcMAWzENhd0I0.
.adnxs.com/ Name: icu
Value: ChgIjq9kEAoYASABKAEwuvaduQY4AUABSAEQuvaduQYYAA..
.adnxs.com/ Name: uuid2
Value: 4781927289909940365
.bidswitch.net/ Name: tuuid
Value: bc2d3459-b7b9-4ede-b3df-e0328d697ca4
.bidswitch.net/ Name: c
Value: 1730640698
.bidswitch.net/ Name: tuuid_lu
Value: 1730640698
.rubiconproject.com/ Name: audit_p
Value: 1|6ROgOfQF3OuKMzEIGZZqQ4t5CbnP87xUFDzH9pPFuxk8fCYmOTvXgzd0rcurNYkWmj0oGc4JwkxYuqoIiPk057iLOlCEhdvdkKYgN2JECaf8O0B95hTmP3CIA43RpoQF2VjNQwH8cwiI2xlsVWwrlsh07ezKo7loHrwpgbEbp0U=
.rubiconproject.com/ Name: khaos
Value: M31MSDNZ-A-8XYJ
.rubiconproject.com/ Name: khaos_p
Value: M31MSDNZ-A-8XYJ
.rubiconproject.com/ Name: audit
Value: 1|6ROgOfQF3OuKMzEIGZZqQ4t5CbnP87xUFDzH9pPFuxk8fCYmOTvXgzd0rcurNYkWmj0oGc4JwkxYuqoIiPk057iLOlCEhdvdkKYgN2JECaf8O0B95hTmP3CIA43RpoQF2VjNQwH8cwiI2xlsVWwrlsh07ezKo7loHrwpgbEbp0U=
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.smilewanted.com/ Name: sw_user_params_infos
Value: 8sdRREvsw7LjLys0YvGw8%2FsT%2B4CUqGwZ%2FIzBNKIuUOcnTQaL%2FS5BaUUia%2BMW06p52yJmSZaYV7IGs5dgniSfTgETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6qTl17CBIjqm5mKT8bn9A6A%3D%3D
.bidr.io/ Name: bito
Value: AANRAE7OTvYAABRUp3a6oA
.bidr.io/ Name: bitoIsSecure
Value: ok
.richaudience.com/ Name: avcid-rub-uid
Value: M31MSDNZ-A-8XYJ
.id5-sync.com/ Name: id5
Value: a0069257-aa3e-701c-b9d1-1ba749465db5#1730640698326#2
.richaudience.com/ Name: avcid-bsx-uid
Value: AANRAE7OTvYAABRUp3a6oA
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 9df5f63e-57a9-5334-a97c-4b4ece5b3075
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: Zyd7OwAF66AmEjT7cjFToTuvjh-6HKZ4mRHl2A==

6 Console Messages

Source Level URL
Text
security warning URL: https://fr.cosmetiks.net/
Message:
Mixed Content: The page at 'https://fr.cosmetiks.net/' was loaded over HTTPS, but requested an insecure element 'http://beauteblogchic.com/wp-content/uploads/2016/10/huda-beauty-liquid-matte.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://fr.cosmetiks.net/
Message:
Mixed Content: The page at 'https://fr.cosmetiks.net/' was loaded over HTTPS, but requested an insecure element 'http://beauteblogchic.com/wp-content/uploads/2016/09/sephora-eponge-nettoyante-pinceaux.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://fr.cosmetiks.net/(Line 17)
Message:
Mixed Content: The page at 'https://fr.cosmetiks.net/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300italic,700'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://fr.cosmetiks.net/(Line 1015)
Message:
Mixed Content: The page at 'https://fr.cosmetiks.net/' was loaded over HTTPS, but requested an insecure element 'http://beauteblogchic.com/wp-content/uploads/2016/10/huda-beauty-liquid-matte.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://fr.cosmetiks.net/(Line 1015)
Message:
Mixed Content: The page at 'https://fr.cosmetiks.net/' was loaded over HTTPS, but requested an insecure element 'http://beauteblogchic.com/wp-content/uploads/2016/09/sephora-eponge-nettoyante-pinceaux.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering warning URL: https://fr.cosmetiks.net/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A050A702CC050000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
adx.adform.net
adx2.adform.net
ap.lijit.com
apis.google.com
beauteblogchic.com
btlr.sharethrough.com
cdn.jsdelivr.net
ced.sascdn.com
code.jquery.com
cpu32-zs9v8.ads.tremorhub.com
creatives.sunmedia.tv
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fr.cosmetiks.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
grid-bidder.criteo.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
lb.eu-1-id5-sync.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pandg.tapad.com
pghub.io
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.smilewanted.com
prg.smartadserver.com
pub.admanmedia.com
recetas.thermomagazine.net
s.richaudience.com
services.sunmedia.tv
shb.richaudience.com
static.sunmedia.tv
sync.richaudience.com
track.sunmedia.tv
www.google-analytics.com
www.googletagmanager.com
beauteblogchic.com
ced.sascdn.com
cpu32-zs9v8.ads.tremorhub.com
fonts.googleapis.com
138.199.8.196
141.94.102.46
147.28.129.140
148.251.40.147
15.204.189.240
162.19.138.118
172.253.63.100
172.64.151.101
172.67.194.199
172.67.223.137
173.194.205.155
18.207.157.141
18.210.47.92
185.167.164.52
185.184.8.90
195.244.31.11
207.65.37.179
208.115.237.110
209.85.201.155
2600:1f18:612b:4216:b842:fe45:937e:4b56
2602:803:c002:200::32
2606:4700:10::6816:1fd1
2606:4700::6812:ba1f
2607:f8b0:4004:c0b::65
2607:f8b0:4004:c21::5f
2607:f8b0:400d:c02::8a
2607:f8b0:400d:c03::66
2607:f8b0:400d:c04::61
2620:100:a00b::12
2620:100:a00b::9
2a04:4e42:200::649
3.213.173.108
3.222.142.212
34.102.243.38
35.241.45.217
37.157.6.243
51.161.15.30
51.222.39.184
64.31.34.110
68.67.160.137
69.173.146.20
74.119.117.17
8.2.110.27
051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3
0631273a36b493eee86d239592b4c553253ecc5ada063b0af4083079764d94f7
0c1727e8c0ac8a4601d9e0a6b39d0861c0bdf5c74e6382700d4150c9a5b3c01d
172af91585a1635c1e4820a0b332c82993efb712654292fe5697a8338f7063b8
1b6ac1cbb93964c9cd99d4a9ca3537e9a030f1eaa475e9cb8884b73e3d49fc45
1cf64c1b5d6c426ea04ee58aa8996b27f1324c0442113e11dd5722ab9f834eee
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
27f320e0c9126fb1f9129506103276c5876a017f98ad610782a5954263a78ad8
29d5b8392509abb22d476635a91ba4777c3375eb47ecc82ba173589e8ed82ca6
2a22ddc0fa6db3da94e79da6d534be63a8a2516ee90d520937d4b40e0b4e8465
2c8fd6eabce93065088ec9c0a3aa8e61f931f54488d54bbef7091801a57a8f11
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
34e2d0eddd9ed9e872fc7fcaf1788b1be52d5c4ee91c8e91a9dc02d699703fde
3d2f2caa2dab5d285abcd153726d2029f45c53723501a4be3c5a9dccbccc4659
436b1ec5b01d892c3a2b8609c32ceaddf461fa38869365da32ad7ffca87f285b
44df34d2a0f6083c17b8773f3654428563a849fac158625f436bd778d2eef98a
450fbca9d1568fa35dc6bd055df721ed8a69ec46abb83fc84f4dc863391ebdb7
47179187743f7d17557fbc51966d96f928c997bfe3531b6e0c085267ae5b5713
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fca81f64c81908a5d79ed8404f26b29f847530a7de1937c6cbfabd10ec7a9cc
521dc2a2deaa4cc4c47099fda74404a1ef6caf4b6bb55dcc5d6bdad09ac94016
52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45
548542367e6be287c51a07289eff769297883e60b57111947afadaa0ab57f6af
54ccfcc9fc6ef004a9ab606b1e4517c8b900573ffadd35f9a3ba2dd1fd6e9ad7
5754bf404a37a19b5394f2e37bd2bd849ccee4b66ca20357d410e04b39673d98
5bdf55caec829ea4ee03acde79dc4281d8c94435d3a36f44f1be0c0c81abd79b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
680725acdd56050e3b7d730688baa12a31f8ec0abfee1154a7c3a7c614d43582
6ecb23174a0e3ef7cdf0095a5226a9df6cb77538fa8d5da75e1bea1ceff88b4d
70713e00d57095a4f7abe484403582c6730b1932df4c9d80be24bd6515a494bb
71a8864f7ffff26ae83c89da4b8714c0fcf61d96e7a16bf0bb3cbb651a6f2f03
7377e9cccd253852c50a38b45c09cd22d967b29bf72352c7f9a3ed528955194e
73a743c6e5d856377bbf933b80b2a679019071346d6723deccf7647df1984f8a
74f429ae7fecc04c4e3965f34cd2b88b4b78efcd45df45d6ca80d5cec6987ace
75ef3b8a6a9a4c3feb49f60fadf4799242e4efa1bdb189877f10027f6158a8a9
7c97585d0cb56a845729ab93506983f5b4bd111ff713c228d4c96e4ce42cfe54
81eb0095cc15fcb6dab4efcf04a9281e85e413d8004693fedab9bf0f342e5c52
82883ab46939e10fe4f5aa6d0ad6d45947c5021a6e6d4013f2b6f20f66c0b0ad
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
83d93a5f598605490249cecc5ac8e71351415dc13d474366c6711ad7321fc89b
83e58ee5a4d8dc7b6406404feab66b4bce14d4235cf3d12b9708d290adc71232
861ea70c56be77c4c2b517c7eebead8f70d10cf54c641ba79ca0fb3c4ae04602
892d7641368451c3fb1a1bf108724b28e41662c4a7bff1e168d40f7efdd4c431
8b92b4255be4bac210ed50b637623a15798fc473f30522095a91b98a1c2ff592
8d2b6452db49a1d1eb30461afd81406cdba5eee01cae5f7df6e65041e0d9fb1d
9161ad61619a9765102b160322648a2c3edc74c5f281cc6825041eb771dca806
960fbdf208313c8357e4802affbb8dcd1922d12b0cbd40dd159397cc2b004e4b
9643ce179ef7fa97c36e8df86ca5f9e80e6bf37a5f2db8529fae35fad962ac97
9d0ef211af319a10136976ff9958294572073cbebd0ad78ae923595e7bc809bb
a24030171b433436b86d09c2ae6909819429dd67c07fdfa6e935c1d29a556774
a8566b6c9d9a12543b5abdb92f9ee63fd4058eeac8c119fe0caa6c2fbe642ce6
ab95dba496a305a54998e9f115b513f14601b0606355ba282844810d4cfdad08
ad7e8f2a8553359305e722a0391fcb74587fc9f200fd2078a6349d2324283637
af717b7cf145ab123ff14cc70e6c52895712b4fc7d327f32847df102d31340a8
b5217e66b6cf4a4f07984408a5cf0a82bfb62b0ce8e46bc2f6991f641925c140
b96a137caff72f93367ca52ccb878ee0e981c79a2796838da96f8f0674da3d9e
b9e2ee3ee86f447aebb15c14fe952200ce9afcde0e6b8b693bdc0907ea444b42
bd6339eb36877587d68b786b971203224babcad94c0b9579a84176cdc1efd5e8
bfc96b05b4939156ae65230bdea61e8960aa15f1f217e8b0a21456cf1fdcc8e8
c58396ed32968f1ff859badfdbec0fc8b05df8d5fc808cf7ea9f4369e72bd357
cb25e92468c6a47a74c18eaa01b3e9a736c06a2dce37eb262a0f7dab806551c1
cc626279c47ac6a857f9ccd68dd0828632cc1ca00bcd566e5fa3cb6cddd5e9cf
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd618c4e3644053b35a11aa5494f78c32272eadf7684df22b4bd42c58e7e2320
d0f3af1e716ce7846e7c252ace160c12480d41eecd5a7e7917ee5b2ccde62b51
d43e8c1c5125df1098ae64df35406094b501280da142f1f4e2a402e803603368
d4bf019113531f6fa467102669af1d8455638910a5f194476f5c5ddb01f9777c
dd77c96829672de01efa2b6026f30a4e52e0f6c3bddc57bf6c0c80269f9b3f0e
e0928f3fab8079537a0e1827dae330b96841cc5b4432d8380de8b3affe320c79
e098070ba13215c9326ad36ec73f8150e5bfb97f958db9c1337b41e7c21253dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8
e725ac5137b674274cd6ad1303a03515a5320d0e987dd3aa10e9b2e086619307
e7ff0cfb76e0735b816ab68a644e0f7592c1b635b75bcced44576cb796774cde
ec30e0a413fcd365564d9779c59ce5ef8a1b9cc2d1bd80bc68738da5770d3f6e
ecc5dd8413a5156e3a0c861bcf5fc2eabbd96b38b9d878f7352527a9c20a6173
ed8c3f014e2444862921637c0908e07ec9dae1b189f504bfa6f08c960b4db6ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1688aa09a4db40d836703c360c53ea55d439d2de1f3df2c79cd63811a12f643
f27128bca3747bcd75818a0e53017eb462cba3ff1eaf59fa0229739f6d0e053c
f7b1f7dc0c365805c3d8e4f83997bad5ba1df91c87a8e9358d2079186380f683
fa9a6aed6049e20d120caba66c9cb79c330c8afee8c0669b2e78cf2d2ce0598f
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fce01b0f49ab9468e8d7bd1e9fa2ce07a7bd053f09285f8781d9fd50775dbe05
fdb8ec82cdd7d5ce21b94573529c4c241732d967ccaef6486659c5065710b85e