urlscan.io logo urlscan.io
SecurityTrails logo

www.thebodyshop.com Open in urlscan Pro
23.77.14.240  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.thebodyshop.com/en-sg/
Submission: On April 13 via api from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 2 domains to perform 41 HTTP transactions. The main IP is 23.77.14.240, located in Hong Kong, Hong Kong and belongs to AKAMAI-AS, US. The main domain is www.thebodyshop.com. The Cisco Umbrella rank of the primary domain is 593938.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 25th 2024. Valid for: a year.
This is the only time www.thebodyshop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34 23.77.14.240 16625 (AKAMAI-AS)
2 40.68.160.59 8075 (MICROSOFT...)
1 125.56.219.17 20940 (AKAMAI-ASN1)
41 4
Apex Domain
Subdomains		 Transfer
36 thebodyshop.com
www.thebodyshop.com — Cisco Umbrella Rank: 593938
api.thebodyshop.com
1 MB
1 bigcontent.io
thebodyshop.a.bigcontent.io — Cisco Umbrella Rank: 776925
15 KB
41 2
Domain Requested by
34 www.thebodyshop.com 1 redirects www.thebodyshop.com
2 api.thebodyshop.com www.thebodyshop.com
1 thebodyshop.a.bigcontent.io
41 3

This site contains no links.

Subject Issuer Validity Valid
*.thebodyshop.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-25 -
2025-01-27		 a year crt.sh
*.bigcontent.io
GeoTrust TLS RSA CA G1		 2024-04-02 -
2025-05-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.thebodyshop.com/en-sg/
Frame ID: 54191CD3DB020832B9B47964EEA332BE
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Body Shop

Page URL History Show full URLs

  1. https://www.thebodyshop.com/en-sg HTTP 301
    https://www.thebodyshop.com/en-sg/ Page URL

Page Statistics

41
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

3
Countries

1338 kB
Transfer

8734 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.thebodyshop.com/en-sg HTTP 301
    https://www.thebodyshop.com/en-sg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thebodyshop.com/en-sg/
Redirect Chain
  • https://www.thebodyshop.com/en-sg
  • https://www.thebodyshop.com/en-sg/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/en-sg/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
13cb557f844885a96b84d5440c7388d0759929df3b56ea9dfbbc1cafd8b74ba2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
856
content-type
text/html; charset=utf-8
date
Sat, 13 Apr 2024 08:40:14 GMT
etag
W/"a8d-q658iMfBAX1KiWfJNkMOs4bpsLU-gzip"
expires
Sat, 13 Apr 2024 08:40:14 GMT
pragma
no-cache
strict-transport-security
max-age=15724800
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block

Redirect headers

content-length
0
date
Sat, 13 Apr 2024 08:40:13 GMT
location
https://www.thebodyshop.com/en-sg/
x-xss-protection
1; mode=block
theme-tbs.90a0eef5a3fadbec.css
www.thebodyshop.com/ 		2 MB
85 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/theme-tbs.90a0eef5a3fadbec.css
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/en-sg/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bda241dff2de5820e0beffd20f32c958a50fd81fa0b93b039ce5822eb6af7958
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:16 GMT
last-modified
Mon, 08 Apr 2024 05:15:17 GMT
etag
"660fe310-1e059c-gzip"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
86334
x-xss-protection
1; mode=block, 1; mode=block
theme-custom.98be6829bf635ae0.css
www.thebodyshop.com/ 		410 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/theme-custom.98be6829bf635ae0.css
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/en-sg/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
769a295a4bfbe64d4a30fba661c45604caa8cab081b74a3831504d00ef62f557
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:16 GMT
last-modified
Mon, 08 Apr 2024 05:15:45 GMT
etag
"660fe310-66716-gzip"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
34426
x-xss-protection
1; mode=block, 1; mode=block
runtime.c70b3968ee81aee0.js
www.thebodyshop.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/en-sg/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2cbccfec91f8136bbe10671d37a465cb0c1b3f4e00368c9b50a47c4856348243
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:16 GMT
last-modified
Mon, 08 Apr 2024 05:14:41 GMT
etag
"660fe310-143a-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2113
x-xss-protection
1; mode=block, 1; mode=block
polyfills.70ec810c50f68b63.js
www.thebodyshop.com/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/en-sg/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bea6e97c9488f82ed0b6a94cb35e884d2a496e813271edf14719c9c741244d64
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:16 GMT
last-modified
Wed, 27 Mar 2024 09:07:30 GMT
etag
"66019bfe-a999-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13240
x-xss-protection
1; mode=block, 1; mode=block
vendor.b2f3170e44eee3cb.js
www.thebodyshop.com/ 		2 MB
439 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/vendor.b2f3170e44eee3cb.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/en-sg/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
33bd90cdc4b7fa14b9d22c177a70054e57a9ed3d18edd2325c11a1855f7ad857
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:16 GMT
last-modified
Mon, 08 Apr 2024 05:16:17 GMT
etag
"660fe310-23be03-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
448889
x-xss-protection
1; mode=block, 1; mode=block
main.76b716b434db1862.js
www.thebodyshop.com/ 		497 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/main.76b716b434db1862.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/en-sg/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c6edcedad79f58f2876119bd52e4fa469b5ecba6a71a4b46a4fae069670a97c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:16 GMT
last-modified
Wed, 27 Mar 2024 09:08:25 GMT
etag
"66019bfe-7c5bc-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
105629
x-xss-protection
1; mode=block, 1; mode=block
WorkSans-Regular.woff2
www.thebodyshop.com/assets/fonts/Work_Sans/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/fonts/Work_Sans/WorkSans-Regular.woff2
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/theme-tbs.90a0eef5a3fadbec.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
598217a85707ae6f757844b50f1d434493fa866cef95a3cbc57d6a139e6821f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/theme-tbs.90a0eef5a3fadbec.css
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
date
Sat, 13 Apr 2024 08:40:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 15:45:47 GMT
etag
"65ef272b-bff8"
x-frame-options
DENY
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
49144
x-xss-protection
1; mode=block
expires
Sun, 13 Apr 2025 08:40:22 GMT
default-tbs_src_features_shared_public_api_ts.da583d1448f3685b.js
www.thebodyshop.com/ 		306 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/default-tbs_src_features_shared_public_api_ts.da583d1448f3685b.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c254e0dbafa0dd89247ce53ff5bbf13395100f61296e26a938a2b2b9f26bfb06
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:28 GMT
last-modified
Mon, 08 Apr 2024 05:15:13 GMT
etag
"660fe310-4c86c-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
58546
x-xss-protection
1; mode=block, 1; mode=block
default-tbs_src_features_my-account-shared_public_api_ts.bd6f8a6fb34e4598.js
www.thebodyshop.com/ 		280 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/default-tbs_src_features_my-account-shared_public_api_ts.bd6f8a6fb34e4598.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4b3b734256c42c8d8e048752ac0da4ef98f4b449830b651339637f5881a77627
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:28 GMT
last-modified
Wed, 27 Mar 2024 09:07:28 GMT
etag
"66019bfe-45f9c-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
63729
x-xss-protection
1; mode=block, 1; mode=block
default-tbs_src_features_cart-shared_public_api_ts.2b444feeaa089574.js
www.thebodyshop.com/ 		477 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/default-tbs_src_features_cart-shared_public_api_ts.2b444feeaa089574.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec804bd7d200d0205dc047a4ea566e8a7298274fffaa98fc6fa865ee010e608c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:28 GMT
last-modified
Mon, 08 Apr 2024 05:15:13 GMT
etag
"660fe310-77283-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
72407
x-xss-protection
1; mode=block, 1; mode=block
default-tbs_src_features_carousel_public_api_ts.13e78319e307e0e6.js
www.thebodyshop.com/ 		246 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/default-tbs_src_features_carousel_public_api_ts.13e78319e307e0e6.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc136e64b15fdd5aabd73e4b46117dd9c7c3bd87bd1451feebb7d31dfa725d06
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:28 GMT
last-modified
Mon, 08 Apr 2024 05:15:23 GMT
etag
"660fe310-3d6e8-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
34562
x-xss-protection
1; mode=block, 1; mode=block
default-tbs_src_features_amplience_public_api_ts.124e29f368620b9f.js
www.thebodyshop.com/ 		297 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/default-tbs_src_features_amplience_public_api_ts.124e29f368620b9f.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e129e1c35564d914802b73b2a3cf0e2b4c501d795e0836a9e636e418470a2459
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:28 GMT
last-modified
Wed, 27 Mar 2024 09:06:58 GMT
etag
"66019bfe-4a52a-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
56872
x-xss-protection
1; mode=block, 1; mode=block
default-tbs_src_features_gigya_public_api_ts.224f4517318949de.js
www.thebodyshop.com/ 		95 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/default-tbs_src_features_gigya_public_api_ts.224f4517318949de.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c91d2ef30ba273e32303059b1d20e6ef3e731e536891e4e6abf79b993f70d34
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:28 GMT
last-modified
Mon, 08 Apr 2024 05:15:20 GMT
etag
"660fe310-17d18-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21055
x-xss-protection
1; mode=block, 1; mode=block
default-tbs_src_features_amplience-dependant_public_api_ts.d6e2bead2f4d47fa.js
www.thebodyshop.com/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/default-tbs_src_features_amplience-dependant_public_api_ts.d6e2bead2f4d47fa.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2c004104e887071847e694fd9ab235eda5240acd911dec6aa9c1da139a3a7059
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:28 GMT
last-modified
Wed, 27 Mar 2024 09:20:34 GMT
etag
"66019bfe-73e6-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7310
x-xss-protection
1; mode=block, 1; mode=block
default-tbs_src_features_bazaar-voice_public_api_ts.cff632e42e28a3a2.js
www.thebodyshop.com/ 		231 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/default-tbs_src_features_bazaar-voice_public_api_ts.cff632e42e28a3a2.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c6856478aca182ce11c608b7477d8c710bd91501b8153b014aa8b7a669f352a8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:28 GMT
last-modified
Mon, 08 Apr 2024 05:15:11 GMT
etag
"660fe310-39b0a-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28177
x-xss-protection
1; mode=block, 1; mode=block
default-tbs_src_features_product_public_api_ts.cae200572e3f8342.js
www.thebodyshop.com/ 		176 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/default-tbs_src_features_product_public_api_ts.cae200572e3f8342.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b6010d42abcc32f5f71995fc3e241eabbe1551e8cf268a79aa2b60688656ce73
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:28 GMT
last-modified
Mon, 08 Apr 2024 05:15:39 GMT
etag
"660fe310-2c0e1-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
32939
x-xss-protection
1; mode=block, 1; mode=block
default-tbs_src_features_addresses_public_api_ts.150b6e8feb5cb6e0.js
www.thebodyshop.com/ 		186 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/default-tbs_src_features_addresses_public_api_ts.150b6e8feb5cb6e0.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
59024308fd6f0c7b4b9de4009e5d49b33e981cc8db222b5484e1ec4bca8e4464
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:28 GMT
last-modified
Wed, 27 Mar 2024 09:07:16 GMT
etag
"66019bfe-2e6de-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
29791
x-xss-protection
1; mode=block, 1; mode=block
tbs_src_features_addresses_root_facade_tbs-user-address_facade_ts.64db780c53cb6623.js
www.thebodyshop.com/ 		896 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/tbs_src_features_addresses_root_facade_tbs-user-address_facade_ts.64db780c53cb6623.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
155198f9bbfde98ae9bbcc7a74537a81897298f472d05373e1706719e2db8d6d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:28 GMT
last-modified
Wed, 27 Mar 2024 09:20:39 GMT
etag
"66019bfe-380-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
433
x-xss-protection
1; mode=block, 1; mode=block
basesites
api.thebodyshop.com/rest/v2/ 		55 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.thebodyshop.com/rest/v2/basesites?fields=FULL&lang=en&curr=USD
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.68.160.59 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
* /
Resource Hash
02ff0b11384487b021002a6c9c9cf0971d4f8959b4b3251ad99ccb7b5f668232
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 08:40:35 GMT
Strict-Transport-Security
max-age=16070400 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
5355
X-XSS-Protection
1; mode=block
Server
*
ETag
"0ed425c3af90a9be1f78e5941f30ac3c5-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Origin,Accept-Encoding,User-Agent,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.thebodyshop.com
Access-Control-Expose-Headers
x-anonymous-consents, occ-personalization-id, occ-personalization-time, asm-emulated-customerId, X-Monetate-request-url, X-Monetate-request-id
Cache-Control
public, max-age=21600
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5, max=100
favicon
thebodyshop.a.bigcontent.io/v1/static/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thebodyshop.a.bigcontent.io/v1/static/favicon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
125.56.219.17 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a125-56-219-17.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
dba868c06424b174a0ad5a68c0846ce56f61615bfff17fb4f8751c4a40db7365

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Sat, 13 Apr 2024 08:40:35 GMT
server
Unknown
x-amp-srv
A
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=86400
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15406
google-libphonenumber.c08e1885bcf5c0af.js
www.thebodyshop.com/ 		557 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/google-libphonenumber.c08e1885bcf5c0af.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c9cc3665b33f6ee639ef2514196958c681ae664d2b9cf70fe1778dd545d3af3e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:36 GMT
last-modified
Wed, 27 Mar 2024 09:07:01 GMT
etag
"66019bfe-8b592-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
95992
x-xss-protection
1; mode=block, 1; mode=block
tbs_src_features_cart_public_api_ts.a593de4238a6f894.js
www.thebodyshop.com/ 		160 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/tbs_src_features_cart_public_api_ts.a593de4238a6f894.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aa60ea029d37757ccf555a9ce28a5eb73bb6621db06cad2c9eb7f78462ca02c4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:37 GMT
last-modified
Wed, 27 Mar 2024 09:09:01 GMT
etag
"66019bfe-28153-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26460
x-xss-protection
1; mode=block, 1; mode=block
default-tbs_src_features_checkout_public_api_ts.25f6eaed340cf253.js
www.thebodyshop.com/ 		382 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/default-tbs_src_features_checkout_public_api_ts.25f6eaed340cf253.js
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/runtime.c70b3968ee81aee0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
149b7abc09bdbc8b01efe16beefb35d75a588715340141afd7109a074badd72a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.thebodyshop.com/en-sg/
Origin
https://www.thebodyshop.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800
content-encoding
br
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:37 GMT
last-modified
Wed, 27 Mar 2024 09:07:23 GMT
etag
"66019bfe-5f6b8-gzip"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
59061
x-xss-protection
1; mode=block, 1; mode=block
pages
api.thebodyshop.com/rest/v2/thebodyshop-sg/cms/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.thebodyshop.com/rest/v2/thebodyshop-sg/cms/pages?lang=en_SG&curr=SGD
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.68.160.59 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
* /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-monetate-request-url
Access-Control-Request-Method
GET
Origin
https://www.thebodyshop.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, x-monetate-request-url
Access-Control-Allow-Methods
GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
Access-Control-Allow-Origin
https://www.thebodyshop.com
Access-Control-Expose-Headers
x-anonymous-consents, occ-personalization-id, occ-personalization-time, asm-emulated-customerId, X-Monetate-request-url, X-Monetate-request-id
Connection
Keep-Alive
Content-Length
0
Date
Sat, 13 Apr 2024 08:40:39 GMT
Keep-Alive
timeout=5, max=99
Server
*
Strict-Transport-Security
max-age=15724800
Vary
Origin,User-Agent,Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN
pages
api.thebodyshop.com/rest/v2/thebodyshop-sg/cms/ 		0
0
address
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		1 KB
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/address
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
972cc8caabb2ba8dedcd62a2057b46ef7bb35847cb8f2aeab2b68283cf4b9db5
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:39 GMT
etag
"042df444e963cf249b41332aa19422133-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
public, max-age=21600
is-microcopy
true
content-length
561
x-xss-protection
1; mode=block, 1; mode=block
expires
Sat, 13 Apr 2024 14:40:39 GMT
common
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/common
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4e31e0409ab5fbba4ed959ec1c06098650b6b00a99192f7a7edd88af2974d2da
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:39 GMT
etag
"01283fc51ffefedcb6c95b55376169692-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
public, max-age=21600
is-microcopy
true
content-length
2426
x-xss-protection
1; mode=block, 1; mode=block
expires
Sat, 13 Apr 2024 14:40:39 GMT
myAccount
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/myAccount
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b00c28317ba1581abaa25bd853293e2e5f8be6d3d759a39596200b68cd79a9d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:39 GMT
etag
"0055ad7e7b9b8e493a0e6b8de0422cd92-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
public, max-age=21600
is-microcopy
true
content-length
3379
x-xss-protection
1; mode=block, 1; mode=block
expires
Sat, 13 Apr 2024 14:40:39 GMT
payment
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/payment
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed08849d41ef31cc330728bb79665246d81af76c4da75119a6d944bb0fec15a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:39 GMT
etag
"0a9184dd788dd5cad50e7aa33b4ca5395-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
public, max-age=21600
is-microcopy
true
content-length
1556
x-xss-protection
1; mode=block, 1; mode=block
expires
Sat, 13 Apr 2024 14:40:39 GMT
product
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/product
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ca3154d8b806ee6a2935db5f0d10d5a9d3d675ff734ad0ba3d94b259e273fdf2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:39 GMT
etag
"090b23716ada8594d6ecc6ae1042bc83a-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
public, max-age=21600
is-microcopy
true
content-length
1594
x-xss-protection
1; mode=block, 1; mode=block
expires
Sat, 13 Apr 2024 14:40:39 GMT
pwa
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		451 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/pwa
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aee9e5bde17e822212e52ba994ed15602b1d3da5cf5bbf1cb974327c25ea6e6f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:39 GMT
etag
"0e25730ee00197fe1b37f024a5765604f-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
public, max-age=21600
is-microcopy
true
content-length
207
x-xss-protection
1; mode=block, 1; mode=block
expires
Sat, 13 Apr 2024 14:40:39 GMT
user
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/user
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2e5b94554c30ede6a0e1dceeb404c6770749feff714858a91769b18807a44851
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Apr 2024 08:40:40 GMT
etag
"025998f4ab70827aaf4c78842a541ff9e-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
public, max-age=21600
is-microcopy
true
content-length
1124
x-xss-protection
1; mode=block, 1; mode=block
expires
Sat, 13 Apr 2024 14:40:40 GMT
video
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		2 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/video
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400 ; includeSubDomains
date
Sat, 13 Apr 2024 08:40:39 GMT
x-content-type-options
nosniff
etag
"099914b932bd37a50b983c5e7c90ae93b"
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
public, max-age=21600
is-microcopy
true
content-length
2
x-xss-protection
1; mode=block, 1; mode=block
expires
Sat, 13 Apr 2024 14:40:39 GMT
pdf
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		2 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/pdf
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400 ; includeSubDomains
date
Sat, 13 Apr 2024 08:40:39 GMT
x-content-type-options
nosniff
etag
"099914b932bd37a50b983c5e7c90ae93b"
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
public, max-age=21600
is-microcopy
true
content-length
2
x-xss-protection
1; mode=block, 1; mode=block
expires
Sat, 13 Apr 2024 14:40:39 GMT
deliveryMode
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		2 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/deliveryMode
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400 ; includeSubDomains
date
Sat, 13 Apr 2024 08:40:39 GMT
x-content-type-options
nosniff
etag
"099914b932bd37a50b983c5e7c90ae93b"
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
public, max-age=21600
is-microcopy
true
content-length
2
x-xss-protection
1; mode=block, 1; mode=block
expires
Sat, 13 Apr 2024 14:40:39 GMT
asm
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		0
0
userAccount
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		2 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/userAccount
Requested by
Host: www.thebodyshop.com
URL: https://www.thebodyshop.com/polyfills.70ec810c50f68b63.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.14.240 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-14-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://www.thebodyshop.com/en-sg/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400 ; includeSubDomains
date
Sat, 13 Apr 2024 08:40:44 GMT
x-content-type-options
nosniff
etag
"099914b932bd37a50b983c5e7c90ae93b"
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
public, max-age=21600
is-microcopy
true
content-length
2
x-xss-protection
1; mode=block, 1; mode=block
expires
Sat, 13 Apr 2024 14:40:44 GMT
checkout
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		0
0
order
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		0
0
myAccountV2Order
www.thebodyshop.com/assets/i18n-assets/en_SG/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.thebodyshop.com
URL
https://api.thebodyshop.com/rest/v2/thebodyshop-sg/cms/pages?lang=en_SG&curr=SGD
Domain
www.thebodyshop.com
URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/asm
Domain
www.thebodyshop.com
URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/checkout
Domain
www.thebodyshop.com
URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/order
Domain
www.thebodyshop.com
URL
https://www.thebodyshop.com/assets/i18n-assets/en_SG/myAccountV2Order

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| monetateT object| webpackChunktbs_app function| $localize function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| monetateQ object| bodyShopPublicApi function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

1 Cookies

Domain/Path Name / Value
www.thebodyshop.com/ Name: ROUTE
Value: .jsapps-6877dd67bb-smjjd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.thebodyshop.com
thebodyshop.a.bigcontent.io
www.thebodyshop.com
api.thebodyshop.com
www.thebodyshop.com
125.56.219.17
23.77.14.240
40.68.160.59
02ff0b11384487b021002a6c9c9cf0971d4f8959b4b3251ad99ccb7b5f668232
13cb557f844885a96b84d5440c7388d0759929df3b56ea9dfbbc1cafd8b74ba2
149b7abc09bdbc8b01efe16beefb35d75a588715340141afd7109a074badd72a
155198f9bbfde98ae9bbcc7a74537a81897298f472d05373e1706719e2db8d6d
2c004104e887071847e694fd9ab235eda5240acd911dec6aa9c1da139a3a7059
2cbccfec91f8136bbe10671d37a465cb0c1b3f4e00368c9b50a47c4856348243
2e5b94554c30ede6a0e1dceeb404c6770749feff714858a91769b18807a44851
33bd90cdc4b7fa14b9d22c177a70054e57a9ed3d18edd2325c11a1855f7ad857
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b3b734256c42c8d8e048752ac0da4ef98f4b449830b651339637f5881a77627
4e31e0409ab5fbba4ed959ec1c06098650b6b00a99192f7a7edd88af2974d2da
59024308fd6f0c7b4b9de4009e5d49b33e981cc8db222b5484e1ec4bca8e4464
598217a85707ae6f757844b50f1d434493fa866cef95a3cbc57d6a139e6821f6
769a295a4bfbe64d4a30fba661c45604caa8cab081b74a3831504d00ef62f557
7c91d2ef30ba273e32303059b1d20e6ef3e731e536891e4e6abf79b993f70d34
8b00c28317ba1581abaa25bd853293e2e5f8be6d3d759a39596200b68cd79a9d
8c6edcedad79f58f2876119bd52e4fa469b5ecba6a71a4b46a4fae069670a97c
972cc8caabb2ba8dedcd62a2057b46ef7bb35847cb8f2aeab2b68283cf4b9db5
aa60ea029d37757ccf555a9ce28a5eb73bb6621db06cad2c9eb7f78462ca02c4
aee9e5bde17e822212e52ba994ed15602b1d3da5cf5bbf1cb974327c25ea6e6f
b6010d42abcc32f5f71995fc3e241eabbe1551e8cf268a79aa2b60688656ce73
bda241dff2de5820e0beffd20f32c958a50fd81fa0b93b039ce5822eb6af7958
bea6e97c9488f82ed0b6a94cb35e884d2a496e813271edf14719c9c741244d64
c254e0dbafa0dd89247ce53ff5bbf13395100f61296e26a938a2b2b9f26bfb06
c6856478aca182ce11c608b7477d8c710bd91501b8153b014aa8b7a669f352a8
c9cc3665b33f6ee639ef2514196958c681ae664d2b9cf70fe1778dd545d3af3e
ca3154d8b806ee6a2935db5f0d10d5a9d3d675ff734ad0ba3d94b259e273fdf2
dba868c06424b174a0ad5a68c0846ce56f61615bfff17fb4f8751c4a40db7365
e129e1c35564d914802b73b2a3cf0e2b4c501d795e0836a9e636e418470a2459
ec804bd7d200d0205dc047a4ea566e8a7298274fffaa98fc6fa865ee010e608c
fc136e64b15fdd5aabd73e4b46117dd9c7c3bd87bd1451feebb7d31dfa725d06
fed08849d41ef31cc330728bb79665246d81af76c4da75119a6d944bb0fec15a