urlscan.io logo urlscan.io
SecurityTrails logo

www.glossybox.fr Open in urlscan Pro
185.217.104.149  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Submission: On May 20 via manual from RU — Scanned from IS
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 23 domains to perform 65 HTTP transactions. The main IP is 185.217.104.149, located in United Kingdom and belongs to THEHUTGROUPLIMITED, GB. The main domain is www.glossybox.fr.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 25th 2022. Valid for: a year.
This is the only time www.glossybox.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 185.217.104.149 197651 (THEHUTGRO...)
7 104.90.137.99 16625 (AKAMAI-AS)
1 69.16.175.42 20446 (STACKPATH...)
1 192.0.73.2 2635 (AUTOMATTIC)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 93.184.220.66 15133 (EDGECAST)
2 142.250.185.106 15169 (GOOGLE)
6 142.250.185.110 15169 (GOOGLE)
3 142.250.185.200 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
4 157.240.236.1 32934 (FACEBOOK)
4 204.79.197.200 8068 (MICROSOFT...)
4 185.217.104.194 197651 (THEHUTGRO...)
1 104.244.42.8 13414 (TWITTER)
3 74.125.133.154 15169 (GOOGLE)
2 157.240.236.35 32934 (FACEBOOK)
1 108.157.4.87 16509 (AMAZON-02)
1 172.217.18.98 15169 (GOOGLE)
1 199.232.136.157 54113 (FASTLY)
1 2 185.184.8.90 204995 (RTB-HOUSE...)
1 142.250.186.34 15169 (GOOGLE)
1 104.244.42.67 13414 (TWITTER)
1 104.244.42.69 13414 (TWITTER)
2 142.250.185.228 15169 (GOOGLE)
65 25
11    185.217.104.149 (United Kingdom)

ASN197651 (THEHUTGROUPLIMITED, GB)
www.glossybox.fr
7    104.90.137.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-137-99.deploy.static.akamaitechnologies.com
s1.thcdn.com
1    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
1    192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
fonts.googleapis.com
6    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
fonts.google.com
www.google-analytics.com
3    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
4    157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net
connect.facebook.net
4    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
bat.bing.com
4    185.217.104.194 (United Kingdom)

ASN197651 (THEHUTGROUPLIMITED, GB)
csp.thehut.net
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net
stats.g.doubleclick.net
2    157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com
www.facebook.com
1    108.157.4.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-87.dus51.r.cloudfront.net
www.dwin1.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
www.googleadservices.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads.g.doubleclick.net
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
2    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
11 glossybox.fr
www.glossybox.fr
288 KB
7 thcdn.com
s1.thcdn.com — Cisco Umbrella Rank: 36610
56 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
2 KB
4 thehut.net
csp.thehut.net — Cisco Umbrella Rank: 140214
300 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 375
12 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
197 KB
4 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 664
syndication.twitter.com — Cisco Umbrella Rank: 954
analytics.twitter.com — Cisco Umbrella Rank: 534
134 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
238 KB
3 google.com
fonts.google.com — Cisco Umbrella Rank: 32262
www.google.com — Cisco Umbrella Rank: 7
655 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 690
983 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
315 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 t.co
t.co — Cisco Umbrella Rank: 495
338 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 638
14 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 110
15 KB
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 4337
8 KB
1 gstatic.com
fonts.gstatic.com
8 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
5 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1727
8 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 660
30 KB
0 smct.co Failed
ipb.smct.co Failed
smct.co Failed
0 tiktok.com Failed
analytics.tiktok.com Failed
65 23
Domain Requested by
11 www.glossybox.fr www.glossybox.fr
7 s1.thcdn.com www.glossybox.fr
www.googletagmanager.com
s1.thcdn.com
5 www.google-analytics.com www.googletagmanager.com
4 csp.thehut.net www.glossybox.fr
www.googletagmanager.com
s1.thcdn.com
4 bat.bing.com www.glossybox.fr
bat.bing.com
4 connect.facebook.net www.glossybox.fr
connect.facebook.net
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com www.glossybox.fr
www.googletagmanager.com
2 www.google.com
2 creativecdn.com 1 redirects
2 www.facebook.com www.glossybox.fr
2 fonts.googleapis.com www.glossybox.fr
2 platform.twitter.com www.glossybox.fr
platform.twitter.com
1 t.co
1 analytics.twitter.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 static.ads-twitter.com www.glossybox.fr
1 www.googleadservices.com www.googletagmanager.com
1 www.dwin1.com www.googletagmanager.com
1 syndication.twitter.com platform.twitter.com
1 fonts.gstatic.com www.glossybox.fr
1 fonts.google.com www.glossybox.fr
1 cdnjs.cloudflare.com www.glossybox.fr
1 secure.gravatar.com www.glossybox.fr
1 code.jquery.com www.glossybox.fr
0 smct.co Failed s1.thcdn.com
0 ipb.smct.co Failed s1.thcdn.com
0 analytics.tiktok.com Failed www.glossybox.fr
65 28
Subject Issuer Validity Valid
glossybox.co.uk
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-25 -
2023-04-25		 a year crt.sh
www.thehutgroup.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-24 -
2022-09-30		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-26 -
2022-05-27		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.thehut.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-11-29		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.dwin1.com
Amazon		 2021-11-19 -
2022-12-17		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Frame ID: 8284EB5FA4678DC3D65AECD1F8489047
Requests: 63 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.glossybox.fr
Frame ID: A40B75254E23318BD7565F9DA3D7356A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5D41DEE90F8C5324FC5F330C5A66FE99
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cosmétique Gourmande - GLOSSYBOXVisaMastercardAmexPaypal

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

65
Requests

94 %
HTTPS

0 %
IPv6

23
Domains

28
Subdomains

25
IPs

5
Countries

1039 kB
Transfer

3391 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://creativecdn.com/tags?type=img&id=pr_DmcQiC8rKYDoxRAD6arO&ncm=1&id=pr_DmcQiC8rKYDoxRAD6arO_uid_undefined HTTP 302
  • https://creativecdn.com/tags?type=img&id=pr_DmcQiC8rKYDoxRAD6arO&ncm=1&id=pr_DmcQiC8rKYDoxRAD6arO_uid_undefined&tc=1

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/ 		133 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.149 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
585a3bbd677674eb52c9b0a8efda08ea0d58fecd899ff20a144436726a87baec
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

accept-ranges
bytes
age
116
content-encoding
gzip
content-length
45825
content-security-policy
default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
content-type
text/html; charset=UTF-8
date
Fri, 20 May 2022 08:09:13 GMT
etag
"212b0-5d964e1b64ada-gzip"
grace
none
last-modified
Fri, 04 Mar 2022 13:56:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block; report=/xssProtection.txt
default-style.css
www.glossybox.fr/beauty-blog/ 		1 KB
573 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.glossybox.fr/beauty-blog/default-style.css
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.149 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
1f70155e13733ac4d343295b69ef6c33152cfbe26d98c3336629fccd726f44ad
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 15:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 10:51:00 GMT
age
58289
etag
"55d-5dea619aba1e9-gzip"
x-frame-options
sameorigin
content-type
text/css
grace
none
content-security-policy
default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
481
x-xss-protection
1; mode=block; report=/xssProtection.txt
thg-wp-site-feature-plugin-public.css
www.glossybox.fr/beauty-blog/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.glossybox.fr/beauty-blog/thg-wp-site-feature-plugin-public.css
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.149 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
e3d2b0717ca3f3b73a1883be014c78dde37842662c497c1702b75dd1b724305d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 15:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 10:50:55 GMT
age
58289
etag
"647d-5dea6196913be-gzip"
x-frame-options
sameorigin
content-type
text/css
grace
none
content-security-policy
default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
5596
x-xss-protection
1; mode=block; report=/xssProtection.txt
footers-edf4b8b8e8.css
www.glossybox.fr/beauty-blog/ 		74 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.glossybox.fr/beauty-blog/footers-edf4b8b8e8.css
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.149 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
43f1deb9da8249ce4b57d0542232b8285a6e626427a8ca9022d9ed7574a1206d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 15:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 10:51:06 GMT
age
58891
etag
"12623-5dea61a072378-gzip"
x-frame-options
sameorigin
content-type
text/css
grace
none
content-security-policy
default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
13386
x-xss-protection
1; mode=block; report=/xssProtection.txt
base-44136453c0.css
s1.thcdn.com/www/styles/css/glossybox/rebrand/sharded/ 		267 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.thcdn.com/www/styles/css/glossybox/rebrand/sharded/base-44136453c0.css
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.137.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2068cd44437a5f66add248b70b2170e7dca9e57eafb67c7ffc32d1f3efe95478

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:10 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 13:29:48 GMT
etag
"42ccc-5cf2d5ae2e41f-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=13677321
accept-ranges
bytes
content-length
25474
expires
Tue, 25 Oct 2022 15:26:31 GMT
main.css
www.glossybox.fr/beauty-blog/ 		294 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.glossybox.fr/beauty-blog/main.css
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.149 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
1eb14ccf88039b4293209febfc8a42a50978f7aeb8661f1fe3109da708e2aa1e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 15:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 10:50:55 GMT
age
58891
etag
"49959-5dea6195d9e4b-gzip"
x-frame-options
sameorigin
content-type
text/css
grace
none
content-security-policy
default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
77074
x-xss-protection
1; mode=block; report=/xssProtection.txt
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:10 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1653034270.dop228.am5.t,1653034270.cds294.am5.hn,1653034270.cds007.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
thg-wp-site-feature-plugin-public.js
www.glossybox.fr/beauty-blog/ 		2 KB
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.glossybox.fr/beauty-blog/thg-wp-site-feature-plugin-public.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.149 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
7f05cc47aac0d5ae4916f5e94161a5267ec3cf901b0bfcd7dfb42530e2f4b685
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 15:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 10:50:55 GMT
age
60669
etag
"782-5dea619661c07-gzip"
x-frame-options
sameorigin
content-type
application/javascript
grace
none
content-security-policy
default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
705
x-xss-protection
1; mode=block; report=/xssProtection.txt
jquery.js
www.glossybox.fr/beauty-blog/wp-includes/js/jquery/ 		95 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.glossybox.fr/beauty-blog/wp-includes/js/jquery/jquery.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.149 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 16:53:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 10:50:54 GMT
age
55060
etag
"17a69-5dea61954e3ee-gzip"
x-frame-options
sameorigin
content-type
application/javascript
grace
none
content-security-policy
default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
42759
x-xss-protection
1; mode=block; report=/xssProtection.txt
jquery-migrate.min.js
www.glossybox.fr/beauty-blog/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.glossybox.fr/beauty-blog/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.149 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 16:54:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 10:50:54 GMT
age
55019
etag
"2748-5dea619579b3d-gzip"
x-frame-options
sameorigin
content-type
application/javascript
grace
none
content-security-policy
default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
4444
x-xss-protection
1; mode=block; report=/xssProtection.txt
glossybox.js
www.glossybox.fr/beauty-blog/ 		202 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.glossybox.fr/beauty-blog/glossybox.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.149 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
777fcf3711b4bd59a169a4dcb96d98aa38c2eec5b75e944ad90473e6212a863f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 15:11:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 10:50:54 GMT
age
61180
etag
"ca-5dea61952058f-gzip"
x-frame-options
sameorigin
content-type
application/javascript
grace
none
content-security-policy
default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
158
x-xss-protection
1; mode=block; report=/xssProtection.txt
f49046654ce571364fce4604f1f8a029
secure.gravatar.com/avatar/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/f49046654ce571364fce4604f1f8a029?s=150&d=mm&r=g
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0642d0802d41385c7043c765121927be6fe68b0f113b47ec0d9ec0b64180f2d3

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Fri, 20 May 2022 08:11:11 GMT
last-modified
Wed, 20 Dec 2017 15:26:22 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="f49046654ce571364fce4604f1f8a029.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/f49046654ce571364fce4604f1f8a029?s=150&d=mm&r=g>; rel="canonical"
content-length
7786
expires
Fri, 20 May 2022 08:16:11 GMT
%5EE654FD4C592AC5F8398B15C0D08B5D2A105BDD9C29DE9EC8FE%5Epimgpsh_fullsize_distr-2-1024x661.jpg
www.glossybox.fr/beauty-blog/wp-content/uploads/sites/30/2015/10/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.glossybox.fr/beauty-blog/wp-content/uploads/sites/30/2015/10/%5EE654FD4C592AC5F8398B15C0D08B5D2A105BDD9C29DE9EC8FE%5Epimgpsh_fullsize_distr-2-1024x661.jpg
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.149 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
1417957bc22e5ee7a0b80db85ac116823f2a6a9dd99b35fe0133381c734e12e1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 10:51:07 GMT
age
0
etag
"1a753-5dea61a187de3-gzip"
x-frame-options
sameorigin
content-type
text/html; charset=UTF-8
grace
none
cache-control
no-store
content-security-policy
default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block; report=/xssProtection.txt
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1803254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3980
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-2b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCg9RYhu%2BVkWTKT33vjnNO5NCRE%2F3wfJUvj8%2BfiNt5URXDw4XbM%2Fip82wOItrVqIp6925mKlUHF%2F7Q6NdwWWuM%2FmzyEWb8ITOzKMSmjxpWL5o6U3zhSOtTZFr47gFTIgsLqx04SY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70e399a26c8b975e-AMS
expires
Wed, 10 May 2023 08:11:11 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F2) /
Resource Hash
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 May 2022 08:11:11 GMT
Content-Encoding
gzip
Age
266
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29461
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:06:46 GMT
Server
ECS (frb/67F2)
Etag
"f1369725ba22125b0df0251e74090aa0+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
script.js
www.glossybox.fr/beauty-blog/ 		207 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.glossybox.fr/beauty-blog/script.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.217.104.149 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
cbe3970871e5737091875893cb4c67e20e20a1d38fb7675afeeab94d9c2b3b0d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 15:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 10:50:54 GMT
age
61181
etag
"33b77-5dea6195abfd1-gzip"
x-frame-options
sameorigin
content-type
application/javascript
grace
none
content-security-policy
default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
80691
x-xss-protection
1; mode=block; report=/xssProtection.txt
css
fonts.googleapis.com/ 		702 B
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=News+Cycle
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
c336a6c3571e7e0bfb5df7c9b54677fadb85f5193607e9691be8750bce53ca0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 May 2022 08:11:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 20 May 2022 08:11:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 May 2022 08:11:10 GMT
Playfair+Display
fonts.google.com/specimen/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.google.com/specimen/Playfair+Display
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ 		359 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N256MSB
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
42aa39ed38d1a8624ff3675c01eead9181e97dc794cc6d758bfb8ada15f906a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104101
x-xss-protection
0
last-modified
Fri, 20 May 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 20 May 2022 08:11:11 GMT
css2
fonts.googleapis.com/ 		1 KB
432 B 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins&display=swap
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.glossybox.fr/
Origin
https://www.glossybox.fr
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 May 2022 07:27:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 20 May 2022 08:11:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 May 2022 08:11:11 GMT
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b17ffec30bd8f893d8edd9c383a721ceb4d7fe72414389e193ca1a151d74dce4

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
thg-blog-icons.woff2
s1.thcdn.com/fe/fonts/whitelabel/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.thcdn.com/fe/fonts/whitelabel/thg-blog-icons.woff2
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.137.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
10d2e0e0a31cec3ebd98b81be6a923cbc5a89c4a03be3dd1b4c5b473812bc410

Request headers

Referer
https://www.glossybox.fr/
Origin
https://www.glossybox.fr
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:11 GMT
last-modified
Thu, 19 Nov 2020 16:48:30 GMT
etag
"1294-5b4787f73056c"
access-control-allow-origin
*
cache-control
max-age=16108389
accept-ranges
bytes
content-length
4756
expires
Tue, 22 Nov 2022 18:44:20 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v12/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v12/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.glossybox.fr/
Origin
https://www.glossybox.fr
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 May 2022 18:12:45 GMT
x-content-type-options
nosniff
age
309506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Mon, 20 Jul 2020 19:24:31 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 16 May 2023 18:12:45 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
defdcf6ddedcab633789faaf667721857984f1399f0d43a2722f1600f750865f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Vcie7D3JbyVuKemS4w6WUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 20 May 2022 08:28:51 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
xDSkCpvn9JEd/v3QrXmhbC8GYc68RfNkrPdLSs+e0Yxxcw71e8kEtQA8FkVBIfDAF24pgi4DEhpLpfHnaLELmw==
x-fb-trip-id
917726464
x-fb-content-md5
aab8dcccaf505a25080776f0766cf924
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 20 May 2022 08:11:11 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e2cd125edee06176e96078a8e9d74c84"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html
platform.twitter.com/widgets/ Frame A40B 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.glossybox.fr
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://www.glossybox.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
388922
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Fri, 20 May 2022 08:11:11 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Sun, 15 May 2022 20:03:39 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6776)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7610M88F1D&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N256MSB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fe5eea886520459b06e9bdaa450f952c4d27449428d13563d4d8168f5bff30a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69616
x-xss-protection
0
expires
Fri, 20 May 2022 08:11:11 GMT
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6YRZFS1H0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N256MSB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6d6818466ffbc084d6343769bd1fec32b80f725b356c87c020016c67201d51f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69564
x-xss-protection
0
expires
Fri, 20 May 2022 08:11:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
s7Fh29dDc9lRTjU8XjNT3CcW0RsrxpLQDv3RD0AyYZu90gUtG74alZGpdntgbTeoDSD4HBzu6Awq3G8mT7kWdQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 20 May 2022 08:11:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BAA161C606FA489D8D7348F53770CC43 Ref B: AMS04EDGE2019 Ref C: 2022-05-20T08:11:12Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Fri, 20 May 2022 08:11:11 GMT
accept-ranges
bytes
content-length
11333
blogs
csp.thehut.net/ 		0
75 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.thehut.net/blogs
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.217.104.194 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.glossybox.fr/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Fri, 20 May 2022 08:11:11 GMT
Content-Length
0
events.js
analytics.tiktok.com/i18n/pixel/ 		0
0
settings
syndication.twitter.com/ Frame A40B 		278 B
460 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=b5563d6407ab892be441d9b1b7e7f681d6cfbe24
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.glossybox.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
105
date
Fri, 20 May 2022 08:11:11 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2022 08:11:11 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
2ccf2d7314a47e70c9bd9f4df23f300ce6635942581c59d0005fe1f89cfcb854
content-length
179
sdk.js
connect.facebook.net/en_US/ 		286 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=36609eb78b25fc5733fd9cc597bb03fd
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
3ee7fb1d1804132d66ab6db78191e0bc0181907e4bf0c86bcda5be5d8b353e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.glossybox.fr/
Origin
https://www.glossybox.fr
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Q9CjwuM0MNA4rxT75ClflA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 20 May 2023 07:04:37 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
83756
x-fb-rlafr
0
x-fb-debug
VOuYC0zNqV5jP3Eb1fkfe84b1pfaSpnrz1Hjb7OCynraX1we36nE7L6zxpbTooPaFuutnnhScq9OyAFm2sQKsg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
2c4e2002e98934f91e9f4369f5acd784
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 20 May 2022 08:11:11 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"84fbd27a6f497a703a2bfce436dba24c"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
916733185561598
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/916733185561598?v=2.9.60&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
b9c1ad4b05aebd7d2424349faf5530b24c0e1a512c0e868cb7d2147b35e3e7d9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88778
x-xss-protection
0
pragma
public
x-fb-debug
gkchoRMAkoLUn20aTsYKF/RVhrJbrDrR3Kkl5hvb2Wf8Q9QQaLjUmCgCOgTxZDVsSFP6MNWeQZdY+edFDsMRnw==
x-frame-options
DENY
date
Fri, 20 May 2022 08:11:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
blogs
csp.thehut.net/ 		0
75 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.thehut.net/blogs
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7610M88F1D&l=dataLayer&cx=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.217.104.194 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.glossybox.fr/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Fri, 20 May 2022 08:11:11 GMT
Content-Length
0
collect
stats.g.doubleclick.net/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7610M88F1D&cid=269713010.1653034272&gtm=2oe5b0&aip=1&uid=Get%20User%20ID
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7610M88F1D&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 May 2022 08:11:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.glossybox.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
196 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6YRZFS1H0&gtm=2oe5b0&_p=1898189408&_z=ccd.tbB&cid=269713010.1653034272&ul=en-us&sr=1600x1200&_s=1&uid=Get%20User%20ID&sid=1653034271&sct=1&seg=0&dl=https%3A%2F%2Fwww.glossybox.fr%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F&dt=Cosm%C3%A9tique%20Gourmande%20-%20GLOSSYBOX&en=page_view&_fv=1&_ss=1&up.locale=fr_FR&up.site_name=GLOSSYBOX&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y6YRZFS1H0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 May 2022 08:11:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.glossybox.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=916733185561598&ev=PageView&dl=https%3A%2F%2Fwww.glossybox.fr%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F&rl=&if=false&ts=1653034272186&cd[site_name]=GLOSSYBOX&cd[locale]=fr_FR&sw=1600&sh=1200&v=2.9.60&r=stable&a=thg_1.0&ec=0&o=30&fbp=fb.1.1653034272185.301898098&it=1653034271726&coo=false&exp=p1&rqm=GET
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 20 May 2022 08:11:12 GMT
15042870.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/15042870.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0184090DFF76416D81A6186321BA0D32 Ref B: AMS04EDGE2019 Ref C: 2022-05-20T08:11:12Z
date
Fri, 20 May 2022 08:11:11 GMT
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=15042870&Ver=2&mid=d24204c0-9192-46c4-a011-f507a15bf0a0&sid=69837500d81411eca2a7fd6853b056ac&vid=6983a280d81411ec8781399262dc5a88&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cosm%C3%A9tique%20Gourmande%20-%20GLOSSYBOX&p=https%3A%2F%2Fwww.glossybox.fr%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F&r=&lt=1700&evt=pageLoad&msclkid=N&sv=1&rn=542575
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7AE9757B3AC747B18BDC9372C3D10BC5 Ref B: AMS04EDGE2019 Ref C: 2022-05-20T08:11:12Z
date
Fri, 20 May 2022 08:11:11 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=15042870&Ver=2&mid=d24204c0-9192-46c4-a011-f507a15bf0a0&sid=69837500d81411eca2a7fd6853b056ac&vid=6983a280d81411ec8781399262dc5a88&vids=0&pagetype=other&evt=custom&msclkid=N&rn=170670
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C6827A393F6645928FEA2EF845F27875 Ref B: AMS04EDGE2019 Ref C: 2022-05-20T08:11:12Z
date
Fri, 20 May 2022 08:11:11 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
7301.js
www.dwin1.com/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/7301.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N256MSB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-87.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c94685fe3000c13abf5718deeb185fc0ae910ca0c34228786c94c1c8efd325c

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PPwqLGRHO7Eh8X4cV.rhT1rSZUjnNVB9
content-encoding
gzip
etag
W/"a43689999aa3e09d3a5f4cb27048c8e3"
age
381
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Mon, 16 May 2022 08:24:15 GMT
server
AmazonS3
date
Fri, 20 May 2022 08:04:52 GMT
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
cache-control
max-age=600, s-maxage=600
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
Qyw4aGk6fuwkHnmy5Xy3ToOdUog9chLc1-5VF3kg1Y9pPXrQqStkXw==
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N256MSB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
86043a30e8dbbe9b550bea53cb747d55f0b2189c61210be5a70d5fd424a87c36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14854
x-xss-protection
0
server
cafe
etag
494047692290731740
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 20 May 2022 08:11:12 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N256MSB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2186
date
Fri, 20 May 2022 07:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 20 May 2022 09:34:46 GMT
uwt.js
static.ads-twitter.com/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.glossybox.fr
URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d217d238f3f2648014fb12906dca5366954ffa6256d160726190d9e0e9c8376a

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:12 GMT
content-encoding
gzip
last-modified
Wed, 18 May 2022 18:29:11 GMT
etag
"39dd6daafb219ee61305f13521c2d060+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
14051
x-served-by
cache-iad-kiad7000091-IAD, cache-hhn11525-HHN
loader.js
s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N256MSB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.137.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d7116b375f21870f3861348e734bb99bd75c60281b36257305b1c313721a2ec9

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:12 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:39:10 GMT
etag
"954-5dc71d5352b80-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=313449278
accept-ranges
bytes
content-length
1006
expires
Sun, 25 Apr 2032 05:25:50 GMT
tags
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/tags?type=img&id=pr_DmcQiC8rKYDoxRAD6arO&ncm=1&id=pr_DmcQiC8rKYDoxRAD6arO_uid_undefined
  • https://creativecdn.com/tags?type=img&id=pr_DmcQiC8rKYDoxRAD6arO&ncm=1&id=pr_DmcQiC8rKYDoxRAD6arO_uid_undefined&tc=1
42 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/tags?type=img&id=pr_DmcQiC8rKYDoxRAD6arO&ncm=1&id=pr_DmcQiC8rKYDoxRAD6arO_uid_undefined&tc=1
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 May 2022 08:11:12 GMT, Fri, 20 May 2022 08:11:12 GMT
vary
Origin
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 20 May 2022 08:11:12 GMT
access-control-allow-origin
*
vary
Origin
access-control-allow-methods
GET, POST
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://creativecdn.com/tags?type=img&id=pr_DmcQiC8rKYDoxRAD6arO&ncm=1&id=pr_DmcQiC8rKYDoxRAD6arO_uid_undefined&tc=1
access-control-max-age
3600
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame 5D41 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.glossybox.fr
Referer
https://www.glossybox.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.glossybox.fr
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 08:11:12 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
tag-data.js
s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/tag-data.js
Requested by
Host: s1.thcdn.com
URL: https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.137.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d833975a4cf7bf9c9704d799427dcce2f1bfd8ca8a5751ed3ab1a921a8fb36b7

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:12 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:39:10 GMT
etag
"133a-5dc71d5352b80-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=313449179
accept-ranges
bytes
content-length
1413
expires
Sun, 25 Apr 2032 05:24:11 GMT
tag-resources.js
s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/tag-resources.js
Requested by
Host: s1.thcdn.com
URL: https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.137.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
481f8efcb38bdeee9e185a6065eeb1c0adae7896a08dadf3fd847c721434146c

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:12 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:39:10 GMT
etag
"9f1-5dc71d5352b80-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=313449200
accept-ranges
bytes
content-length
1070
expires
Sun, 25 Apr 2032 05:24:32 GMT
tag-custom-scripts.js
s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/tag-custom-scripts.js
Requested by
Host: s1.thcdn.com
URL: https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.137.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
758fad4e82ddc69892e3e3e16c694b707853113cab3626dd0e18b2ee9efd7fad

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:13 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:39:10 GMT
etag
"fc8-5dc71d5352b80-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=313449245
accept-ranges
bytes
content-length
1330
expires
Sun, 25 Apr 2032 05:25:18 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-56952874-1&cid=269713010.1653034272&jid=1999377729&gjid=530464965&_gid=67116677.1653034273&_u=YCDAgEABAAAAAE~&z=1014703273
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.glossybox.fr/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 20 May 2022 08:11:13 GMT
content-type
text/plain
access-control-allow-origin
https://www.glossybox.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43127409-5&cid=269713010.1653034272&jid=263513524&gjid=1406746220&_gid=67116677.1653034273&_u=YCDAgEABAAAAAE~&z=1892232792
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.glossybox.fr/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 20 May 2022 08:11:13 GMT
content-type
text/plain
access-control-allow-origin
https://www.glossybox.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1898189408&t=pageview&_s=1&dl=https%3A%2F%2Fwww.glossybox.fr%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F&dr=&ul=en-us&de=UTF-8&dt=Cosm%C3%A9tique%20Gourmande%20-%20GLOSSYBOX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEAB~&jid=1999377729&gjid=530464965&cid=269713010.1653034272&tid=UA-56952874-1&_gid=67116677.1653034273&gtm=2wg5b0N256MSB&cd1=GTM-N256MSB&cd2=157&cd4=GLOSSYBOX&cd6=fr_FR&cd7=EUR&cd10=other&cd34=empty&cd39=idyj950fksal8&cd42=organic&z=2037216541
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 May 2022 21:42:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37718
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1898189408&t=pageview&_s=1&dl=https%3A%2F%2Fwww.glossybox.fr%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F&dr=&ul=en-us&de=UTF-8&dt=Cosm%C3%A9tique%20Gourmande%20-%20GLOSSYBOX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAE~&jid=263513524&gjid=1406746220&cid=269713010.1653034272&tid=UA-43127409-5&_gid=67116677.1653034273&gtm=2wg5b0N256MSB&cd1=GTM-N256MSB&cd2=157&cd6=fr_FR&cd19=0.07087943516848072_1653034272616&z=207317666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 May 2022 21:42:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37718
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1898189408&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.glossybox.fr%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F&dr=&ul=en-us&de=UTF-8&dt=Cosm%C3%A9tique%20Gourmande%20-%20GLOSSYBOX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F&el=25&_u=YCDAgEABAAAAAE~&jid=&gjid=&cid=269713010.1653034272&tid=UA-43127409-5&_gid=67116677.1653034273&gtm=2wg5b0N256MSB&cd1=GTM-N256MSB&cd2=157&cd6=fr_FR&cd19=0.07087943516848072_1653034272616&z=155750103
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 May 2022 21:42:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37718
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/980606454/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980606454/?random=1653034272990&cv=9&fst=1653034272990&num=1&label=NDYHCPb7zncQ9rvL0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&ig=1&data=ecomm_pagetype%3Dother%3Becomm_totalvalue%3Dother&frm=0&url=https%3A%2F%2Fwww.glossybox.fr%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F&tiba=Cosm%C3%A9tique%20Gourmande%20-%20GLOSSYBOX&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7c2e9cc62690a66d58807b0b71fb352b1d36a7dd7a676678647799f9f4e12f50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 May 2022 08:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1123
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.12&p_id=Twitter&p_user_id=0&txn_id=nxdu0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=67a3755a-caab-42af-a172-9ee8bdee4f39&tw_document_href=https%3A%2F%2Fwww.glossybox.fr%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
104
date
Fri, 20 May 2022 08:11:12 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
f584577735b6adb15f5b91fb2b7f3da7bfa8186cbd685411a5487d866cfdebd9
content-length
43
adsct
t.co/i/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.12&p_id=Twitter&p_user_id=0&txn_id=nxdu0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=67a3755a-caab-42af-a172-9ee8bdee4f39&tw_document_href=https%3A%2F%2Fwww.glossybox.fr%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
104
date
Fri, 20 May 2022 08:11:13 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
7c2b3facb7a4f38f64b644d55bcef82b7f6251f2445228ff7eff3102aa6b2287
content-length
43
tag-script.js
s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/ 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/tag-script.js
Requested by
Host: s1.thcdn.com
URL: https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.137.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
96059d2de6cc97ab949815d74040e397af7f792a3ea4ef43a201ebc2e62dd775

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:11:13 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:39:10 GMT
etag
"f0de-5dc71d5352b80-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=313449247
accept-ranges
bytes
content-length
20887
expires
Sun, 25 Apr 2032 05:25:20 GMT
blogs
csp.thehut.net/ 		0
75 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.thehut.net/blogs
Requested by
Host: s1.thcdn.com
URL: https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/tag-script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.217.104.194 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.glossybox.fr/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Fri, 20 May 2022 08:11:13 GMT
Content-Length
0
dW5kZWZpbmVk
ipb.smct.co/check/3673/ 		0
0
blogs
csp.thehut.net/ 		0
75 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.thehut.net/blogs
Requested by
Host: s1.thcdn.com
URL: https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/tag-script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.217.104.194 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.glossybox.fr/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Fri, 20 May 2022 08:11:12 GMT
Content-Length
0
/
smct.co/tm/data/ 		0
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43127409-5&cid=269713010.1653034272&jid=263513524&_u=YCDAgEABAAAAAE~&z=986680627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 May 2022 08:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/980606454/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/980606454/?random=1653034272990&cv=9&fst=1653033600000&num=1&label=NDYHCPb7zncQ9rvL0wM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&data=ecomm_pagetype%3Dother%3Becomm_totalvalue%3Dother&frm=0&url=https%3A%2F%2Fwww.glossybox.fr%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F&tiba=Cosm%C3%A9tique%20Gourmande%20-%20GLOSSYBOX&async=1&fmt=3&is_vtc=1&random=2655847229&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.glossybox.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 May 2022 08:11:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=undefined&lib=ttq
Domain
ipb.smct.co
URL
https://ipb.smct.co/check/3673/dW5kZWZpbmVk
Domain
smct.co
URL
https://smct.co/tm/data/?data=1&t=glossybox.fr

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| dataLayer object| tesseract_ajax object| excluded_categories object| html5 object| Modernizr object| __twttrll object| twttr object| __twttr object| tesseract object| asgard object| date_format object| jarvis function| AccordionClass function| moment function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded function| Tether number| uidEvent object| bootstrap object| jQuery11240463089317680637 object| google_tag_manager function| postscribe object| google_tag_manager_external undefined| searchResults object| google_tag_data function| fbq function| _fbq function| liveChatPush object| button object| popup object| uetq string| TiktokAnalyticsObject object| ttq object| FB function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_c40f241330 string| GoogleAnalyticsObject function| ga object| _uxa function| twq function| closeBadge object| $smcStaticLoader object| $smctData object| $smctResources object| gaplugins object| gaData function| _UA-56952874-1_sendHitTask function| _UA-43127409-5_sendHitTask function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| regeneratorRuntime object| AWIN function| $smcCallCustomScripts object| $smcT5

22 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=FnX-xxlF3xWgTuFixS2YXQ9dRUvT8nTA8MlSoX6Icj3jZ9bcdj1ZLBk10h5G2kJSM0JLB8lNX-01umSt-5RpU4w5BlpxW_Ld6ZyoQtKIbQ0grRIg5JkUmFYLXaGDkt1oOCtzaAI41YGUnvLmevObv9qvZ2oT92ZyQgsd2gqlTcw
.glossybox.fr/ Name: _gcl_au
Value: 1.1.560257704.1653034272
.glossybox.fr/ Name: _ga_7610M88F1D
Value: GS1.1.1653034271.1.0.1653034271.60
.glossybox.fr/ Name: _ga_Y6YRZFS1H0
Value: GS1.1.1653034271.1.0.1653034271.0
.glossybox.fr/ Name: _fbp
Value: fb.1.1653034272185.301898098
.bing.com/ Name: MUID
Value: 2576743AE6EC69AA301B6590E74F68BA
.glossybox.fr/ Name: _uetsid
Value: 69837500d81411eca2a7fd6853b056ac
.glossybox.fr/ Name: _uetvid
Value: 6983a280d81411ec8781399262dc5a88
www.glossybox.fr/ Name: thgUserId
Value: undefined
www.glossybox.fr/ Name: gaVisitId
Value: idyj950fksal8
www.glossybox.fr/ Name: isCustomer
Value: undefined
www.glossybox.fr/ Name: customerType
Value: undefined
.glossybox.fr/ Name: _cs_mk_ga
Value: 0.07087943516848072_1653034272616
.creativecdn.com/ Name: u
Value: TlnUzQtTFpOxFSI799Of
.creativecdn.com/ Name: ts
Value: 1653034272
.glossybox.fr/ Name: _ga
Value: GA1.2.269713010.1653034272
.glossybox.fr/ Name: _gid
Value: GA1.2.67116677.1653034273
.glossybox.fr/ Name: _dc_gtm_UA-56952874-1
Value: 1
.glossybox.fr/ Name: _dc_gtm_UA-43127409-5
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.t.co/ Name: muc_ads
Value: 4c73a14b-de43-4087-bfac-5a38bc149f31
.twitter.com/ Name: personalization_id
Value: "v1_KLSzlkYqowJ1GcFzDFASGg=="

15 Console Messages

Source Level URL
Text
network error URL: https://www.glossybox.fr/beauty-blog/wp-content/uploads/sites/30/2015/10/%5EE654FD4C592AC5F8398B15C0D08B5D2A105BDD9C29DE9EC8FE%5Epimgpsh_fullsize_distr-2-1024x661.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Message:
Failed to decode downloaded font: https://fonts.googleapis.com/css2?family=Poppins&display=swap
other warning URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Message:
OTS parsing error: invalid sfntVersion: 791289956
other warning URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Message:
Failed to decode downloaded font: https://fonts.googleapis.com/css2?family=Poppins&display=swap
other warning URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Message:
OTS parsing error: invalid sfntVersion: 791289956
other warning URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Message:
Failed to decode downloaded font: https://fonts.googleapis.com/css2?family=Poppins&display=swap
other warning URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Message:
OTS parsing error: invalid sfntVersion: 791289956
other warning URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Message:
Failed to decode downloaded font: https://fonts.googleapis.com/css2?family=Poppins&display=swap
other warning URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/
Message:
OTS parsing error: invalid sfntVersion: 791289956
other warning URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/(Line 1205)
Message:
Failed to decode downloaded font: https://fonts.googleapis.com/css2?family=Poppins&display=swap
other warning URL: https://www.glossybox.fr/beauty-blog/2015/10/20/cosmetique-gourmande-2/(Line 1205)
Message:
OTS parsing error: invalid sfntVersion: 791289956
security error (Line 1)
Message:
Refused to load the script 'https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=undefined&lib=ttq' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-7610M88F1D&l=dataLayer&cx=c(Line 50)
Message:
Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-7610M88F1D&gtm=2oe5b0&_p=1898189408&_z=ccd.tfB&_gaz=1&cid=269713010.1653034272&ul=en-us&sr=1600x1200&_s=1&uid=Get%20User%20ID&sid=1653034271&sct=1&seg=0&dt=Cosm%C3%A9tique%20Gourmande%20-%20GLOSSYBOX&dl=https%3A%2F%2Fwww.glossybox.fr%2Fbeauty-blog%2F2015%2F10%2F20%2Fcosmetique-gourmande-2%2F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_locale=fr_FR&up.locale=fr_FR&up.site_name=GLOSSYBOX&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36' because it violates the following Content Security Policy directive: "connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com".
security error URL: https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/tag-script.js(Line 2)
Message:
Refused to connect to 'https://ipb.smct.co/check/3673/dW5kZWZpbmVk' because it violates the following Content Security Policy directive: "connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com".
security error URL: https://s1.thcdn.com/design-assets/smarter-click/glossybox/fr/glossybox.fr-1616/tag-script.js(Line 2)
Message:
Refused to connect to 'https://smct.co/tm/data/?data=1&t=glossybox.fr' because it violates the following Content Security Policy directive: "connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; connect-src https://*.thcdn.com https://asgard.thehut.net https://cpwidgets.thehut.net https://cdn.ampproject.org https://bat.bing.com https://www.facebook.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.google-analytics.com https://ampcid.google.com https://adservice.google.com https://the.sciencebehindecommerce.com https://sf-hs-sg.ibytedtos.com; font-src 'self' https://blogscdn.thehut.net https://fonts.gstatic.com https://fonts.googleapis.com https://*.thcdn.com; form-action 'self' https://tr.snapchat.com https://connect.facebook.net https://www.facebook.com https://syndication.twitter.com; child-src 'self' https://woobox.com https://open.spotify.com https://www.tiktok.com https://widget.trustpilot.com https://gum.criteo.com https://static.criteo.net https://platform.twitter.com https://syndication.twitter.com https://www.facebook.com https://www.instagram.com https://www.youtube.com https://vimeo.com https://tr.snapchat.com https://*.doubleclick.net; img-src https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.ampproject.org https://blogscdn.thehut.net https://*.thcdn.com https://cdn.woobox.com https://analytics.twitter.com/ https://bat.bing.com https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js https://code.jquery.com/jquery-3.6.0.min.js https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://sc-static.net https://sslwidget.criteo.com https://widget.eu.criteo.com https://static.criteo.net https://static.ads-twitter.com https://www.dwin1.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.googleadservices.com https://www.instagram.com https://www.tiktok.com https://s16.tiktokcdn.com; style-src 'self' 'unsafe-inline' https://blogscdn.thehut.net https://*.thcdn.com https://fonts.google.com https://fonts.googleapis.com https://s16.tiktokcdn.com; frame-ancestors 'self'; media-src 'self'; object-src 'none'; worker-src blob: 'self'; upgrade-insecure-requests; report-uri https://csp.thehut.net/blogs
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=/xssProtection.txt

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
analytics.twitter.com
bat.bing.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
creativecdn.com
csp.thehut.net
fonts.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipb.smct.co
platform.twitter.com
s1.thcdn.com
secure.gravatar.com
smct.co
static.ads-twitter.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
www.dwin1.com
www.facebook.com
www.glossybox.fr
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
analytics.tiktok.com
ipb.smct.co
smct.co
104.17.25.14
104.244.42.67
104.244.42.69
104.244.42.8
104.90.137.99
108.157.4.87
142.250.185.106
142.250.185.110
142.250.185.200
142.250.185.228
142.250.186.34
142.250.186.67
157.240.236.1
157.240.236.35
172.217.18.98
185.184.8.90
185.217.104.149
185.217.104.194
192.0.73.2
199.232.136.157
204.79.197.200
69.16.175.42
74.125.133.154
93.184.220.66
0642d0802d41385c7043c765121927be6fe68b0f113b47ec0d9ec0b64180f2d3
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
10d2e0e0a31cec3ebd98b81be6a923cbc5a89c4a03be3dd1b4c5b473812bc410
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1417957bc22e5ee7a0b80db85ac116823f2a6a9dd99b35fe0133381c734e12e1
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1eb14ccf88039b4293209febfc8a42a50978f7aeb8661f1fe3109da708e2aa1e
1f70155e13733ac4d343295b69ef6c33152cfbe26d98c3336629fccd726f44ad
2068cd44437a5f66add248b70b2170e7dca9e57eafb67c7ffc32d1f3efe95478
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
3ee7fb1d1804132d66ab6db78191e0bc0181907e4bf0c86bcda5be5d8b353e64
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
42aa39ed38d1a8624ff3675c01eead9181e97dc794cc6d758bfb8ada15f906a1
43f1deb9da8249ce4b57d0542232b8285a6e626427a8ca9022d9ed7574a1206d
481f8efcb38bdeee9e185a6065eeb1c0adae7896a08dadf3fd847c721434146c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
585a3bbd677674eb52c9b0a8efda08ea0d58fecd899ff20a144436726a87baec
5c94685fe3000c13abf5718deeb185fc0ae910ca0c34228786c94c1c8efd325c
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d6818466ffbc084d6343769bd1fec32b80f725b356c87c020016c67201d51f1
758fad4e82ddc69892e3e3e16c694b707853113cab3626dd0e18b2ee9efd7fad
777fcf3711b4bd59a169a4dcb96d98aa38c2eec5b75e944ad90473e6212a863f
7c2e9cc62690a66d58807b0b71fb352b1d36a7dd7a676678647799f9f4e12f50
7f05cc47aac0d5ae4916f5e94161a5267ec3cf901b0bfcd7dfb42530e2f4b685
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
86043a30e8dbbe9b550bea53cb747d55f0b2189c61210be5a70d5fd424a87c36
96059d2de6cc97ab949815d74040e397af7f792a3ea4ef43a201ebc2e62dd775
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
b17ffec30bd8f893d8edd9c383a721ceb4d7fe72414389e193ca1a151d74dce4
b9c1ad4b05aebd7d2424349faf5530b24c0e1a512c0e868cb7d2147b35e3e7d9
c336a6c3571e7e0bfb5df7c9b54677fadb85f5193607e9691be8750bce53ca0e
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cbe3970871e5737091875893cb4c67e20e20a1d38fb7675afeeab94d9c2b3b0d
d217d238f3f2648014fb12906dca5366954ffa6256d160726190d9e0e9c8376a
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
d7116b375f21870f3861348e734bb99bd75c60281b36257305b1c313721a2ec9
d833975a4cf7bf9c9704d799427dcce2f1bfd8ca8a5751ed3ab1a921a8fb36b7
defdcf6ddedcab633789faaf667721857984f1399f0d43a2722f1600f750865f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2b0717ca3f3b73a1883be014c78dde37842662c497c1702b75dd1b724305d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe5eea886520459b06e9bdaa450f952c4d27449428d13563d4d8168f5bff30a3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e