connection: |
close |
expires: |
Thu, 01 Jan 1970 00:00:00 GMT |
content-type: |
text/html;charset=UTF-8 |
referrer-policy: |
unsafe-url |
x-content-type-options: |
nosniff |
accept-ranges: |
bytes |
cache-control: |
private, max-age=0, no-cache, no-store, must-revalidate |
via: |
1.1 varnish, 1.1 varnish, 1.1 varnish |
content-security-policy: |
child-src 'self' https://www.googletagmanager.com https://*.liveperson.net https://cdn.appdynamics.com https://*.lpsnmedia.net https://www.facebook.com https://connect.facebook.net https://*.google.com https://widget.trustpilot.com https://*.doubleclick.net https://www.youtube.com https://static.criteo.net https://*.criteo.com https://wb.messengerpeople.com https://pay.google.com https://*.hotjar.com https://*.akamaihd.net https://*.attn.tv https://*.recaptcha.net https://isitetv.com https://*.translate.naver.net https://ln-rules.rewardstyle.com https://tr.snapchat.com https://www.shoplooks.com https://tpc.googlesyndication.com blob: https://*.abtasty.com https://app.qubit.com https://ams.creativecdn.com; connect-src 'self' https://*.thcdn.com https://*.ingest.sentry.io https://*.pingdom.net https://*.doubleclick.net https://*.google-analytics.com https://capture.trackjs.com https://fp.zenaps.com https://www.facebook.com https://*.google.com https://*.thehut.net https://privacyportal-eu.onetrust.com https://geolocation.onetrust.com https://cdn.cookielaw.org wss://*.liveperson.net https://*.liveperson.net https://*.lpsnmedia.net https://ct.pinterest.com https://services.postcodeanywhere.co.uk https://*.akamaihd.net https://*.sciencebehindecommerce.com https://*.googleapis.com https://translate.yandex.net https://*.hotjar.com wss://*.hotjar.com https://*.trustpilot.com https://*.pinterest.com https://*.bing.com https://*.doubleclick.net https://connect.facebook.net https://*.baidu.com https://ampcid.google.nl https://*.parcellab.com https://tr.snapchat.com https://privacyportal-eu.onetrust.com https://*.contentsquare.net https://*.criteo.com https://analytics.tiktok.com https://*.abtasty.com https://*.qubit.com https://*.qubitproducts.com https://horizon-api.www.lookfantastic.nl https://sgtm.lookfantastic.nl https://ams.creativecdn.com; font-src 'self' data: https://*.thcdn.com https://fp.zenaps.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://static.thgcdn.cn blob: data: https://*.abtasty.com https://*.gstatic.com https://*.googleapis.com; form-action 'self' https://www.facebook.com https://www.lookfantastic.nl https://m.lookfantastic.nl https://checkout.lookfantastic.nl https://connect.facebook.net https://www.glossybox.at https://www.glossybox.ch https://www.glossybox.co.uk https://www.glossybox.com https://www.glossybox.de https://www.glossybox.fi https://www.glossybox.fr https://www.glossybox.ie https://www.glossybox.no https://www.glossybox.se https://www.glossybox.dk https://tr.snapchat.com; img-src 'self' data: https://*.thcdn.com https://col.eum-appdynamics.com https://usage.trackjs.com https://*.lpsnmedia.net https://*.doubleclick.net https://www.google-analytics.com https://*.google.com https://cx.atdmt.com https://www.zenaps.com https: blob:; media-src 'self' https://*.thcdn.com https://*.lpsnmedia.net blob: https://static.thgcdn.cn; object-src 'self' https://*.thcdn.com https://www.youtube.com; report-uri https://csp.thehut.net/cspReport.txt; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: https://*.thcdn.com https://*.thehut.net https://rum-static.pingdom.net https://*.liveperson.net https://*.lpsnmedia.net https://*.doubleclick.net https://static.cdn-apple.com https://*.liveperson.com https://geolocation.onetrust.com https://cdn.cookielaw.org https://cdn.parcellab.com https://google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://fp.zenaps.com https://www.youtube.com https://www.google-analytics.com https://*.google.com https://connect.facebook.net https://bat.bing.com https://widget.trustpilot.com https://s.ytimg.com https://www.googletagservices.com https://*.googleapis.com https://www.facebook.com https://www.googleadservices.com https://www.gstatic.com https://www.dwin1.com https://cdn.trackjs.com https://seal.digicert.com https://static.criteo.net https://*.criteo.com https://*.recaptcha.net https://*.sciencebehindecommerce.com https://*.microsofttranslator.com https://*.hotjar.com https://*.akamaihd.net https://*.attn.tv https://*.trustpilot.com https://*.translate.naver.net https://*.bing.com https://*.doubleclick.net https://ln-rules.rewardstyle.com https://*.google-analytics.com https://static.ads-twitter.com https://*.baidu.com https://sc-static.net https://*.google.co.uk https://google.co.uk https://*.shoplooks.com https://slooks.top https://slooks.me https://lantern.roeyecdn.com https://lantern.roeye.com https://static.thgcdn.cn https://tpc.googlesyndication.com https://geolocation.onetrust.com https://*.contentsquare.net https://app.contentsquare.com https://analytics.tiktok.com https://*.ibytedtos.com blob: https://*.abtasty.com https://static.goqubit.com https://*.qubit.com https://sgtm.lookfantastic.nl https://tags.creativecdn.com; style-src 'self' 'unsafe-inline' https://*.thcdn.com https://*.google.com https://*.googleapis.com https://fp.zenaps.com https://cdnjs.cloudflare.com https://www.googletagmanager.com https://*.lpsnmedia.net https://*.liveperson.net https://*.googleapis.com https://*.translate.naver.net https://*.microsofttranslator.com https://www.shoplooks.com https://static.shoplooks.com https://static.thgcdn.cn https://cdn.parcellab.com; upgrade-insecure-requests; report-to report-endpoint |
set-cookie: |
JSESSIONID=05D6346546D72DA69D0FB13B1DBF4E5F; Path=/; Secure; HttpOnly; SameSite=Lax,chumewe_user=5cc9bb76-2c4e-433e-8d3c-e9b4408aa521; Version=1; Domain=.lookfantastic.nl; Path=/; Max-Age=157784630; Expires=Tue, 02-Oct-2029 14:04:55 GMT; SameSite=None; Secure,chumewe_sess=c3cc7243-b677-4b8e-a7ee-96b5a530a993; Version=1; Domain=.lookfantastic.nl; Path=/; Max-Age=14400; Expires=Wed, 02-Oct-2024 13:01:05 GMT; SameSite=None; Secure,locale_V6=nl_NL; Version=1; Domain=.lookfantastic.nl; Path=/; Max-Age=31556926; Expires=Thu, 02-Oct-2025 14:49:51 GMT; SameSite=None; Secure,csrf_token=73370940570530081396; Version=1; Path=/; SameSite=None; HttpOnly; Secure,NSC_mc_wtsw_efgbvmu_xfctsw_8010_H=4afda3da0306f3096a2b8564951ea2d3667a4b8b5f90d9380107d8b05fc4f9798f40f0d8;expires=Wed, 02-Oct-2024 12:01:05 GMT;path=/;secure;httponly |
pragma: |
no-cache |
x-frame-options: |
SAMEORIGIN |
report-to: |
{"group":"report-endpoint","max_age":86400,"endpoints":[{"url":"https://csp.thehut.net/cspReport.txt","priority":1,"weight":1}],"include_subdomains":true} |
x-timer: |
S1727859665.419668,VS0,VE227 |
date: |
Wed, 02 Oct 2024 09:01:05 GMT |
x-served-by: |
cache-lon4241-LON, cache-lon420087-LON, cache-ams21061-AMS |
x-cache: |
MISS, MISS, MISS |
x-cache-hits: |
0, 0, 0 |
vary: |
accept-encoding |
strict-transport-security: |
max-age=31557600 |
alt-svc: |
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 |
transfer-encoding: |
chunked |
|