urlscan.io logo urlscan.io
SecurityTrails logo

culturess.com Open in urlscan Pro
2a02:26f0:dc::217:6113  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u12097671.ct.sendgrid.net/ls/click?upn=4PC2wo0fWhUBQdJDPL-2Fxerma-2FiNLXrBX17zncJLRZJOSkbsTQT4MSXZakMxT3GnLlJk2N344UvjUqgb...
Effective URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Submission: On September 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 126 IPs in 14 countries across 90 domains to perform 571 HTTP transactions. The main IP is 2a02:26f0:dc::217:6113, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is culturess.com. The Cisco Umbrella rank of the primary domain is 142933.
TLS certificate: Issued by R3 on July 21st 2022. Valid for: 3 months.
This is the only time culturess.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.28 11377 (SENDGRID)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
11 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
20 2a02:26f0:470... 20940 (AKAMAI-ASN1)
1 151.101.130.217 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
7 2.21.20.151 20940 (AKAMAI-ASN1)
1 52.222.206.192 16509 (AMAZON-02)
16 52.222.209.55 16509 (AMAZON-02)
6 23.35.237.86 16625 (AKAMAI-AS)
1 108.138.7.37 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 18.66.122.120 16509 (AMAZON-02)
1 3 13.32.99.90 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
1 2600:1901:0:8... 15169 (GOOGLE)
1 96.16.142.89 16625 (AKAMAI-AS)
1 142.250.185.230 15169 (GOOGLE)
16 23.35.229.181 16625 (AKAMAI-AS)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 151.139.128.11 20446 (STACKPATH...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2.21.20.132 20940 (AKAMAI-ASN1)
4 2.21.20.221 20940 (AKAMAI-ASN1)
1 2600:9000:223... 16509 (AMAZON-02)
1 104.244.42.136 13414 (TWITTER)
3 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.41 16509 (AMAZON-02)
4 18.66.112.11 16509 (AMAZON-02)
5 108.138.17.121 16509 (AMAZON-02)
1 2a02:26f0:470... 20940 (AKAMAI-ASN1)
7 130.211.115.4 396982 (GOOGLE-CL...)
2 2600:1901:0:f... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
6 108.138.7.47 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 34.120.117.212 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:26f0:470... 20940 (AKAMAI-ASN1)
4 151.101.14.132 54113 (FASTLY)
1 143.204.89.5 16509 (AMAZON-02)
1 2.18.69.56 16625 (AKAMAI-AS)
2 92.123.21.200 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.21.20.156 20940 (AKAMAI-ASN1)
1 13.32.99.89 16509 (AMAZON-02)
1 63.34.160.33 16509 (AMAZON-02)
13 52.28.203.152 16509 (AMAZON-02)
3 18 2606:4700:303... 13335 (CLOUDFLAR...)
14 37.252.173.62 29990 (ASN-APPNEX)
6 18.194.70.236 16509 (AMAZON-02)
1 8 216.52.2.30 32475 (SINGLEHOP...)
6 198.47.127.22 3257 (GTT-BACKB...)
6 54.205.36.89 14618 (AMAZON-AES)
6 157.90.3.144 24940 (HETZNER-AS)
7 213.19.147.43 3356 (LEVEL3)
1 9 104.18.19.126 13335 (CLOUDFLAR...)
6 2.18.69.48 16625 (AKAMAI-AS)
5 54.77.13.172 16509 (AMAZON-02)
11 2602:803:c003... 26667 (RUBICONPR...)
20 35.244.159.8 15169 (GOOGLE)
1 18 64.202.112.127 23352 (SERVERCEN...)
3 23.35.236.201 16625 (AKAMAI-AS)
2 3 185.94.180.126 35220 (SPOTX-AMS)
2 35.244.174.68 15169 (GOOGLE)
3 2600:9000:21b... 16509 (AMAZON-02)
5 45.133.44.3 7018 (ATT-INTER...)
1 185.64.190.78 62713 (AS-PUBMATIC)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
13 34.226.74.25 14618 (AMAZON-AES)
3 45.133.44.4 7018 (ATT-INTER...)
10 2a0c:5c81:514... 55081 (24SHELLS)
2 44.193.192.96 14618 (AMAZON-AES)
9 2a0c:5c81:509... 55081 (24SHELLS)
9 51.89.9.254 16276 (OVH)
2 2 23.75.240.210 16625 (AKAMAI-AS)
4 23.205.235.133 16625 (AKAMAI-AS)
2 76.223.111.18 16509 (AMAZON-02)
1 3 147.75.85.234 54825 (PACKET)
3 3 213.19.147.45 26120 (RHYTHMONE)
5 15.197.193.217 16509 (AMAZON-02)
4 66.155.71.149 13768 (COGECO-PEER1)
4 52.87.80.187 14618 (AMAZON-AES)
1 1 37.252.173.22 29990 (ASN-APPNEX)
1 2 3.126.56.137 16509 (AMAZON-02)
1 185.86.139.94 201081 (SMARTADSE...)
1 35.186.253.211 15169 (GOOGLE)
37 185.94.180.123 35220 (SPOTX-AMS)
2 2600:1f18:612... 14618 (AMAZON-AES)
3 5 209.54.182.161 16509 (AMAZON-02)
1 4 104.18.18.126 13335 (CLOUDFLAR...)
3 6 216.58.212.130 15169 (GOOGLE)
1 151.101.194.49 54113 (FASTLY)
1 54.155.183.30 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 8.43.72.97 26667 (RUBICONPR...)
2 4 69.173.144.138 26667 (RUBICONPR...)
3 3 69.173.144.139 26667 (RUBICONPR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 3 52.95.118.179 16509 (AMAZON-02)
2 38.91.45.7 398989 (DEEPINTENT)
2 64.74.236.255 19024 (INTERNAP-...)
3 178.250.2.131 44788 (ASN-CRITE...)
2 81.17.55.112 60781 (LEASEWEB-...)
1 185.184.10.30 203690 (RTB-HOUSE...)
1 185.255.84.150 200271 (IGUANE-)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 37.157.4.23 198622 (ADFORM)
1 185.184.8.90 204995 (RTB-HOUSE...)
4 2a02:2638:1::3 44788 (ASN-CRITE...)
1 198.47.127.18 62713 (AS-PUBMATIC)
2 2 3.126.157.114 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
1 157.90.211.246 24940 (HETZNER-AS)
1 35.158.53.117 16509 (AMAZON-02)
3 2600:9000:230... 16509 (AMAZON-02)
3 6 2406:2600:4::b 55569 (CRITEO-AS...)
5 178.250.2.146 44788 (ASN-CRITE...)
2 141.95.98.71 16276 (OVH)
1 18.203.72.119 16509 (AMAZON-02)
1 18.66.97.91 16509 (AMAZON-02)
3 4 2.21.20.202 20940 (AKAMAI-ASN1)
1 1 18.134.84.23 ()
571 126
1    167.89.118.28 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net
u12097671.ct.sendgrid.net
2    2606:4700::6811:804d (United States)

ASN13335 (CLOUDFLARENET, US)
app2.cision.com
6    2a02:26f0:dc::217:6113 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
culturess.com
11    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
4    2606:4700:20::ac43:4579 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.wazimo.com
content.wazimo.com
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
20    2a02:26f0:4700::215:4a63 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
cdn.fansided.com
1    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
scripts.webcontentassessor.com
5    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
7    2.21.20.151 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-151.deploy.static.akamaitechnologies.com
images2.minutemediacdn.com
1    52.222.206.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-192.fra56.r.cloudfront.net
d3ujids68p6xmq.cloudfront.net
16    52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net
c.amazon-adsystem.com
6    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    108.138.7.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-37.fra56.r.cloudfront.net
native.sharethrough.com
8    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    18.66.122.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-120.fra60.r.cloudfront.net
launcher.spot.im
3    13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2600:1901:0:802f::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
gammamaximum.com
1    96.16.142.89 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-142-89.deploy.static.akamaitechnologies.com
cdn3.optimizely.com
1    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
16    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
6    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
6    2606:4700:20::ac43:4771 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.equalweb.com
9    2.21.20.132 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-132.deploy.static.akamaitechnologies.com
www.oo-syringe.com
4    2.21.20.221 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-221.deploy.static.akamaitechnologies.com
cdn.mmctsvc.com
1    2600:9000:223f:a600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
4    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    18.66.97.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-41.fra56.r.cloudfront.net
direct-events-collector.spot.im
4    18.66.112.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-11.fra56.r.cloudfront.net
publisher-assets.spot.im
5    108.138.17.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-121.fra56.r.cloudfront.net
api-2-0.spot.im
1    2a02:26f0:4700::215:4a52 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
content.voltaxservices.io
7    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
2    2600:1901:0:f8d1::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
memorizeneck.com
2    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:211a:bc00:1:4290:76c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
promotions.minutemediaservices.com
6    108.138.7.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-47.fra56.r.cloudfront.net
static-cdn.spot.im
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    34.120.117.212 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.117.120.34.bc.googleusercontent.com
ls.skimresources.com
2    2606:4700:20::ac43:4728 (United States)

ASN13335 (CLOUDFLARENET, US)
bqstreamer.com
1    2a02:26f0:4700::215:4a2a (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
factor-service.prod.voltaxservices.io
4    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
1    143.204.89.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-5.fra50.r.cloudfront.net
ats.rlcdn.com
1    2.18.69.56 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-56.deploy.static.akamaitechnologies.com
s.ntv.io
2    92.123.21.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-200.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2.21.20.156 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-156.deploy.static.akamaitechnologies.com
bucket1.mm-syringe.com
1    13.32.99.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-89.fra60.r.cloudfront.net
geo.privacymanager.io
1    63.34.160.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
13    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
18    2606:4700:3036::ac43:c951 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
14    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
6    18.194.70.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-70-236.eu-central-1.compute.amazonaws.com
tlx.3lift.com
8    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
6    198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
6    54.205.36.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-36-89.compute-1.amazonaws.com
hb.minutemedia-prebid.com
6    157.90.3.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.3.90.157.clients.your-server.de
shb.richaudience.com
7    213.19.147.43 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
targeting.unrulymedia.com
9    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
6    2.18.69.48 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-48.deploy.static.akamaitechnologies.com
a.teads.tv
5    54.77.13.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-13-172.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
11    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
20    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
minutemedia-d.openx.net
spot-im-d.openx.net
u.openx.net
18    64.202.112.127 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
log.outbrainimg.com
b1sync.zemanta.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
di.rlcdn.com
id.rlcdn.com
3    2600:9000:21b8:9800:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
5    45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.spotim.market
p.safeservingcdn.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
13    34.226.74.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-74-25.compute-1.amazonaws.com
track1.aniview.com
3    45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.adtelligent.com
10    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.spotim.market
ghb.adtelligent.com
ghb1.adtelligent.com
2    44.193.192.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-192-96.compute-1.amazonaws.com
go1.aniview.com
9    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
9    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    213.19.147.45 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    52.87.80.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-80-187.compute-1.amazonaws.com
sync.aniview.com
1    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
37    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
2    2600:1f18:612b:4264:191d:3f4:ef20:24a8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
p4dt2-980w2.ads.tremorhub.com
5    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
6    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
cm.g.doubleclick.net
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    54.155.183.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-183-30.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a05:d018:d29:3601:1c03:949a:3875:f724 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    52.95.118.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
prebid.deepintent.com
2    64.74.236.255 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1h.zemanta.com
3    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    81.17.55.112 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
1    185.255.84.150 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
4    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    3.126.157.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-157-114.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
1    35.158.53.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-53-117.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    2600:9000:2304:8c00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
6    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
5    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu
id5-sync.com
1    18.203.72.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-72-119.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    18.66.97.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-91.fra56.r.cloudfront.net
pix.spot.im
4    2.21.20.202 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-202.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    18.134.84.23 (None, )

ASN- ()
1f2e7.v.fwmrm.net
Apex Domain
Subdomains		 Transfer
40 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 778
search.spotxchange.com — Cisco Umbrella Rank: 678
40 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 694
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1365
eus.rubiconproject.com — Cisco Umbrella Rank: 840
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1325
pixel.rubiconproject.com — Cisco Umbrella Rank: 494
token.rubiconproject.com — Cisco Umbrella Rank: 1115
37 KB
24 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2410
track1.aniview.com — Cisco Umbrella Rank: 2549
go1.aniview.com — Cisco Umbrella Rank: 5345
sync.aniview.com — Cisco Umbrella Rank: 3125
233 KB
24 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 362
s.amazon-adsystem.com — Cisco Umbrella Rank: 415
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274
150 KB
23 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4265
log.outbrainimg.com — Cisco Umbrella Rank: 2588
images.outbrainimg.com — Cisco Umbrella Rank: 2497
619 KB
21 openx.net
minutemedia-d.openx.net — Cisco Umbrella Rank: 34051
spot-im-d.openx.net — Cisco Umbrella Rank: 13180
rtb.openx.net — Cisco Umbrella Rank: 2282
u.openx.net — Cisco Umbrella Rank: 975
3 KB
20 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1474
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3337
odb.outbrain.com — Cisco Umbrella Rank: 1813
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5995
mv.outbrain.com — Cisco Umbrella Rank: 2878
151 KB
20 fansided.com
cdn.fansided.com — Cisco Umbrella Rank: 69111
214 KB
18 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6406
ghb.adtelligent.com — Cisco Umbrella Rank: 6082
s.adtelligent.com — Cisco Umbrella Rank: 5516
ghb1.adtelligent.com — Cisco Umbrella Rank: 9342
102 KB
18 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 12083
10 KB
18 spot.im
launcher.spot.im — Cisco Umbrella Rank: 5483
direct-events-collector.spot.im — Cisco Umbrella Rank: 5182
publisher-assets.spot.im — Cisco Umbrella Rank: 5359
api-2-0.spot.im — Cisco Umbrella Rank: 3811
static-cdn.spot.im — Cisco Umbrella Rank: 4961
pix.spot.im — Cisco Umbrella Rank: 5470
172 KB
16 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1251
ups.analytics.yahoo.com — Cisco Umbrella Rank: 419
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1492
2 KB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
ad.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
316 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 329
secure.adnxs.com — Cisco Umbrella Rank: 725
30 KB
14 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
gum.criteo.com — Cisco Umbrella Rank: 458
mug.criteo.com — Cisco Umbrella Rank: 1814
10 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 755
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709
ssum.casalemedia.com — Cisco Umbrella Rank: 1950
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904
10 KB
11 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702
ads.pubmatic.com — Cisco Umbrella Rank: 713
image6.pubmatic.com — Cisco Umbrella Rank: 891
image8.pubmatic.com — Cisco Umbrella Rank: 928
18 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 730
214 KB
10 ad-score.com
data.ad-score.com — Cisco Umbrella Rank: 4615
js.ad-score.com — Cisco Umbrella Rank: 5466
127 KB
9 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
2 KB
9 oo-syringe.com
www.oo-syringe.com — Cisco Umbrella Rank: 21154
352 KB
9 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3870
t.skimresources.com — Cisco Umbrella Rank: 3687
p.skimresources.com — Cisco Umbrella Rank: 6586
r.skimresources.com — Cisco Umbrella Rank: 3481
ls.skimresources.com — Cisco Umbrella Rank: 10130
22 KB
9 gstatic.com
fonts.gstatic.com
166 KB
8 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 2666
sync.1rx.io — Cisco Umbrella Rank: 807
2 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
5 KB
8 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 863
eb2.3lift.com — Cisco Umbrella Rank: 652
3 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
471 KB
7 spotim.market
sync.spotim.market Failed
player.spotim.market — Cisco Umbrella Rank: 8501
ghb.spotim.market — Cisco Umbrella Rank: 10099
181 KB
7 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 5114
sync.richaudience.com — Cisco Umbrella Rank: 3036
2 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
region1.google-analytics.com — Cisco Umbrella Rank: 2119
20 KB
7 minutemediacdn.com
images2.minutemediacdn.com — Cisco Umbrella Rank: 19217
36 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1392
6 KB
6 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 12184
2 KB
6 equalweb.com
cdn.equalweb.com — Cisco Umbrella Rank: 33104
28 KB
6 culturess.com
culturess.com — Cisco Umbrella Rank: 142933
40 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
1 KB
5 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 985
1 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 1002
4 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
112 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 951
573 B
4 mmctsvc.com
cdn.mmctsvc.com — Cisco Umbrella Rank: 22379
139 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
imasdk.googleapis.com — Cisco Umbrella Rank: 456
128 KB
4 wazimo.com
cdn.wazimo.com — Cisco Umbrella Rank: 33139
content.wazimo.com — Cisco Umbrella Rank: 23844
6 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 845
b1h.zemanta.com — Cisco Umbrella Rank: 5715
555 B
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1267
prg.smartadserver.com — Cisco Umbrella Rank: 1864
4 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1508
375 B
3 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2173
371 KB
3 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2028
di.rlcdn.com — Cisco Umbrella Rank: 2877
id.rlcdn.com — Cisco Umbrella Rank: 885
api.rlcdn.com Failed
36 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 3469
627 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3915
www.google.com — Cisco Umbrella Rank: 19
953 B
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1004
syndication.twitter.com — Cisco Umbrella Rank: 1252
133 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 223
2 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 636
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 420
1 KB
2 adform.net
adx.adform.net — Cisco Umbrella Rank: 3113
412 B
2 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 17367
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5726
357 B
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1316
161 B
2 deepintent.com
prebid.deepintent.com — Cisco Umbrella Rank: 11199
229 B
2 tremorhub.com
p4dt2-980w2.ads.tremorhub.com — Cisco Umbrella Rank: 19530
832 B
2 safeservingcdn.com
p.safeservingcdn.com — Cisco Umbrella Rank: 35634
27 KB
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2186
34 KB
2 bqstreamer.com
bqstreamer.com — Cisco Umbrella Rank: 19340
876 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
315 B
2 memorizeneck.com
memorizeneck.com — Cisco Umbrella Rank: 110329
723 B
2 voltaxservices.io
content.voltaxservices.io — Cisco Umbrella Rank: 22522
factor-service.prod.voltaxservices.io — Cisco Umbrella Rank: 21676
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
111 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1040
697 B
2 sharethrough.com
native.sharethrough.com — Cisco Umbrella Rank: 3166
match.sharethrough.com — Cisco Umbrella Rank: 799
71 KB
2 cision.com
app2.cision.com
1000 B
1 fwmrm.net
1f2e7.v.fwmrm.net
532 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2151
335 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1463
356 B
1 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3176
369 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4860
706 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1205
759 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 846
430 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 949
177 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1970
539 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2075
594 B
1 mm-syringe.com
bucket1.mm-syringe.com — Cisco Umbrella Rank: 25546
43 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4767
137 KB
1 minutemediaservices.com
promotions.minutemediaservices.com — Cisco Umbrella Rank: 33680
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 791
466 B
1 optimizely.com
cdn3.optimizely.com — Cisco Umbrella Rank: 7023
718 B
1 gammamaximum.com
gammamaximum.com — Cisco Umbrella Rank: 109635
28 KB
1 cloudfront.net
d3ujids68p6xmq.cloudfront.net
42 KB
1 webcontentassessor.com
scripts.webcontentassessor.com — Cisco Umbrella Rank: 4020
34 KB
1 sendgrid.net
u12097671.ct.sendgrid.net
247 B
0 adxpremium.services Failed
rtb.adxpremium.services Failed
0 33across.com Failed
ssc.33across.com Failed
571 90
Domain Requested by
37 search.spotxchange.com player.aniview.com
20 cdn.fansided.com culturess.com
cdn.fansided.com
18 ex.ingage.tech 3 redirects cdn.mmctsvc.com
culturess.com
16 c.amazon-adsystem.com culturess.com
c.amazon-adsystem.com
www.oo-syringe.com
player.spotim.market
15 images.outbrainimg.com culturess.com
14 ib.adnxs.com cdn.mmctsvc.com
player.spotim.market
player.adtelligent.com
13 track1.aniview.com culturess.com
player.aniview.com
12 c2shb.pubgw.yahoo.com cdn.mmctsvc.com
11 fastlane.rubiconproject.com cdn.mmctsvc.com
player.spotim.market
11 cdn.cookielaw.org culturess.com
cdn.cookielaw.org
scripts.webcontentassessor.com
10 spot-im-d.openx.net player.aniview.com
player.spotim.market
10 mcdp-nydc1.outbrain.com widgets.outbrain.com
9 onetag-sys.com player.spotim.market
player.aniview.com
player.adtelligent.com
9 s.adtelligent.com player.spotim.market
9 www.oo-syringe.com scripts.webcontentassessor.com
www.oo-syringe.com
9 fonts.gstatic.com cdn.fansided.com
fonts.googleapis.com
8 ap.lijit.com 1 redirects cdn.mmctsvc.com
player.spotim.market
8 www.googletagmanager.com culturess.com
www.googletagmanager.com
cdn.mmctsvc.com
www.oo-syringe.com
scripts.webcontentassessor.com
7 log.outbrainimg.com widgets.outbrain.com
7 data.ad-score.com culturess.com
js.ad-score.com
7 images2.minutemediacdn.com culturess.com
6 gum.criteo.com 3 redirects static.criteo.net
6 cm.g.doubleclick.net 3 redirects ssum.casalemedia.com
culturess.com
6 minutemedia-d.openx.net cdn.mmctsvc.com
6 a.teads.tv cdn.mmctsvc.com
www.googletagmanager.com
6 htlb.casalemedia.com cdn.mmctsvc.com
player.spotim.market
6 shb.richaudience.com cdn.mmctsvc.com
6 hb.minutemedia-prebid.com cdn.mmctsvc.com
6 hbopenbid.pubmatic.com cdn.mmctsvc.com
player.spotim.market
6 tlx.3lift.com cdn.mmctsvc.com
6 static-cdn.spot.im launcher.spot.im
culturess.com
scripts.webcontentassessor.com
6 cdn.equalweb.com scripts.webcontentassessor.com
cdn.equalweb.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
culturess.com
6 culturess.com culturess.com
5 mug.criteo.com culturess.com
5 s.amazon-adsystem.com 3 redirects ssum.casalemedia.com
culturess.com
5 match.adsrvr.org culturess.com
ssum.casalemedia.com
player.spotim.market
5 ghb.adtelligent.com p.safeservingcdn.com
player.spotim.market
5 player.aniview.com scripts.webcontentassessor.com
player.aniview.com
5 ads.yieldmo.com cdn.mmctsvc.com
5 tag.1rx.io cdn.mmctsvc.com
5 api-2-0.spot.im launcher.spot.im
static-cdn.spot.im
5 widgets.outbrain.com culturess.com
scripts.webcontentassessor.com
5 securepubads.g.doubleclick.net culturess.com
scripts.webcontentassessor.com
securepubads.g.doubleclick.net
4 ads.stickyadstv.com 3 redirects player.aniview.com
4 static.criteo.net player.spotim.market
static.criteo.net
player.adtelligent.com
4 u.openx.net player.aniview.com
culturess.com
4 pixel.rubiconproject.com 2 redirects culturess.com
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
4 sync.aniview.com player.aniview.com
ssum.casalemedia.com
4 pixel-sync.sitescout.com culturess.com
s.adtelligent.com
player.aniview.com
4 eus.rubiconproject.com player.spotim.market
eus.rubiconproject.com
player.aniview.com
4 ghb.spotim.market player.spotim.market
4 publisher-assets.spot.im launcher.spot.im
culturess.com
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
4 cdn.mmctsvc.com scripts.webcontentassessor.com
cdn.mmctsvc.com
www.oo-syringe.com
3 js.ad-score.com scripts.webcontentassessor.com
js.ad-score.com
3 bidder.criteo.com player.spotim.market
player.adtelligent.com
3 aax-eu.amazon-adsystem.com 2 redirects culturess.com
3 token.rubiconproject.com 3 redirects
3 sync.1rx.io 3 redirects
3 prebid.a-mo.net 1 redirects player.spotim.market
3 player.adtelligent.com player.spotim.market
p.safeservingcdn.com
player.adtelligent.com
3 player.spotim.market culturess.com
player.spotim.market
3 rumcdn.geoedge.be static-cdn.spot.im
player.spotim.market
rumcdn.geoedge.be
3 sync.search.spotxchange.com 2 redirects culturess.com
3 ads.pubmatic.com scripts.webcontentassessor.com
player.spotim.market
player.aniview.com
3 www.google.de culturess.com
3 t.skimresources.com culturess.com
s.skimresources.com
3 sb.scorecardresearch.com 1 redirects culturess.com
3 fonts.googleapis.com culturess.com
scripts.webcontentassessor.com
3 cdn.wazimo.com culturess.com
cdn.fansided.com
cdn.wazimo.com
2 id5-sync.com player.spotim.market
player.adtelligent.com
2 x.bidswitch.net 2 redirects
2 adx.adform.net player.adtelligent.com
2 prg.smartadserver.com player.spotim.market
2 b1h.zemanta.com player.spotim.market
2 targeting.unrulymedia.com player.spotim.market
2 prebid.deepintent.com player.spotim.market
2 p4dt2-980w2.ads.tremorhub.com player.aniview.com
2 ups.analytics.yahoo.com 1 redirects player.aniview.com
2 ssum-sec.casalemedia.com 1 redirects culturess.com
2 eb2.3lift.com player.spotim.market
culturess.com
2 secure-assets.rubiconproject.com 2 redirects
2 go1.aniview.com player.aniview.com
2 p.safeservingcdn.com player.spotim.market
p.safeservingcdn.com
2 mv.outbrain.com scripts.webcontentassessor.com
2 secure.cdn.fastclick.net scripts.webcontentassessor.com
culturess.com
2 odb.outbrain.com scripts.webcontentassessor.com
2 bqstreamer.com content.wazimo.com
cdn.fansided.com
2 ls.skimresources.com s.skimresources.com
2 www.facebook.com culturess.com
2 www.google.com culturess.com
2 memorizeneck.com gammamaximum.com
2 p.skimresources.com culturess.com
2 connect.facebook.net culturess.com
connect.facebook.net
2 platform.twitter.com culturess.com
scripts.webcontentassessor.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 app2.cision.com 2 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 pix.spot.im launcher.spot.im
1 id.crwdcntrl.net player.spotim.market
1 match.sharethrough.com culturess.com
1 sync.richaudience.com culturess.com
1 odr.mookie1.com culturess.com
1 image8.pubmatic.com culturess.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 ghb1.adtelligent.com player.spotim.market
1 web.hb.ad.cpe.dotomi.com player.spotim.market
1 c2shb.ssp.yahoo.com player.spotim.market
1 hb-api.omnitagjs.com player.spotim.market
1 prebid-us.creativecdn.com player.spotim.market
1 id.rlcdn.com culturess.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 pixel-us-east.rubiconproject.com culturess.com
1 p.rfihub.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 match.prod.bidr.io ssum.casalemedia.com
1 sync-tm.everesttech.net ssum.casalemedia.com
1 rtb.openx.net culturess.com
1 ssbsync.smartadserver.com player.aniview.com
1 secure.adnxs.com 1 redirects
1 ssum.casalemedia.com player.aniview.com
1 image6.pubmatic.com ads.pubmatic.com
1 di.rlcdn.com culturess.com
1 jadserve.postrelease.com scripts.webcontentassessor.com
1 geo.privacymanager.io ats.rlcdn.com
1 bucket1.mm-syringe.com scripts.webcontentassessor.com
1 imasdk.googleapis.com scripts.webcontentassessor.com
1 s.ntv.io scripts.webcontentassessor.com
1 ats.rlcdn.com scripts.webcontentassessor.com
1 factor-service.prod.voltaxservices.io www.oo-syringe.com
1 promotions.minutemediaservices.com cdn.mmctsvc.com
1 content.voltaxservices.io www.oo-syringe.com
1 content.wazimo.com scripts.webcontentassessor.com
1 region1.google-analytics.com www.googletagmanager.com
1 direct-events-collector.spot.im launcher.spot.im
1 region1.analytics.google.com www.googletagmanager.com
1 r.skimresources.com s.skimresources.com
1 syndication.twitter.com platform.twitter.com
1 static.adsafeprotected.com scripts.webcontentassessor.com
1 s.skimresources.com www.googletagmanager.com
1 widget-pixels.outbrain.com culturess.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 ad.doubleclick.net culturess.com
1 cdn3.optimizely.com d3ujids68p6xmq.cloudfront.net
1 gammamaximum.com culturess.com
1 launcher.spot.im scripts.webcontentassessor.com
1 native.sharethrough.com culturess.com
1 d3ujids68p6xmq.cloudfront.net culturess.com
1 scripts.webcontentassessor.com culturess.com
1 u12097671.ct.sendgrid.net 1 redirects
0 api.rlcdn.com Failed player.spotim.market
0 rtb.adxpremium.services Failed player.adtelligent.com
0 sync.spotim.market Failed culturess.com
player.spotim.market
s.adtelligent.com
0 ssc.33across.com Failed cdn.mmctsvc.com
571 156
Subject Issuer Validity Valid
rushthekop.com
R3		 2022-07-21 -
2022-10-19		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-10 -
2023-05-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
blogoflegends.com
R3		 2022-08-25 -
2022-11-23		 3 months crt.sh
scripts.webcontentassessor.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-08-04 -
2023-09-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.90min.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-25 -
2023-08-27		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.spot.im
Amazon		 2021-11-04 -
2022-12-02		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
gammamaximum.com
R3		 2022-08-24 -
2022-11-22		 3 months crt.sh
*.optimizely.com
DigiCert SHA2 Secure Server CA		 2021-12-24 -
2022-12-24		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-15 -
2022-09-13		 3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
cdn.mmctsvc.com
R3		 2022-07-17 -
2022-10-15		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
content.voltaxservices.io
R3		 2022-07-20 -
2022-10-18		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
memorizeneck.com
R3		 2022-08-29 -
2022-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.minutemediaservices.com
Amazon		 2022-01-24 -
2023-02-22		 a year crt.sh
*.prod.voltaxservices.io
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.postrelease.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2022-07-13 -
2023-08-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
hb.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
gw.geoedge.be
Amazon		 2021-10-13 -
2022-11-10		 a year crt.sh
player.spotim.market
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
player.adtelligent.com
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
ghb.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-08-23 -
2022-11-21		 3 months crt.sh
p.safeservingcdn.com
R3		 2022-08-13 -
2022-11-11		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-31 -
2022-10-29		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-08 -
2022-11-06		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh

This page contains 43 frames:

Primary Page: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Frame ID: 3E81CA663487472B1BB3554890FBDD64
Requests: 399 HTTP requests in this frame

Frame: https://cdn3.optimizely.com/js/geo2.js?cb=1662400569785
Frame ID: 54F3D37A511AFFDC817A0C1162299E4E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fculturess.com
Frame ID: 6D176F42047F4DC8205C801864F65550
Requests: 2 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9646777859009241
Frame ID: 929BB9DCEA5590004B655D9664239A38
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 9AB68A23CA6A4E7C62F4351B51864569
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-PL4PD49
Frame ID: 1F833AEE43400A7216F0EED0624D0B94
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 90C3A397156D282C752DB08A930BEB9C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 7EE268565435FC59A6737A54F4DBA5B7
Requests: 2 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: B002D7792AD25FC8A4336A5967507302
Requests: 57 HTTP requests in this frame

Frame: https://p.safeservingcdn.com/prebidlink/19240/j.html?i=11598
Frame ID: E5DEF141D59FB25C3FBB18A8754B2209
Requests: 18 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 1E0055D8892F7AFA45AB40C7750F2CBF
Requests: 4 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=572165
Frame ID: F582DB3F532C3C75159B519C0F06B2CF
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=730717
Frame ID: EA68F0807C31C0CDB991C790F698ABFF
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=744459
Frame ID: 5DCE0A0D3904BA4211F5FA0E3850EBDA
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=752915
Frame ID: 7D3BEFD9BE5DBF64FC4C58EF0FEB420C
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=744458
Frame ID: 4A4D5D03C351EE6E1B579931515E5861
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=744445
Frame ID: 5C4DC11A145C563713F38DA8EF7D46C5
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=736291
Frame ID: E1C68CCC1880BCE0060DCAF63C02EE06
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=735207
Frame ID: 8321106284DAD76DAF669EF8992DFD87
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=736239
Frame ID: 236BA240217771408B265252AB4BB95F
Requests: 2 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=271858&extuid=8517197437325276119
Frame ID: 1C6E0CC5B13ED3B80D5F63564A9E6534
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 30AE043334C33FE0104333DF06F9314F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: EC27110B2AFDED94C5DC7E36E18033DF
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID
Frame ID: C431A4011D3297D131C8D9EED25A0281
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: FDFCCE059D5D699F68268B6A360A93DF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 7F7E184855BE9D2D6E904716CF3D27AE
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D42%26key%3D
Frame ID: 192FEBD4F871F818F01CD9B8490B83CB
Requests: 10 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=2&key=02b51005-2d44-11ed-a8e3-129210fe0306
Frame ID: F05C4E53BA07F6FDDCC412822838EDF5
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D
Frame ID: 0FE7581A379274D0E451B053B68F19BF
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=55&key=8517197437325276119
Frame ID: FE4058B34D4579715F34684012D5140F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D1%26key%3D
Frame ID: DE2126998CC0D565E51082AF23E3A520
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: D76539CDDC7836B8078A9DEC8A847C48
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 6B15F079BECF89F662067716F2288E77
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=200&key=OPTOUT
Frame ID: 88DA6889D521F21DDF2D6B84D9B1B209
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Frame ID: 3E098BE169B4B97CEA98D825306C2D11
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: 41394434DBDB456CBA3E8B569D55FE6F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1662400573474&us_privacy=1---
Frame ID: 3CCC15677B2DEFBBB18A45FAACD31293
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: F8019059EDE538C51D1053BBBB0718FC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1662400573326&us_privacy=1---
Frame ID: 4E3BD170DE3D7AD2F7FE607BED8D62B8
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: FF5B08DFE432E40EED669252FA875C07
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000690
Frame ID: 930A0730C2B0D674A907B492FDDA3BE6
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5C24D2713445ECEAED233FA209D2490F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=culturess.com&gdpr=1&gdpr_consent=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA
Frame ID: 7CEC9FBB063D3F9AC6A66E706EF8AC81
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

21 Days of Beauty is back at Ulta with plenty of deals to choose fromBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://u12097671.ct.sendgrid.net/ls/click?upn=4PC2wo0fWhUBQdJDPL-2Fxerma-2FiNLXrBX17zncJLRZJOSkbsTQT4MSXZakMx... HTTP 302
    http://app2.cision.com/redir?s=1131042583858 HTTP 302
    https://app2.cision.com/redir?s=1131042583858 HTTP 302
    https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • cdn\.equalweb\.com.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

571
Requests

92 %
HTTPS

29 %
IPv6

90
Domains

156
Subdomains

126
IPs

14
Countries

5258 kB
Transfer

15997 kB
Size

113
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u12097671.ct.sendgrid.net/ls/click?upn=4PC2wo0fWhUBQdJDPL-2Fxerma-2FiNLXrBX17zncJLRZJOSkbsTQT4MSXZakMxT3GnLlJk2N344UvjUqgbT0-2BAubQ-3D-3DygY4_vab-2BQUqbE5KA1x32hdOJqsGh7-2B7UHY9czOSzFuteQNmTjDS4EN34xwR74HqJ-2Fc-2BFtPxAkCrMc7VUdsA51KoNjzz4eBgah8HWZ1pQNzurAarP5h-2B1VctKQzl5LaU56lYcOeOnlzWF1mX4r6En1K-2B8SbuMeerAKpNGXjFFwmG1IC6nMF-2Fb9kXRa3-2B9gUWIWdy2-2FYK8p57e-2Bs30bq7nZdWoAH1f8R83ik8MuU03Z89eb4YVfDXz-2FUhWdx3SOCQTfCEw HTTP 302
    http://app2.cision.com/redir?s=1131042583858 HTTP 302
    https://app2.cision.com/redir?s=1131042583858 HTTP 302
    https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://sb.scorecardresearch.com/cs/18120612/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 250
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=8517197437325276119
Request Chain 251
  • https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=02b51048-2d44-11ed-a8e3-129210fe0306
Request Chain 252
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-T8tKKQVE2uEC1qdSiaK5wvxWJ5SAPnnR~A
Request Chain 253
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=02b51543-2d44-11ed-a3fd-1365eaaf0206 HTTP 302
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=02b51005-2d44-11ed-a8e3-129210fe0306
Request Chain 297
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=8517197437325276119
Request Chain 299
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 303
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1662400564991 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5105827954
Request Chain 305
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
Request Chain 306
  • https://ups.analytics.yahoo.com/ups/58558/occ HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-7.z7CiBE2uHZZfEDFC_0D1jdRX6Vs0qJKmE3fOY-~A
Request Chain 357
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=2&key=02b51005-2d44-11ed-a8e3-129210fe0306
Request Chain 359
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=55&key=8517197437325276119
Request Chain 362
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 363
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=200&key=OPTOUT
Request Chain 384
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxY4NMHsjeTEs0CFbMCLJQAABIYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxY4NMHsjeTEs0CFbMCLJQAABIYAAAIB&dcc=t
Request Chain 385
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YxY4NMHsjeTEs0CFbMCLJQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK5Thhx_sfNtMbXTCAWEwvQ&google_cver=1&gdpr=1
Request Chain 390
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 391
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821587111971
Request Chain 413
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5rlqG9hlSMSbkJDe35j89Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5rlqG9hlSMSbkJDe35j89Q
Request Chain 414
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/K-tQ5r3Z_HSg9r1EW_BAacn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4498987488488472879
Request Chain 415
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMwkUrsSVhDU08qoc1DFjE&google_cver=1
Request Chain 418
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ATtSempSQ92xXKl8pUc29w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ATtSempSQ92xXKl8pUc29w
Request Chain 419
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdQMkRHUEMtMjEtM0NTVA==&us_privacy=1---
Request Chain 420
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzM3OWU0MTRkMDU1YmU5YTg4YjNmMjU3ZDJiYzBmMmQ0ZWZhZTY2Nw&us_privacy=1---
Request Chain 504
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=ed5c9c44-9786-49b2-afd1-64b17bce6157 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=insticator&custom_data=ed5c9c44-9786-49b2-afd1-64b17bce6157 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=02f3aee3-2a95-4594-9955-bb3b2f2455dc&ssp=insticator&gdpr=&gdpr_consent=
Request Chain 506
  • https://ex.ingage.tech/v1/syncPage/yahoo?userId=ed5c9c44-9786-49b2-afd1-64b17bce6157&to=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58602%2Focc HTTP 302
  • https://ups.analytics.yahoo.com/ups/58602/occ HTTP 302
  • https://ex.ingage.tech/v1/syncPage/yahoo?uid=y-7.z7CiBE2uHZZfEDFC_0D1jdRX6Vs0qJKmE3fOY-~A HTTP 302
  • https://ex.ingage.tech/v1/sync/yahoo/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=y-7.z7CiBE2uHZZfEDFC_0D1jdRX6Vs0qJKmE3fOY-~A
Request Chain 507
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2Fed5c9c44-9786-49b2-afd1-64b17bce6157%3Fuid%3D HTTP 302
  • https://ex.ingage.tech/v1/sync/amx/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=c7cd6a51-6f36-4e92-a4ee-bbb8999f6252&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 508
  • https://ex.ingage.tech/v1/syncPage/sharethrough?userId=ed5c9c44-9786-49b2-afd1-64b17bce6157&to=https%3A%2F%2Fmatch.sharethrough.com%2Funiversal%2Fv1%3Fsupply_id%3Djc3Tkmr6 HTTP 302
  • https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6
Request Chain 509
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Fed5c9c44-9786-49b2-afd1-64b17bce6157%3Fuid%3D%24UID HTTP 307
  • https://ex.ingage.tech/v1/sync/sovrn/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=FRD0uBZHkXVplsWoQnKNqHXJ
Request Chain 538
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.safeservingcdn.com&sn=ChromeSyncframe&so=0&topUrl=culturess.com&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=w3wyoHxWUEVIVWRodTFSbXNCcFJUSE1lV3pjNWxRK0k4bVE5aEx5bTFGeURlWkxESHBOT05GZ1orRXhnYVJwaWEwdy9PSmIxczU2M1cySEdYbXBHZ04xSXl5SzRjZjllQjZHRTNranlMdlBPVmxNN3JRNmg3cE14dHc0dmR5ZmkxaUowWmE3ZXR2dExYbXFlT2p5c0RvVGg1M00xcFYzMEVZRDI0SXNCUTNCc1U5LzlvMTJaa3ZBUWtNYW5TRnRMK1hHQ3JWY3RackJobXl1b3RMQU9VamI2dzRKMHA0NEV0TlBQZ25BbStaUjVKTFpRPXw&cppv=2
Request Chain 543
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fculturess.com%2F&domain=culturess.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=qs8OUXx2cG5uWDBrbnZhSWlNd0tvRXRvZ09RTUNxSVdieXV5Y0NaMHFFVCtxWjVuZk1tcVg3Q3MyeEFxamI4RG1sVXNWbEdkWEUrSkRCSW92NTZoekMxVzN2V2xZQnRFaHdhTFZObi9IWjRuNEV4VDhzSVRTeEw4eVRaTlJ6cFFSd2dURTV3c2VXa1NUZGV3UkVwV01rd2UwQVpqSm9mZGtQZm5LR0FIeTBQV3VBaW9VSDRleE05aHl0bTkvRU16MDFKbldieUZUclg3ZVlNdStvOTV2eVF0aUd1dmhaOWNVVHlYNFV4eTM3bk1QR0lPT0xiTGhmeGlsNlBYb1l6cnd6RzN6SWJTWFZNdG1mRUQ2aEp5cUM4bFJMUT09fA&cppv=2
Request Chain 549
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.safeservingcdn.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=b5gIinw3dG9KRGh1K1hmR2JnR1pFWURlYlJONCtwMU83Z0JFam9JdWZzaW9xQTJvcGo4SHhpZTVKSXFJUFhTQXlYVDd3NU1uT2s5UktHSWo2S3hUc3hRQWUxRkdvcW9mSGtIdDFlditqS1RXRTREY1Z2Zy9hcGtsajgxVzU2L3pTUlV1bDdoM0tnOEtMMkhlRk1naVBydUFBUnNuYW1LODlrR1VGWFFpcXdZSzBuNm9lRzM2Ym5KZHdnNk5OY1ZZRWZXcnNwdm8xZElFM1BXQUFMQXVJaXExODh0S0tBcHovV0lFOTIvRUtQZlZlYkxaelZzLzhITm1BdUx2MlIrYkhva1B3SUdqZVVaeDZhZm1DQWJBSDBlSU1iUDlhZGJpT2NtRUdGZFBDY2NqOStLYz18&cppv=2
Request Chain 572
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2d2f424e7d15281466d452ed56716&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1dda_7139956175491326724&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MmQyZjQyNGU3ZDE1MjgxNDY2ZDQ1MmVkNTY3MTY=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBY3hNCl0IOF86rStt_UPQI&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

571 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Redirect Chain
  • https://u12097671.ct.sendgrid.net/ls/click?upn=4PC2wo0fWhUBQdJDPL-2Fxerma-2FiNLXrBX17zncJLRZJOSkbsTQT4MSXZakMxT3GnLlJk2N344UvjUqgbT0-2BAubQ-3D-3DygY4_vab-2BQUqbE5KA1x32hdOJqsGh7-2B7UHY9czOSzFuteQNm...
  • http://app2.cision.com/redir?s=1131042583858
  • https://app2.cision.com/redir?s=1131042583858
  • https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
113 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::217:6113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
1c9374cf61008ebf8aee12f06b7e8544d5745ba4c6ed385887a421325743728d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-length
23317
content-type
text/html; charset=UTF-8
date
Mon, 05 Sep 2022 17:56:02 GMT
expires
Mon, 05 Sep 2022 17:56:02 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Akamai
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-cache-config
0 0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-pingback
https://culturess.com/xmlrpc.php
x-user-agent
standard
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
7460d6cefd0791fb-FRA
content-length
0
date
Mon, 05 Sep 2022 17:56:01 GMT
location
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
server
cloudflare
server-timing
intid;desc=26b7dfe1ce80f0d1
x-application-context
application:production
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
432
vary
Accept-Encoding
content-length
7151
x-ms-lease-status
unlocked
last-modified
Mon, 05 Sep 2022 12:13:17 GMT
server
cloudflare
etag
0x8DA8F38040B0AE7
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
93f83460-401e-00b4-6339-c1d4e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d6d9f9c6995d-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ERttG9+iQk1LCPjR495NRw==
age
428
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5c711e05-101e-016f-5f44-283667000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7460d6d9f9c8995d-FRA
main.js
cdn.wazimo.com/engine/common/widgets/mmlogger/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.wazimo.com/engine/common/widgets/mmlogger/main.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4579 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b3d60cf22a301353fd3d6907dfcb94a0330b3344e5be986e22cd83f1441b58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 14 Aug 2022 14:54:10 GMT
server
cloudflare
age
2667
etag
W/"62f90c92-9e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOrcEa8z891321bGTi7%2FzGDAUjq1tJWtp3g8pUXKL9Az7QJQbe3%2BwHB%2BERuMShg1MvTE%2BRx74styvQ9%2F4FU8WYR8dqbM2gPMZKU5t7ajERwd2t7fKhsPNAjT5Jpp7XlY14bZXI8X7tyZmbAq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=2537
cf-ray
7460d6daed949193-FRA
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
minify
style.css
culturess.com/wp-content/plugins/voltax-video-player/styles/ 		116 B
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://culturess.com/wp-content/plugins/voltax-video-player/styles/style.css?ver=1644424553
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::217:6113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 16:35:53 GMT
server
Akamai
etag
"6203ed69-74"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2132863
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
120
expires
Fri, 30 Sep 2022 10:23:45 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald&ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 17:48:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 05 Sep 2022 17:56:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Sep 2022 17:56:02 GMT
css
fonts.googleapis.com/ 		722 B
452 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web&ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19c459b0ed66b69066cef6ca25981e3c5252bb0712e6307769acdafb59ddfbf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 17:18:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 05 Sep 2022 17:56:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Sep 2022 17:56:02 GMT
style.css
cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/ 		434 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
29bd20722dcc17f6d043bd905e16bfa1c6d38b301713b616e606ec7fd6cadb9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:05 GMT
server
Akamai
etag
W/"630cee79-6c740"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1983382
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
69091
expires
Wed, 28 Sep 2022 16:52:24 GMT
shortcodes-f7dd6f7f5d.css
culturess.com/wp-content/plugins/fansided-shortcodes/dist/ 		61 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://culturess.com/wp-content/plugins/fansided-shortcodes/dist/shortcodes-f7dd6f7f5d.css
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::217:6113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
b0c2113e1ad7f23803d09116ac468469cad617e7afe10de77779e14a25f1a08b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 00:04:42 GMT
server
Akamai
etag
W/"6257651a-f488"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2503536
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
9622
expires
Tue, 04 Oct 2022 17:21:38 GMT
network-nav.css
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
2e8eb8e96e4642198b4bf42b26a34cd87de62058ea2533daeb8d5ae4bbbba446

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:19 GMT
server
Akamai
etag
W/"630cee87-9e56"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1983476
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
6596
expires
Wed, 28 Sep 2022 16:53:58 GMT
mm-video.js
cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/ 		74 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/mm-video.js?ver=1.6.0
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
c889d3593066c74eae7b8f0ee34c61dbe7c6a57a1807830e7c29bd807781fac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 16:35:53 GMT
server
Akamai
etag
"6203ed69-4a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1034631
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
59
expires
Sat, 17 Sep 2022 17:19:53 GMT
jquery.js
cdn.fansided.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 11 Mar 2022 06:24:25 GMT
server
Akamai
etag
W/"622aeb19-17a6a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=598870
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
34019
expires
Mon, 12 Sep 2022 16:17:12 GMT
iframeSizer.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/iframeSizer.min.js?ver=4.9.21
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:00 GMT
server
Akamai
etag
W/"630cee74-2d5b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2148652
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
4629
expires
Fri, 30 Sep 2022 14:46:54 GMT
a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
scripts.webcontentassessor.com/scripts/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d31223f18c49ab37f228ae8f3c0b687a9cb0c05c371724f4cbd7aad6cc4542c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
vLUB.F384QP2vCyYx5ugAIf9VE3RIhtW
content-encoding
gzip
etag
"98078d6cb0790c987a93cfef65109174"
age
3474
x-cache
HIT
content-length
34786
x-amz-id-2
RmBiQRfBXGSulOt+SPltbl0RhIKy9o4ElcHj2zMQZlnATAR+8tcAdklnj6Z+PMg+wVpzmEfdP94=
x-served-by
cache-hhn4027-HHN
last-modified
Mon, 05 Sep 2022 16:49:18 GMT
server
AmazonS3
x-timer
S1662400562.254068,VS0,VE0
date
Mon, 05 Sep 2022 17:56:02 GMT
vary
Accept-Encoding
x-amz-request-id
MXDVJVSRM2Q83D05
via
1.1 varnish
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
18
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9384b83d0217ed2aa98aaa86e39ffc0d7a682907f4113601eeec99ac48579b1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28504
x-xss-protection
0
server
sffe
etag
"1324 / 565 of 1000 / last-modified: 1662156516"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 05 Sep 2022 17:56:02 GMT
logo_culturess-com__150x150.png
images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/culturessfs/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/culturessfs/logo_culturess-com__150x150.png
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
72f546d8d3d21951d12a0a4069c1bc576a73a65407b6458e999ef6a8d62e20f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
cache-tag
366545055741384146784693250083548260010,662553213988233024108064803616198510339,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="logo_culturess-com__150x150.webp"
content-length
2286
x-served-by
cache-lga21956-LGA
last-modified
Tue, 25 Feb 2020 19:22:05 GMT
x-timer
S1659622021.792098,VS0,VE118
etag
"4771d16ef15025ea6da1a1e797f0c7af"
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 12 Sep 2022 17:56:02 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2Fculturess.com%2Fwp-content%2Fuploads%2Fgetty-images%2F2018%2F08%2F1393173784-1-850x560.jpeg
images2.minutemediacdn.com/image/fetch/w_850,h_560,c_fill,g_auto,f_auto/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/w_850,h_560,c_fill,g_auto,f_auto/https%3A%2F%2Fculturess.com%2Fwp-content%2Fuploads%2Fgetty-images%2F2018%2F08%2F1393173784-1-850x560.jpeg
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b35f202c4f288dd7a6478e161b6639cb3025197a7cf4594b77315145b5d1e636

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
cache-tag
634844444657472553053307142926358082050,579840806160488005519863900356814521168,94a1dd9ac5291745da96948b5fe90b03
status
200 OK
content-disposition
inline; filename="1393173784-1-850x560.webp"
content-length
11864
x-request-id
834ea3da29573d680d966f1d77826fed
x-served-by
cache-lga21962-LGA
last-modified
Sun, 28 Aug 2022 02:04:25 GMT
x-timer
S1661652264.970593,VS0,VE659
etag
"6087213aa92f29616aa0fa560567620e"
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 12 Sep 2022 17:56:02 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
logo_culturess-com__150x150.png
cdn.fansided.com/wp-content/assets/site_images/culturessfs/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.fansided.com/wp-content/assets/site_images/culturessfs/logo_culturess-com__150x150.png
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
0979cd8b320c1523b170110c212e466a8b53845d4b75c2a0255b05b6ad8e0342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Aug 2017 03:28:56 GMT
server
Akamai
etag
"599cf678-671f"
content-type
image/png
cache-control
max-age=1521509
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
26399
expires
Fri, 23 Sep 2022 08:34:31 GMT
fansided-logo.svg
cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/fansided-logo.svg
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Jul 2022 20:21:25 GMT
server
Akamai
etag
W/"62e19e45-2191"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1191118
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
3016
expires
Mon, 19 Sep 2022 12:48:00 GMT
apple-app.png
culturess.com/wp-content/themes/fansided-v5/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://culturess.com/wp-content/themes/fansided-v5/assets/images/apple-app.png
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::217:6113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Jul 2022 20:21:25 GMT
server
Akamai
etag
"62e19e45-682"
content-type
image/png
cache-control
max-age=1093175
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
1666
expires
Sun, 18 Sep 2022 09:35:37 GMT
android-app.png
culturess.com/wp-content/themes/fansided-v5/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://culturess.com/wp-content/themes/fansided-v5/assets/images/android-app.png
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::217:6113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:50:29 GMT
server
Akamai
etag
"630cee55-f1f"
content-type
image/png
cache-control
max-age=2506861
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
3871
expires
Tue, 04 Oct 2022 18:17:03 GMT
abw.js
d3ujids68p6xmq.cloudfront.net/ 		223 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ujids68p6xmq.cloudfront.net/abw.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-192.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 03:28:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Feb 2018 14:40:14 GMT
Server
AmazonS3
Age
52071
ETag
"e817b0f323fb2559fcb2e5701865527a"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P3
Accept-Ranges
bytes
Content-Length
42771
X-Amz-Cf-Id
cN0XacyMe2HFJ_x0_aso6a9QLa3RiAsDJ73vMGN6eWJ0kWeAf3WXbg==
apstag.js
c.amazon-adsystem.com/aax2/ 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 17:36:19 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:55 GMT
server
AmazonS3
age
1184
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
g7NX_IcunRYzoAyqtJvPgKm8b7GsFIQblfJiyLT8zo-RKnrjcYnowQ==
front.js
cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/ 		1 KB
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/front.js?ver=1644424553
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
b393f9c320cbb557f0344993c5e65ca72f6f771ecd4f773fa6a2fd3f1ac36b6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 16:35:53 GMT
server
Akamai
etag
W/"6203ed69-41a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1819570
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
405
expires
Mon, 26 Sep 2022 19:22:12 GMT
longform.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		272 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/longform.min.js?ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:50:59 GMT
server
Akamai
etag
"630cee73-110"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1983351
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
202
expires
Wed, 28 Sep 2022 16:51:53 GMT
fs-event-preview.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		1 KB
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/fs-event-preview.min.js?ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:50:59 GMT
server
Akamai
etag
W/"630cee73-5ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1983370
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
485
expires
Wed, 28 Sep 2022 16:52:12 GMT
outbrain.js
widgets.outbrain.com/ 		207 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afd968c1b8f95bdb7236be3770e14f06f937a6ee42e4c9f217ca624d6d39a732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
last-modified
Sun, 04 Sep 2022 10:18:51 GMT
etag
"17-JkTH8vzqQfazAM5RluJLKwEni70"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
46d1edbd5011a181d6691cae071d5128
timing-allow-origin
*, *
content-length
72855
main.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/main.min.js?ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
0a7d2102b40065807ab283b7a4a2256bf1c18d3cb804b46035999e8be8593d25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:50:59 GMT
server
Akamai
etag
W/"630cee73-6c48"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1983394
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
8753
expires
Wed, 28 Sep 2022 16:52:36 GMT
localforage.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/localforage.min.js?ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
c907ff5de3815d7660b3695631617e16aece8701385bd9120f232d94c956f130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:00 GMT
server
Akamai
etag
W/"630cee74-5d97"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1983335
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
7278
expires
Wed, 28 Sep 2022 16:51:37 GMT
infinity.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/infinity.min.js?ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
7f976fa2b8374df939d4ee4d1f5d24c4bf7607520d4460bc08d049d364b4905c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:00 GMT
server
Akamai
etag
W/"630cee74-16ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1983325
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
2300
expires
Wed, 28 Sep 2022 16:51:27 GMT
network-nav.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.min.js?ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
1b2295f150d93c7cbbae441911d7d71dbca1852c713744b0aea4a8566ab5342d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:19 GMT
server
Akamai
etag
W/"630cee87-97de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1983383
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
13887
expires
Wed, 28 Sep 2022 16:52:25 GMT
bundled-scripts.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		946 B
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/bundled-scripts.min.js?ver=2.73.2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:07 GMT
server
Akamai
etag
W/"630cee7b-3b2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1984779
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
455
expires
Wed, 28 Sep 2022 17:15:41 GMT
wp-embed.js
cdn.fansided.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-includes/js/wp-embed.js?ver=4.9.21
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Aug 2022 22:55:57 GMT
server
Akamai
etag
W/"630e957d-c68"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2148561
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
1243
expires
Fri, 30 Sep 2022 14:45:23 GMT
sfp.js
native.sharethrough.com/assets/ 		264 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js?ver=4.9.21
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0254f664aaf6f2c172fadda0971ad2bb5dcd106617750a78c49a4f0cab1fad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:02:41 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 15:02:19 GMT
server
AmazonS3
age
3202
etag
W/"0fb5f5e697f7a4a77a89f18e7bcb37cc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
Gm3YxmiKt14yZYnef3Ov1fwwFnJFhlgEmiHqZRCn8COXSexPFzaUTQ==
expires
Fri, 02 Sep 2022 16:02:17 GMT
0c4a9ffe-6742-48e8-b69c-606f41481017.json
cdn.cookielaw.org/consent/0c4a9ffe-6742-48e8-b69c-606f41481017/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0c4a9ffe-6742-48e8-b69c-606f41481017/0c4a9ffe-6742-48e8-b69c-606f41481017.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081a747f23737dedf0226fb629e575f2e4dccdd2ba113ac15ba8913415c6b90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
3nyrShYMgOlQoPEWG5nSYw==
vary
Accept-Encoding
content-length
1564
x-ms-lease-status
unlocked
last-modified
Tue, 26 Jul 2022 15:26:22 GMT
server
cloudflare
etag
0x8DA6F1B32186294
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
afffd598-201e-00c9-2304-a1482c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d6da49a09243-FRA
expires
Mon, 05 Sep 2022 21:56:02 GMT
twemoji.js
cdn.fansided.com/wp-includes/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-includes/js/twemoji.js?ver=4.9.21
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Aug 2022 22:55:57 GMT
server
Akamai
etag
W/"630e957d-64c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2148588
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
7682
expires
Fri, 30 Sep 2022 14:45:50 GMT
wp-emoji.js
cdn.fansided.com/wp-includes/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-includes/js/wp-emoji.js?ver=4.9.21
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Aug 2022 22:55:57 GMT
server
Akamai
etag
W/"630e957d-1a68"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2148609
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
content-length
2637
expires
Fri, 30 Sep 2022 14:46:11 GMT
gtm.js
www.googletagmanager.com/ 		432 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07e431b9e2389a65efadf220b47a1a34dc289629279849964bf927a2d66a46b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91555
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Sep 2022 17:56:02 GMT
anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff
fonts.gstatic.com/s/titilliumweb/v4/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:45:39 GMT
x-content-type-options
nosniff
age
465023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15292
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 23:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 08:45:39 GMT
FontSided1dot5.woff
cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/FontSided1dot5.woff?v=1.5
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 24 Aug 2022 17:16:42 GMT
server
Akamai
etag
"63065cfa-4bec"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=1785078
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
19436
expires
Mon, 26 Sep 2022 09:47:20 GMT
Y_TKV6o8WovbUd3m_X9aAA.ttf
fonts.gstatic.com/s/oswald/v10/ 		34 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v10/Y_TKV6o8WovbUd3m_X9aAA.ttf
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
334a98eaeec325cbc84a300e98e133aae9fac74e682f34d11bf0cea7236781f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19906
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:36:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 08:45:53 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		176 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7460d6db1ed69c0d-FRA
access-control-allow-headers
Content-Type
anMUvcNT0H1YN4FII8wpr24bNCNEoFTpS2BTjF6FB5E.woff
fonts.gstatic.com/s/titilliumweb/v4/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wpr24bNCNEoFTpS2BTjF6FB5E.woff
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c4379ae888a737fd330f0c964e263b1a64a51a7a69a5c76f3dc049a7f1b325a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 19:03:27 GMT
x-content-type-options
nosniff
age
514355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15568
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 23:50:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Aug 2023 19:03:27 GMT
sp_ed8vmIJd
launcher.spot.im/spot/ 		286 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_ed8vmIJd
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
248d34284cbbad91bbcd3b7af2f51b2df49311b7b1ff1117606366eed50277cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
cz9v1_tQ.JIFYrO5MxA4kHTiMlNfGAO5
content-encoding
br
etag
"8f09925c9764f9903fbb9fb45759879e"
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
68873
last-modified
Mon, 05 Sep 2022 11:17:47 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 17:56:03 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
28CBHOxenhSCO6TfAWjbjuypeJ9692Ch85SDHQMkprmceKGBqksFhg==
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/18120612/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:44:55 GMT
content-encoding
gzip
etag
W/"5b0f9f0704a703b8da651007721fac57"
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
668
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
1TjkI0qPvMi9Ihd-t04u7JzXUu7A7Memir3QLoz5nocmK8gt-kCv1g==

Redirect headers

location
/internal-cs/default/beacon.js
date
Mon, 05 Sep 2022 17:56:02 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
AyMfeadTkvmlwa8LWBUrZ91ifWenKP1W82KdLMr88kqRBUUj-lAOXg==
x-cache
Miss from cloudfront
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:56:02 GMT
Content-Encoding
gzip
Age
1068
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29220
x-tw-cdn
VZ
Last-Modified
Wed, 31 Aug 2022 20:41:50 GMT
Server
ECS (frb/6724)
Etag
"f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
gammamaximum.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:802f::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
c3d126928499e63ba73ea68e379ea83c5fc83b383c0a80665a4f843f183685d0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"41fd993d9877fcc08cc05a8e21a917e634ee2095b1318e32e25e6b3a20d377a9"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-test-04vg
content-type
text/javascript; charset=utf-8
via
1.1 google
cache-control
private, must-revalidate, max-age=21600
date
Mon, 05 Sep 2022 17:56:02 GMT
x-buildnumber
629166827
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
https%3A%2F%2Fculturess.com%2Ffiles%2F2018%2F04%2FIMG_0186.jpg
images2.minutemediacdn.com/image/fetch/c_fill,g_auto,h_200,w_200,f_auto/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,g_auto,h_200,w_200,f_auto/https%3A%2F%2Fculturess.com%2Ffiles%2F2018%2F04%2FIMG_0186.jpg
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ac912f73fff1b0dada62a7096d745cbe6a2c88769dc4896025b794fcd8aa7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
cache-tag
544538094073472053234622797818957665229,437234851850187985990197924015317100431,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="IMG_0186.webp"
content-length
4298
x-served-by
cache-iad-kiad7000173-IAD
last-modified
Tue, 01 Sep 2020 23:18:13 GMT
x-timer
S1660731640.807672,VS0,VE83
etag
"06f091414e6f8f8d0f97a6f8186e79ab"
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 12 Sep 2022 17:56:02 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/oswald/v10/ 		39 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v10/bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 13:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
536007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22073
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:36:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 13:02:35 GMT
7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff
fonts.gstatic.com/s/titilliumweb/v4/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v4/7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 11:21:24 GMT
x-content-type-options
nosniff
age
542078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15504
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 23:53:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Aug 2023 11:21:24 GMT
HqHm7BVC_nzzTui2lzQTDaCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/oswald/v10/ 		30 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v10/HqHm7BVC_nzzTui2lzQTDaCWcynf_cDxXwCLxiixG1c.ttf
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
380438fbfce6f2930e3deb99dbadfeee4eca7bfa3f09a6cc8a2250af90df13f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18810
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:38:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 31 Aug 2023 05:55:34 GMT
anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff
fonts.gstatic.com/s/titilliumweb/v4/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:48:24 GMT
x-content-type-options
nosniff
age
464858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14692
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 23:51:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 08:48:24 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.37.0/ 		367 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c09d17405fc079c641533fb989b284d6b25fe4a402017701cfbf0d22b31611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
84QDGKEUCS7BR7wlSH5now==
age
13679
vary
Accept-Encoding
content-length
89029
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:58 GMT
server
cloudflare
etag
0x8DA6BAB51B19C0E
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
55dbfc92-801e-00ed-7f9a-9dd162000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d6dbcc4c995d-FRA
accessibility-light.svg
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/assets/images/ 		612 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/assets/images/accessibility-light.svg
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a63 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
b0f9acc2facbbbf8a8d2c056a0be3238c6b28354369e5b21ff15ac38f49810ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.73.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Jul 2022 19:21:42 GMT
server
Akamai
etag
"62bf4946-264"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1775526
date
Mon, 05 Sep 2022 17:56:02 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
351
expires
Mon, 26 Sep 2022 07:08:08 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
56148
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 02:20:15 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
CLDNR0-dQDa73iW0p-zK55dHdgleU48AZL_GiMsP5UWgeqzBrkRzgA==
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		185 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f808368b7d46fb5ca2841964ebb52519e57a058455eb1e50f90a25aecd2346f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7460d6dc5823900a-FRA
date
Mon, 05 Sep 2022 17:56:02 GMT
vary
Accept-Encoding
content-type
text/javascript
/
cdn.wazimo.com/engine/common/widgets/mmlogger/min/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.wazimo.com/engine/common/widgets/mmlogger/min/?static=true&v=1014
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4579 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
b82f1be33a3a2d8d5e1af6191b3b5c6fe5523e67b041d5f887157da4330ed2b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
2474
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2U1nFMqa8wlR8m1eIIHkiToO3KIPHlQAmF0478P3VFaPgXn9WudFrhsjJtJmFrKY4J3aJyHAaXXIVUd%2BH2LhtLM7RiV1fwEV2fHs2%2FQomoz%2BAWfaK%2BNRnUZfTL78Zt6dF68bpLsWT0sNxCm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=12648
last-modified
Mon, 05 Sep 2022 17:14:48 GMT
cf-ray
7460d6dc4fd19193-FRA
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
https%3A%2F%2Fculturess.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91073-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fculturess.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91073-850x560.jpeg
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95695b57c64f7bd2a63eaa7bfc0d9ba4a42511696039dc32694d5e9ef366df4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
cache-tag
616900813676679371873966473288068568581,476083543486782568568746076822847310510,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="ie_91073-850x560.webp"
content-length
4266
x-served-by
cache-iad-kiad7000042-IAD
last-modified
Sun, 28 Aug 2022 13:13:04 GMT
x-timer
S1662152533.614261,VS0,VE70
etag
"05f309c55e6da5690235e83cb14d454a"
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 12 Sep 2022 17:56:02 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2Fculturess.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91075-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fculturess.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91075-850x560.jpeg
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e537bd04ec8a852ccb4f9c183905564881ab5d74e4c55a867c39c5847ae08005

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
cache-tag
367326877285474738343963151295462155020,476083543486782568568746076822847310510,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="ie_91075-850x560.webp"
content-length
2930
x-served-by
cache-lga21945-LGA
last-modified
Thu, 25 Aug 2022 13:04:33 GMT
x-timer
S1662142081.907225,VS0,VE63
etag
"a85c1518ae115fb5a138922887e67ba7"
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 12 Sep 2022 17:56:02 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2Fculturess.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91181-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fculturess.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91181-850x560.jpeg
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e886206a116159b38d0d6828ace34e6f21274729825a6d92a71dee2c2dec4b65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
cache-tag
353346800595845255108185321061148207911,476083543486782568568746076822847310510,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="ie_91181-850x560.webp"
content-length
4120
x-served-by
cache-lga21941-LGA
last-modified
Tue, 23 Aug 2022 14:11:18 GMT
x-timer
S1661867776.722792,VS0,VE69
etag
"659cab28cc445b8ace69a2bf5fff82ac"
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 12 Sep 2022 17:56:02 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2Fculturess.com%2Ffiles%2F2022%2F07%2FKim-Chi-Chic-434-850x560.jpg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fculturess.com%2Ffiles%2F2022%2F07%2FKim-Chi-Chic-434-850x560.jpg
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8722734be0c355083eb7091acbc370d631975d03182cf7791b7fea751e34ad08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
cache-tag
401016502041067661967472636450664499169,476083543486782568568746076822847310510,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="Kim-Chi-Chic-434-850x560.webp"
content-length
3902
x-served-by
cache-iad-kjyo7100044-IAD
last-modified
Mon, 01 Aug 2022 09:35:42 GMT
x-timer
S1662126592.838333,VS0,VE2
etag
"11402bdff7987383c93388051ff9353b"
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 12 Sep 2022 17:56:02 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1
geo2.js
cdn3.optimizely.com/js/ Frame 54F3 		292 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo2.js?cb=1662400569785
Requested by
Host: d3ujids68p6xmq.cloudfront.net
URL: https://d3ujids68p6xmq.cloudfront.net/abw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
96.16.142.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-142-89.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
07906062c4cb6cf9965578634032e2573e30edd821b2cf0a68d8f3ce5ecbb367

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
x-amz-version-id
Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server
AmazonS3
x-amz-request-id
X7PFXN75RDZFHZ0B
ETag
"adadfc5d7afd13e353d9d52cec1c7827"
Content-Type
application/javascript
Cache-Control
max-age=59369
Date
Mon, 05 Sep 2022 17:56:02 GMT
Connection
keep-alive
Content-Length
292
x-amz-id-2
KXCq6comk7Lq5amOzbTWirk80o+3uG+30SpoOuXztnYMSbqB0Pm0fSnjNHduzlinny4+c7VPOy0=
;ord=1662400569787
ad.doubleclick.net/ddm/ad/hwve/tdb/ 		43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/ad/hwve/tdb/;ord=1662400569787?
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022083101.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f5d18b1769507b97d8718a598fcecd3bc9e270bc11a520d769b2d06452418f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 14:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131962
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 08:36:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Sep 2023 14:32:46 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		567 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=culturess.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab809458d9efa125c9ccb5952d6d68b86bddaa85b2706004f928ac8d019655af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
210
x-xss-protection
0
expires
Mon, 05 Sep 2022 17:56:02 GMT
Y3VsdHVyZXNzLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/Y3VsdHVyZXNzLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:56:02 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=11606
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
f6306447a6b7efb775732c08415f5767
Content-Length
16
Expires
Mon, 05 Sep 2022 21:09:28 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Wed, 05 Oct 2022 17:56:02 GMT
widget_iframe.c4bdc17e77719578b594d5555bee90db.html
platform.twitter.com/widgets/ Frame 6D17 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fculturess.com
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
421964
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Sep 2022 17:56:02 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 31 Aug 2022 20:40:57 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6760)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
js
www.googletagmanager.com/gtag/ 		206 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53e8bf1a49a2f76631d49e08800fe4b5a87ba7f094d189185604d44df74e186e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74509
x-xss-protection
0
expires
Mon, 05 Sep 2022 17:56:02 GMT
js
www.googletagmanager.com/gtag/ 		206 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QRG8P3B6SJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4db0b34910389b4cde633b1a16b6f3855c624b87c749681e804732a0a4b73d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74553
x-xss-protection
0
expires
Mon, 05 Sep 2022 17:56:02 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3242
date
Mon, 05 Sep 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 05 Sep 2022 19:02:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26752
x-xss-protection
0
pragma
public
x-fb-debug
jBvcSM1Zkzmi5/f82SEkHz6yHveZCGwmDcGH3HN8mdmkEITUjzRhTCzTSOdXQOM4NOBlOWZn/Jj3L2Y7TqpWbg==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 05 Sep 2022 17:56:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
124578X1617579.skimlinks.js
s.skimresources.com/js/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/124578X1617579.skimlinks.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ca8b364effc1bc14307e86e63c763d97ac4679909d03eee0581a1bfc2661b51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 08:55:38 GMT
server
AmazonS3
x-amz-request-id
CAT13BABTBXKH33M
etag
"100dbb52f697f7129a54f88fe7a4f56d"
x-hw
1662400562.cds280.fr8.hn,1662400562.cds246.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
20715
x-amz-id-2
MDRE8okCjreg9SkQTD5++vz3Gx7wyx5Vx6gjSmpXbaKWY/jGmfOgw5FivK6EgsX+FFH8nKMFGfM=
accessibility.js
cdn.equalweb.com/core/3.0.3/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.equalweb.com/core/3.0.3/accessibility.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68d4f7f16f4dc745363bb4541a1de458687ef3ec8f31200ea4133f9e655e2ae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378140
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Sun, 30 May 2021 11:33:38 GMT
server
cloudflare
x-frame-options
deny
etag
W/"0155a24755d71:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYPNHhFmpFc%2FyPX53izWc%2BkooiYcQs27qX0GroKbaswMuLjL5MsHV1e%2FdZbjogpMPJ5TTR6M%2Br0jGiHZ6QHniJr0XVMLX17vBqgh7%2FYWI3PkXKLJ3e2KbBA6EON6dbf2DbgbqyTJKBy2IHwMIjc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
7460d6dd9ddc68fd-FRA
mplayer_wrapper_v4_latest.js
www.oo-syringe.com/prod/players/ 		396 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_wrapper_v4_latest.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d41232914110d95654ae2bc395a7f3a69e0122ae1e9a10779e04aafff95165bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
_TZSWDCaXFkqshsiOa93IsGqg.MHFYgy
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 13:35:06 GMT
x-amz-cf-pop
SEA19-C3
etag
"15fb0a06aa62348c1dfb348580250f34"
vary
Accept-Encoding
content-type
text/javascript
date
Mon, 05 Sep 2022 17:56:02 GMT
accept-ranges
bytes
content-length
108547
x-amz-cf-id
enWr71XY-Ww0Dtu4ptITLCDTLZNKiGbTiRNpXHTdRqC1JPZeMVdxDQ==
index.non-platform.prod.latest.js
cdn.mmctsvc.com/commercial-api/ 		479 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.221 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d819eb3171878e122406f5b8430e11baedc026f70054199205cf736558e818f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
last-modified
Mon, 22 Aug 2022 10:03:51 GMT
etag
"493d8defe6c22d8b06ded602dcbd0b0f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
6000
accept-ranges
bytes
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
age
17467079
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
9EdxFJmJ6neMETrFkmRmoH1Ae7XFNhQI-ivTu5C5-1Qnb_5ImUR4iw==
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=18120612&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1662400569942&ns_c=UTF-8&c7=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&c8=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&c9=
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
9_Y8BdJt4UR7dQvtvo80gP7wFV_jdWuQ0wHZQJ0dqQMabs63w5CFHA==
x-cache
Miss from cloudfront
en.json
cdn.cookielaw.org/consent/0c4a9ffe-6742-48e8-b69c-606f41481017/2c2ab046-776b-4659-9030-64fc8f5d6c48/ 		126 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0c4a9ffe-6742-48e8-b69c-606f41481017/2c2ab046-776b-4659-9030-64fc8f5d6c48/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b898fc380e4e5659d960aa1732d650078a5d350eb4d07d571fd749bf48384fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
fhh+BHP+VnKJA21cIzzYww==
vary
Accept-Encoding
content-length
24031
x-ms-lease-status
unlocked
last-modified
Tue, 26 Jul 2022 15:27:45 GMT
server
cloudflare
etag
0x8DA6F1B63CB967D
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
35c2bdd0-901e-0131-4be0-b7c564000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d6dd9d509243-FRA
expires
Mon, 05 Sep 2022 21:56:02 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		350 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86abcf27cf5192ec6219333bfa420e42969d6c0ace395687dab2d3eaecdf1322
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
1Ij/+pDqScLVyemEzum+hw==
vary
Accept-Encoding
content-length
51230
x-ms-lease-status
unlocked
last-modified
Mon, 05 Sep 2022 15:07:46 GMT
server
cloudflare
etag
0x8DA8F50641D2041
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
aa7a09c5-b01e-00cc-3649-c1bc53000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d6dd9d519243-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/6.37.0/ 		68 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/otTCF.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
a9Vlhbbwqsoox/DXP8565Q==
age
14003
vary
Accept-Encoding
content-length
15011
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:56 GMT
server
cloudflare
etag
0x8DA6BAB50B11A38
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
13857594-401e-0051-48b2-9dc613000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d6dd9ec6995d-FRA
settings
syndication.twitter.com/ Frame 6D17 		709 B
589 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=12d9c9bd73ccf4649ca029b21748e11336436bb8
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fculturess.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time
111
date
Mon, 05 Sep 2022 17:56:02 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 17:56:02 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
23541e96a102d326ac60e327b1e84f1dace3099d03b4b81772e20d49b7d7a14f
content-length
308
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=496632634&t=pageview&_s=1&dl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ul=en-us&de=UTF-8&dt=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=673633083&gjid=1344857291&cid=660372148.1662400570&tid=UA-1577313-14&_gid=639148187.1662400570&_r=1&gtm=2wg8v0KXFQXHB&cd1=&cd2=386&cd3=https%3A%2F%2Fculturess.com%2F%3Fp%3D198760&cd4=kspinney&cd5=ENTERTAINMENT&cd6=Culture&cd7=Fashion&cd8=Article&cd9=Payable%20Pageviews&cd10=web-staticPHP&cd11=Culturess&cd12=Culturess%2CFashion%2CBeauty%2C21%20Days%20of%20Beauty%2CUlta%2CUlta%20Beauty&cd13=386&cd14=198760&cd15=34200&cd16=Culturess&cd17=&cd23=en&cd24=en&cd27=Article&cd73=400&cd75=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&cd76=%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&cd78=4&cd88=20220829&cm1=400&z=2029002451
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=496632634&t=pageview&_s=1&dl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ul=en-us&de=UTF-8&dt=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=91949483&gjid=262706075&cid=660372148.1662400570&tid=UA-62176714-31&_gid=639148187.1662400570&_r=1&gtm=2wg8v0KXFQXHB&cd1=&cd2=386&cd3=https%3A%2F%2Fculturess.com%2F%3Fp%3D198760&cd4=kspinney&cd5=ENTERTAINMENT&cd6=Culture&cd7=Fashion&cd8=Article&cd9=Payable%20Pageviews&cd10=web-staticPHP&cd11=Culturess&cd12=Culturess%2CFashion%2CBeauty%2C21%20Days%20of%20Beauty%2CUlta%2CUlta%20Beauty&cd13=386&cd14=198760&cd15=34200&cd16=Culturess&cd17=&cm1=400&z=418480394
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
robots.txt
t.skimresources.com/api/v2/ Frame 929B 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9646777859009241
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
via
1.1 google
server
Python/3.10 aiohttp/3.8.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=6.910241523760993
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=6.910241523760993
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
2811814612385369
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2811814612385369?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1b2ca6ff8eae7053a49885bd470d8208b92e834d9464869dfff89f6bb41a0cbf
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86320
x-xss-protection
0
pragma
public
x-fb-debug
LoVEBjUjX27hYp5HaxDQKH66JPcB1s7kWEyHVbQUridHtpc+PgCXR1FdRfGpgXsJCzHeY4CWMYcFMwJNRzbwXw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 05 Sep 2022 17:56:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
r.skimresources.com/api/ 		216 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
266dd23f7b6c0cd10e47dc420ce1734f0d62d32a867e5d543cef04fe77db0484
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://culturess.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1577313-14&cid=660372148.1662400570&jid=673633083&gjid=1344857291&_gid=639148187.1662400570&_u=YEBAAEAAAAAAAC~&z=391510495
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 05 Sep 2022 17:56:03 GMT
content-type
text/plain
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
cdn.equalweb.com/style/ 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.equalweb.com/style/default.css
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378141
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Sun, 09 May 2021 14:33:43 GMT
server
cloudflare
x-frame-options
deny
etag
W/"807da04fe044d71:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDYLcueensqGLmDhUDr%2BMg8i93T9y0u8SDfJM6TKM1a5SDzUnUlpe8HaRp81Mb7OTpnYAH1q9qs1Ci6FJp5ml81X%2B5hfoxH99DiF5WQuNHyaXT%2FLGC55z13lYGZsiEnSlDzWThSgpOdwqORA2uc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
7460d6dedfa568fd-FRA
btncolor.css
cdn.equalweb.com/style/ 		105 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.equalweb.com/style/btncolor.css
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
242381
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 11 Feb 2019 11:16:31 GMT
server
cloudflare
x-frame-options
deny
etag
W/"3f26cd3dfbc1d41:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opG52piycoGicQVU%2F7Dfga7moz5IOXRnoCYk991UICEy%2BEUHLoAIyb2ERj9FK0YNPjvxhTgnokUBH0mjs%2FoL9MGKIHufh6zvsI8Ye1xheNo7nvXKX7xC%2F%2F4elXeeJtrF%2F5owFQs6tpjWwZh%2BJSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
7460d6dedfa668fd-FRA
locale.js
cdn.equalweb.com/assets/scripts/ 		29 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.equalweb.com/assets/scripts/locale.js
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378141
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Sun, 18 Apr 2021 07:22:31 GMT
server
cloudflare
x-frame-options
deny
etag
W/"80d59982334d71:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XC15t6DiT4MZ4q5gxKtbuckUVvPR%2FfHrSCWCeR4BH5dH%2FDfk3w33c3ngTnY9kMbEMrPA7xcaaIK18AyobCNbAW2BSUG7KIqP8Prc7EP%2FZIlezzlMkV5bcqoyvErPwnADEDCPVbzY6USb9boY%2Bew%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
7460d6dedfa868fd-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/6.37.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
m6Q34Fu/3nPURAUs1csm8g==
vary
Accept-Encoding
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:48 GMT
server
cloudflare
etag
0x8DA6BAB4C3C8BAE
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0548e8c9-f01e-00a6-429e-9de0f8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d6df5f549243-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.37.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
fvP30c6fmdIqmF2AUGLdbQ==
vary
Accept-Encoding
content-length
13258
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:51 GMT
server
cloudflare
etag
0x8DA6BAB4DA69567
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7f0b0ad7-e01e-00f6-5297-9dfff0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7460d6df5f579243-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.37.0/assets/ 		22 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
TLLtdkuMahUQRVIfmZNHNw==
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:28:04 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
9c28ee0c-e01e-009b-24a6-9d55de000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7460d6df5f589243-FRA
collect
region1.analytics.google.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NB8RD6J3M6&gtm=2oe8v0&_p=496632634&_gaz=1&cid=660372148.1662400570&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662400570&sct=1&seg=0&dl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&dt=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&en=page_view&_fv=1&_ss=1&ep.post_vertical=ENTERTAINMENT&ep.site_domain=culturess.com&ep.post_fs_api_key=&ep.post_fs_topic_id=386&ep.post_guid=https%3A%2F%2Fculturess.com%2F%3Fp%3D198760&ep.post_username=kspinney&ep.post_division=Culture&ep.post_topic=Fashion&ep.post_type=Article&ep.post_payout=Payable%20Pageviews&ep.post_product_origin=web-staticPHP&ep.post_site_title=Culturess&ep.post_topic_csv=Culturess%2CFashion%2CBeauty%2C21%20Days%20of%20Beauty%2CUlta%2CUlta%20Beauty&ep.post_fs_site_id=386&epn.post_id=198760&ep.post_author_id=34200&ep.post_secondary_topic=Culturess&ep.post_content_type=&ep.Affiliate%20ID%20-%20Hit=&ep.Affiliate%20ID%20-%20Session=&ep.Affiliate%20ID%20-%20User=&ep.MM%20Player%20Name=none&ep.Injectable%20Unit%20Id=none
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NB8RD6J3M6&cid=660372148.1662400570&gtm=2oe8v0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NB8RD6J3M6&cid=660372148.1662400570&gtm=2oe8v0&aip=1&z=726032709
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
direct-events-collector.spot.im/api/v2/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ed8vmIJd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-41.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 17:56:03 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
d7m1WhOSpY8LlgtpuxNG3waDy05uCapsi7kC8IKeyqPi4eQISEXsrQ==
x-cache
Miss from cloudfront
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ed8vmIJd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 18:45:43 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
age
83421
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
0
x-amz-cf-id
L6WoThmc_vClrGI5zoFiM5pSwWMCNEqGs45OgZRrFCGalTvIXCSZsQ==
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
923 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ed8vmIJd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
ff864cd2bc3d86eae7baa487d447f3075587725f27086a114052c4269c1b0130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-spotim-device-uuid
09b2c7de-e49d-401c-aee3-fffc06b8cf4f
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-length
36
x-guid
09b2c7de-e49d-401c-aee3-fffc06b8cf4f
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
x-amz-cf-id
Tb1_g7OhyUU5camRGS-YNA3u7UGEwdOOywqkgYg8hTqqPvyYpEHgrg==
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QRG8P3B6SJ&gtm=2oe8v0&_p=496632634&cid=660372148.1662400570&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662400570&sct=1&seg=0&dl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&dt=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QRG8P3B6SJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		299 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c74bfd19cedcbfab8f92f307f5c9a314170d18d943795e91fa999e139985980
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65961
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 16:23:45 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Sep 2022 17:56:03 GMT
culturess.com.json
cdn.mmctsvc.com/adunits/ 		788 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.mmctsvc.com/adunits/culturess.com.json
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.221 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1345143a08742abcbce99e1f3439995f1a4a4b6739aebc12d4eb56cceb77de95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 17:20:25 GMT
etag
"df613c77600cbd9aaaf7cb909586cb90"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
6000
accept-ranges
bytes
content-length
276
geo
cdn.mmctsvc.com/.mc/ 		58 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.mmctsvc.com/.mc/geo
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.221 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce1aac0c461963d02f3b14497032a7f1f1352c5d64f727e3644a0aaef08ff877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
gzip
last-modified
2017-01-13
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
6000
content-length
75
wzMM.logger.js
content.wazimo.com/engine/common/widgets/mmlogger/ 		1 KB
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.wazimo.com/engine/common/widgets/mmlogger/wzMM.logger.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4579 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d3282900f478b5abd8d6e76d85a16e6d6ec60adba9b7648ff8e6c881505d9ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 13:56:58 GMT
server
cloudflare
age
3112
etag
W/"629f592a-5fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYTwPA5fpCCYXzQHH%2BwvSk%2BuctK3SslLlQgYeXdiAOa0cBHD5HltA6HBpAcAa0XWnQ2M%2B3LX1C%2FuXWe4eMFWUoIKO%2Bcf%2BZEwNZv%2BsfRExhtqGN6HneQckLkbpgPXBruztmD6NtnL1Hc%2FwLkEBzRdhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=1534
cf-ray
7460d6e0af3a9193-FRA
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
minify
mux.js
www.oo-syringe.com/prod/ 		337 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/mux.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6323865009dcb5c3a76c9f8dfb485d28eeceec77f8783565265e2c378d37e3d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
x-amz-version-id
zKDr1tGTeMrjUohEczWF1VZiqUanfaXu
content-encoding
gzip
last-modified
Thu, 06 May 2021 12:05:42 GMT
x-amz-cf-pop
SEA73-P1
etag
"6d13ad5f29e69baba39798f1074bc746"
vary
Accept-Encoding
content-type
text/javascript
date
Mon, 05 Sep 2022 17:56:03 GMT
accept-ranges
bytes
content-length
79352
x-amz-cf-id
o-f0AryYQrkiNb37JBJ8ef2y8zXT8c-crNx1QDkZD6T-yRf44abzlA==
mplayer_controls_plugin.4.3.84.js
www.oo-syringe.com/prod/players/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_controls_plugin.4.3.84.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
815c5cf96cba89df34f548dce80eb0b389538e7b5f223410882876612fc7f7c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
K1zmGXPPmVF1kUGni38AmiwyvEwK3K2b
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 13:35:06 GMT
x-amz-cf-pop
SEA19-C3
etag
"4722ee6fa6d7dace4f0fb84543804166"
vary
Accept-Encoding
content-type
text/javascript
date
Mon, 05 Sep 2022 17:56:03 GMT
accept-ranges
bytes
content-length
19235
x-amz-cf-id
ftGJQsvi8WhZQMWJd3EAx6redZ7uLhNMfLJ8dyNUc8nrIJP1no6RAw==
mplayer_read_more_plugin.4.3.84.js
www.oo-syringe.com/prod/players/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_read_more_plugin.4.3.84.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92bedfcf702976be1772280721f02346ec7cd570c6f116f7cf7032452666d3d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
g6yri_eB23Vbx7JAeKUiAjMze9kM.Iq3
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 13:35:06 GMT
x-amz-cf-pop
SEA19-C3
etag
"8a207818b61b98a34950dff4c4d7f96e"
vary
Accept-Encoding
content-type
text/javascript
date
Mon, 05 Sep 2022 17:56:03 GMT
accept-ranges
bytes
content-length
2593
x-amz-cf-id
ALzfsfz71ESFWsI2znhPdn4mWa31LnLSxyPXCgMREjsK3mWegF0ZYg==
mplayer_anchor_plugin.4.3.84.js
www.oo-syringe.com/prod/players/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_anchor_plugin.4.3.84.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
886a288f8411ed44778c0c250d1ee4a2080389f871b8bad18241bdfe58df505d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
tvwunJgSkiSYty8LjysGHpNgAEIuKWz8
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 13:35:06 GMT
x-amz-cf-pop
SEA19-C3
etag
"383fce96123dd0410486348683134ddf"
vary
Accept-Encoding
content-type
text/javascript
date
Mon, 05 Sep 2022 17:56:03 GMT
accept-ranges
bytes
content-length
2313
x-amz-cf-id
rgO6ssiK2JPzo0Gh9PpB6CnwSuh25O9jwNYtC3iJI-oLVAIR3cEXjQ==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 9AB6 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_wrapper_v4_latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 17:36:19 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:55 GMT
server
AmazonS3
age
1185
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
75SVPPgG4pov19_xQK_3oRyw6Vb0lm1i-Pm13u0KnjmP_SZcMhgicQ==
videos
content.voltaxservices.io/tenants/mmsport/properties/monti/playlists/types/semantic/ 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.voltaxservices.io/tenants/mmsport/properties/monti/playlists/types/semantic/videos?tags=fansided%2Clifestyle%2Cculturess%2Cfashion%2Cbeauty%2C21%20days%20of%20beauty%2Culta%2Culta%20beauty&scoped_keywords=FanSided%2CTPT%2CMental%20Floss%2CDBLTAP%2C90min&minimum_date_factor=7&scan_images_on_page=true&shared_with=network%2Cexclusive&url=jvvru%25253C11ewnvwtguu0eqo1424412%25253A14%25253B143%25252Ffc%25257Bu%25252Fdgcwv%25257B%25252Fdcem%25252Fwnvc%25252Frngpv%25257B%25252Ffgcnu%25252Fejqqug1&origin=culturess.com&
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_wrapper_v4_latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a52 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e87206265f9258c0d7b5eac8b0eec391e1f649bfb0b5a20346d864364a135ce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
PUT, POST, DELETE, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
restricted-videos-ids
01gb3af1kgy5nwd2h3nx,01gb3aex59prmyq7w7c4,01g9qnjy0rqaq5mzr9qm
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant
content-length
2714
geo
cdn.mmctsvc.com/.mc/ 		58 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.mmctsvc.com/.mc/geo
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_wrapper_v4_latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.221 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce1aac0c461963d02f3b14497032a7f1f1352c5d64f727e3644a0aaef08ff877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
gzip
last-modified
2017-01-13
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
6000
content-length
75
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1577313-14&cid=660372148.1662400570&jid=1267187047&gjid=1962272579&_gid=639148187.1662400570&_u=aGDAgEABAAAAAG~&z=1046692866
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 05 Sep 2022 17:56:03 GMT
content-type
text/plain
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cors
data.ad-score.com/v2/score/ 		60 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/v2/score/cors?s=1&callback=AdScoreCORS&cb=0.017779417129839103&pid=1000690&tid=O_O&l1=OO%20-%20culturess%20-%20EN%20desktop%20Organic%20Podding%20Main&l2=auto%20play&l3=https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/&l4=null&l5=yes&ref=&pub_domain=culturess.comtt=vtadid=mplayer-player-placeholder-4b4f13e6-db55-4a54-8a11-8777ce0cc3af&uid=660372148.1662400570
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a8a7ec14eb2db57e76702e317637d3376a787e8ea33454e02fc258fd72c4267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:03 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
60
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62176714-31&cid=660372148.1662400570&jid=91949483&gjid=262706075&_gid=639148187.1662400570&_u=YEDAAEABAAAAAC~&z=1147984029
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 05 Sep 2022 17:56:03 GMT
content-type
text/plain
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2smmVlSxb_yEsNZ28rqsXAjV_FEOVSaWdyboaf-p_jFSPaXiXq-TtVhC09sXPZ0bYP235dLU
memorizeneck.com/ 		191 B
696 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://memorizeneck.com/v2smmVlSxb_yEsNZ28rqsXAjV_FEOVSaWdyboaf-p_jFSPaXiXq-TtVhC09sXPZ0bYP235dLU
Requested by
Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ef1daccd18337081e387516cf3ac8f678b66492ff9a9b1b5f11ecf1d361fb6b4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
via
1.1 google
x-buildnumber
629166827
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
date
Mon, 05 Sep 2022 17:56:03 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-test-04vg
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 05 Sep 2022 17:56:02 GMT
css2
fonts.googleapis.com/ 		3 KB
444 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700;800;900&display=swap
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbdb7ee4ec4c78dae6c055edee73bee912597437048ad67daf903560f90c7417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 17:07:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 05 Sep 2022 17:56:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Sep 2022 17:56:03 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=660372148.1662400570&jid=673633083&_u=YEBAAEAAAAAAAC~&z=1199183359
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=660372148.1662400570&jid=673633083&_u=YEBAAEAAAAAAAC~&z=1199183359
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=660372148.1662400570&jid=1267187047&_u=aGDAgEABAAAAAG~&z=1197824283
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=660372148.1662400570&jid=1267187047&_u=aGDAgEABAAAAAG~&z=1197824283
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impressions
promotions.minutemediaservices.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://promotions.minutemediaservices.com/impressions
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:bc00:1:4290:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
sprite.svg
static-cdn.spot.im/production/icons/sprites/ 		23 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ed8vmIJd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
769317f76d7d2670d9445ac516c6888967c310c6c4df441799946b37bf8d8af8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
gJImWiUZ43TZkUACGUvnT4BAL8Ytwpd5
content-encoding
br
last-modified
Wed, 11 May 2022 08:57:43 GMT
server
AmazonS3
age
44145
etag
W/"5a00ba991fdd7fb0f560fb63f2f832e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
date
Mon, 05 Sep 2022 05:40:19 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
BK8cdunAYXQFqaJ9FpZK2Lk0Lo-5wDKbS7xgwWpSL69htxYGMg8Z2w==
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
19cf9d3ac20e2f44880a16b5eec41fc0
api-2-0.spot.im/v1.0.0/config/ab_test/sp_ed8vmIJd/ 		129 B
861 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_ed8vmIJd/19cf9d3ac20e2f44880a16b5eec41fc0
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ed8vmIJd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
aae9ac918a287059b8fd674ca5991cd38069a18ee5a3c927a0bae2312bb3c1bb

Request headers

Accept
application/json
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
x-spotim-page-view-id
36c37fa0-9944-4c57-b7c0-263a651db58f
accept-language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-spotim-device-uuid
09b2c7de-e49d-401c-aee3-fffc06b8cf4f

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
FRA56-P7
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://culturess.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
content-length
129
x-amz-cf-id
2mtFtqpiKVSNfV_dwMLUWB3s8ag4qFu9Ue7RJS0NdmFHc-LdNWAVQQ==
x-request-id
02333733-2d44-11ed-ab32-5e652dd938b7
19cf9d3ac20e2f44880a16b5eec41fc0
api-2-0.spot.im/v1.0.0/config/ab_test/sp_ed8vmIJd/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_ed8vmIJd/19cf9d3ac20e2f44880a16b5eec41fc0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://culturess.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Mon, 05 Sep 2022 17:56:03 GMT
server
fasthttp
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
x-amz-cf-id
lR2taPS7MoATshem3GePTDdc8zlmGQY17oCNUtVFeZbo9RXIIKy45w==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
link
t.skimresources.com/api/v2/ 		22 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.1
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://culturess.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2811814612385369&ev=PageView&dl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&rl=&if=false&ts=1662400570641&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662400570640.2080083778&it=1662400570080&coo=false&exp=e1&rqm=GET
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 05 Sep 2022 17:56:03 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9AB6 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
56149
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 02:20:15 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
tUdM7sQu-B3KS7OTI6roUmJhIi9o4l1LTistAh9yYFbfDPUW7St77g==
mplayer_header_bidding_plugin.4.3.84.js
www.oo-syringe.com/prod/players/ Frame 9AB6 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_header_bidding_plugin.4.3.84.js
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_wrapper_v4_latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88858746394e808583ef266c11a187912d469a25fb002287ea2ea5ff0b4919ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
K7J59h71M58AfkXRvujF7_IAnMB94y.o
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 13:35:06 GMT
x-amz-cf-pop
SEA73-P2
etag
"4044693552da6c8142207b46a69e4082"
vary
Accept-Encoding
content-type
text/javascript
date
Mon, 05 Sep 2022 17:56:03 GMT
accept-ranges
bytes
content-length
11623
x-amz-cf-id
A4qnhj7ltOF1y1dlS0o-fh3Uv2ifaYrCccZ2neZsKWes9Sy7zTMXzg==
4.svg
cdn.equalweb.com/assets/images/ 		386 B
601 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.equalweb.com/assets/images/4.svg
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb6d4ed9e70b9f611405b8e7e5c09782669c6f434fa81f990cc3690adfd6f20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378141
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 01 Aug 2019 12:49:31 GMT
server
cloudflare
x-frame-options
deny
etag
W/"dade21906748d51:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnIiojf%2FttHu%2BX8QbJ7gFQe1M2LjJwSPDjxJGHnDHFywcQU%2FC4zk3n5yIl%2BwijemvsqBo7W53PaGe38Mo39SDWNM45kL%2FBuqE%2FyQanizB0wyVZfD9SAjMfu9EB%2B3IXid8Hkov7wXXBBwCTw57ok%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
7460d6e1fcae68fd-FRA
custombtnstyle.css
cdn.equalweb.com/style/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.equalweb.com/style/custombtnstyle.css
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378141
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 10 Mar 2020 09:11:26 GMT
server
cloudflare
x-frame-options
deny
etag
W/"0b350e0bbf6d51:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jic0hY6Ek3731HlrSW62E%2FjAlulZFRdsPZxj%2FhQtF4x7OULifKPj7qp3Ag3gYe7dk%2FWKrnP7uMnR%2FT1g6GQj7UoNc2OrC0FZ%2Ft5Uw02v6BqRQRk9BrZ0ZwR5yxdISlvooh4FOfnzR8wuJ%2FFhMI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
7460d6e1fcb068fd-FRA
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3777&u=https%3A%2F%2Fculturess.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
b353528761824c57015ccfab1864b17a318778de4bc85cec9f66e2485bb1f49b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://culturess.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1244
x-amz-cf-id
k_g9V6iiv-fLmiJMOMh1gq9jQUih-0oVma-26Rr1OagN8uvkI3ce5g==
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LpuayL42jB78xRllx0vkOw==
age
12103
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:22 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
aa988356-f01e-016e-159b-be379a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7460d6e25d52995d-FRA
api
ls.skimresources.com/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.8 aiohttp/3.6.3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/json

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.8 aiohttp/3.6.3
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
api
ls.skimresources.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.8 aiohttp/3.6.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://culturess.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 05 Sep 2022 17:56:03 GMT
server
Python/3.8 aiohttp/3.6.3
via
1.1 google
page
t.skimresources.com/api/v2/ 		22 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:03 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.1
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://culturess.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
/
bqstreamer.com/tr/ 		0
438 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: content.wazimo.com
URL: https://content.wazimo.com/engine/common/widgets/mmlogger/wzMM.logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bZilHDozW0rSVbcB80IR2vFgNU7SYNEwkr9rrwRL%2FZqJHwTUyypGrCZZOeNWKSrAvv72ZADk2bdkJ7ZxCCHHDt%2BfwaKslpKGQQq2OeUFILct%2FPSxxRVDfOXN5ekd7d3Ef86PmTW1MSHA7IN"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7460d6e2bf159010-FRA
gtm.js
www.googletagmanager.com/ 		215 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KRHP5BL&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7e3cc7d8f8bd15f6015db6858751e9ce19b8097dc4259cf9d81c657cf37349d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51661
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Sep 2022 17:56:03 GMT
gtm.js
www.googletagmanager.com/ 		105 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PCL98KW&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6663429c3dbd4c3635c0ddd025f7f65d2966bcebfb857eae97a0b7376e71d795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40159
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Sep 2022 17:56:03 GMT
factors
factor-service.prod.voltaxservices.io/ 		40 B
500 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://factor-service.prod.voltaxservices.io/factors?mmPlayerLvl0=de&mmPlayerLvl1=de:desktop:culturess.com:chrome:windows%2010:%2f175840252%2ffansided.com%2fculturess%2fvideo:playerapi:4.3.84
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_wrapper_v4_latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::215:4a2a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09eb938302b8e15bf0bdc27afbb0d78ccfbeae9c6f3ef9fc28ed4c899462617a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
PUT, POST, DELETE, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant
content-length
53
mplayer_comscore_plugin.4.3.84.js
www.oo-syringe.com/prod/players// 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players//mplayer_comscore_plugin.4.3.84.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f048866db522bc805c2b6d236ab68294c57641b83c656eae40ed400510da3bfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
xw.zrt2GXLCj8ycYRDuN8QoszU0GUG0y
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 13:35:06 GMT
x-amz-cf-pop
SEA73-P2
etag
"ea9de5d0663640729781943cf8619952"
vary
Accept-Encoding
content-type
text/javascript
date
Mon, 05 Sep 2022 17:56:03 GMT
accept-ranges
bytes
content-length
13528
x-amz-cf-id
YkQU-LiGX1LBY22oWSkWI2hs0opXwZWTqpnL3RQL0PUmwDiCJbXY3Q==
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 17:08:09 GMT
x-content-type-options
nosniff
age
521274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 17:08:09 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 17:12:19 GMT
x-content-type-options
nosniff
age
521024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 17:12:19 GMT
get
odb.outbrain.com/utils/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&srcUrl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2Ffeed%2F&idx=0&rand=11242&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&adblck=false&abwl=false&px=240&py=2248&vpd=1048&cw=790&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000874&sig=uoZPnpct&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&cmpStat=1&ccpaStat=1&ogn=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e349c1140ed87747021cce86bf47256193e87df8229303c085e5d107197b6aca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1662400564.745379,VS0,VE303
accept-ranges
bytes
x-served-by
cache-lga21933-LGA, cache-fra19175-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
9f5bd3fa1e0de7da8c5252f658c85941
content-encoding
gzip
content-length
3714
expires
Thu, 01 Jan 1970 00:00:00 GMT
mplayer_shaka_voltax.4.3.84.js
www.oo-syringe.com/prod/players/ 		370 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.3.84.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e2c728752da90c7d2a77a2fb19c432e4f7ee62b75d322b50890b167d6ba4bd5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
VX1RmxyCyywBsp8vh4.1moOzRd5h9ymK
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 13:35:06 GMT
x-amz-cf-pop
SEA19-C3
etag
"94b748f194c78146b7a69390efd3ae64"
vary
Accept-Encoding
content-type
text/javascript
date
Mon, 05 Sep 2022 17:56:03 GMT
accept-ranges
bytes
content-length
118777
x-amz-cf-id
sZpSz896u1oxyOuOVkALibcCrT_QBY-dYNC1IwING5kTEGBFZoUAxg==
moat.js
www.oo-syringe.com/prod/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/moat.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e990aab2edded61f9eb6740fb5eb28fff4d69462b96ebe371b700e6bb319bd45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
x-amz-version-id
cqCb6oftCBR4g3kB01xepxAGq749bs6O
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 07:25:49 GMT
x-amz-cf-pop
SEA19-C3
etag
"73ea42f8fec6a330dd719d2e3bf83b41"
vary
Accept-Encoding
content-type
text/javascript
date
Mon, 05 Sep 2022 17:56:03 GMT
accept-ranges
bytes
content-length
819
x-amz-cf-id
2CrIkIATpduPmcVy7b0lHI7LJj3iqd1hza9W4T4qtF1v2kXSAaEpCA==
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-5.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
etag
W/"148e21f812b555a13b2a9c6b616141f4"
age
47978
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 04:36:26 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
1cRtgmeeKaVnh_TyBdhvMoIYRCHloF5TGZJfT3J4rus2j24WPNE55g==
load.js
s.ntv.io/serve/ 		479 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-56.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5525fe0659c283e57d8ca8f0ff56cba585bd7fe8532df9387c0a824ae35dec76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:56:03 GMT
Content-Encoding
gzip
x-amz-request-id
ZZ2TWXAK3B6161JT
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
FFNeDfXBg1D7638rP6mK2JqtFnTq6yldudB8ZEIF9kgjWPwadpaALoiDuB+nN9ks9SISkTjLugk=
Last-Modified
Fri, 02 Sep 2022 14:27:37 GMT
Server
AmazonS3
ETag
"9624bb208d35ae785b11a575256bbe77"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-21-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Mon, 05 Sep 2022 18:11:03 GMT
v2wywK00vmDecNO9pVYf948r8jdxbnOKExhqGftcpOzkLm40UIO-FM7QMA0A2JjHDCe4L4tYY
memorizeneck.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://memorizeneck.com/v2wywK00vmDecNO9pVYf948r8jdxbnOKExhqGftcpOzkLm40UIO-FM7QMA0A2JjHDCe4L4tYY
Requested by
Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
via
1.1 google
x-buildnumber
629166827
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
date
Mon, 05 Sep 2022 17:56:03 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-test-04vg
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
ec24cb303220fcfc94f8.svg
static-cdn.spot.im/production/launcher/tags/v2.85.0/launcher/ 		3 KB
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/launcher/tags/v2.85.0/launcher/ec24cb303220fcfc94f8.svg
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 06:36:55 GMT
content-encoding
br
age
1941549
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
549
last-modified
Wed, 10 Aug 2022 09:16:51 GMT
server
AmazonS3
etag
"2fb4c511e325b1064ff9babf599fbcee"
vary
Origin
x-amz-version-id
M22RvWes2wxCKSddhuX.fi3GBuco5N2s
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
amUKf9qgCilaLrRi0CHtLvs3xj7HTO34yB5LOKIjU0UmA2ZT-3yq6g==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ed8vmIJd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 18:45:43 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
age
83421
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
0
x-amz-cf-id
cNUSr0H7wNWrqFzlrTHB8OLPr0dpcz7SKDobZi8Ot-t_PRDp5c-5dw==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ed8vmIJd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 18:45:43 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
age
83421
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
0
x-amz-cf-id
0L3xGow4WkzzLy1-b7nkHwxNgdBVjTa2DKS0pTO1ayIKQhnRH9fkPQ==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Mon, 05 Sep 2022 17:56:03 GMT
gtm.js
www.googletagmanager.com/ 		317 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PL4PD49
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_wrapper_v4_latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
99c16a7b377eeef3c6d01e83fd7bc69b2d244bfeb53b80ab0e6e1ba87386ad22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82691
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Sep 2022 17:56:03 GMT
ns.html
www.googletagmanager.com/ Frame 1F83 		266 B
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-PL4PD49
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 17:56:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
comScore-JS-6.2.3.180328.min.js
bucket1.mm-syringe.com/lib/ 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket1.mm-syringe.com/lib/comScore-JS-6.2.3.180328.min.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce270c9952a278a73384c409e1bc02e7b5367767702a1d87d5105b9aef3e91ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
x-amz-version-id
UP2tnScyf0IkbIh1GVgoQZiM5AlMQNdo
content-encoding
gzip
last-modified
Sun, 31 Mar 2019 15:57:40 GMT
etag
"18a99636882ae65fbb2e600e276380ca"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=26859188
date
Mon, 05 Sep 2022 17:56:03 GMT
accept-ranges
bytes
content-length
43460
ads.js
static-cdn.spot.im/production/ads/tags/v21.5.0/ads/ 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v21.5.0/ads/ads.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b24793c627bd2413036d2612e3799c76da967359153a6f01ca2316592709ad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
RGgWCm1RrvbLUsBxIXY2fXOgFjIkITYZ
content-encoding
br
etag
W/"a14e0bd6bcb7c4a0f116a31cd707c341"
last-modified
Fri, 19 Aug 2022 07:20:00 GMT
server
AmazonS3
age
57745
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date
Mon, 05 Sep 2022 02:35:58 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
-Dwu6YyQGCp9FsEWvLZoj5-KePwEe8MJEHdA0BIkTp6OAK-Csf4wjw==
ads.css
static-cdn.spot.im/production/ads/tags/v21.5.0/ads/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v21.5.0/ads/ads.css
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0254cc54470c23817c68274abda4fd059880ce2f1a723ae624e9b339562d85a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
m1MN_DCI79g6_zB9.BfzWU8APqTecKci
content-encoding
br
etag
W/"8c64854d9eaae858f78b6c00a4f98e2a"
last-modified
Fri, 19 Aug 2022 07:20:00 GMT
server
AmazonS3
age
52394
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date
Mon, 05 Sep 2022 03:22:50 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
OsaavIXzJqd42L0XwK443AptUcYNjU6SC2wuKFBZiNIUaPiYe6GzRQ==
/
geo.privacymanager.io/ 		28 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-89.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 03:51:43 GMT
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront), 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
age
50660
x-amzn-requestid
280485d8-1174-4ae3-8b23-93fac758c2a4
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6315724f-4770d3a25ce5a3251dc13bab;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA60-P3
x-amz-apigw-id
X97MZGCwjoEFpLw=
content-length
28
x-amz-cf-id
pyxcc3fJtHKqrZFb380quZhQv5zYOwNSSa-UEyP_TkJjvvwTT0TP4w==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
bqstreamer.com/tr/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Zw6nvZHtEWbzmIbm5nWhx3fY%2BOtah5zSLZ1hcyBEa2Q1a8RmXrBXDFFd1aR4x1MmUB8tlTPyQy%2FLWkJgi9TU6gNBAt9zrxEzLXHy%2Bozz7IwJsoapDB%2F2YeW4M5BvZSnYjKEdCfT5HwU5gFf"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7460d6e4da1b9978-FRA
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3777&u=https%3A%2F%2Fculturess.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
b353528761824c57015ccfab1864b17a318778de4bc85cec9f66e2485bb1f49b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:02 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://culturess.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1244
x-amz-cf-id
oeuuDVMXy7H9WyB0DTLWvA8rdQf3AfyXBKPgnSBJFpVo9vfPhdwFMQ==
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_ed8vmIJd/ 		30 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_ed8vmIJd/v2
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.5.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
23272b9c8e03e5972c0c3d0ed2fedfaf16cfd913766077399fc7d54b77230e8b

Request headers

x-guid
09b2c7de-e49d-401c-aee3-fffc06b8cf4f
x-post-id
19cf9d3ac20e2f44880a16b5eec41fc0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-spot-id
sp_ed8vmIJd
x-spotim-page-view-id
36c37fa0-9944-4c57-b7c0-263a651db58f
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
x-access-token
null

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
x-request-id
0288083b-2d44-11ed-b4dd-1ecf155ff9c0
access-control-allow-origin
https://culturess.com
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
access-control-expose-headers
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id
ONriG5IzURE6KxiNtQ1eDm5LbnJ97fu_bpeNrYbiFQDQy1uTeslxsg==
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_ed8vmIJd/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_ed8vmIJd/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://culturess.com
access-control-expose-headers
access-control-max-age
86400
content-length
0
date
Mon, 05 Sep 2022 17:56:04 GMT
server
fasthttp
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
x-amz-cf-id
Xa5yhbzvNvB01pAB4i_H-pO5i-e8LfA61sfGGQOgf_9boG8mOR_82Q==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
t
jadserve.postrelease.com/ 		115 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ntv_med=1&ntv_mvi&us_privacy=1---
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
122
expires
Mon, 1 Jan 1990 12:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://culturess.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Sep 2022 17:56:04 GMT
server
ATS/9.1.10.25
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://culturess.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7460d6e5df08902e-FRA
content-length
0
date
Mon, 05 Sep 2022 17:56:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FE4MJhpi4fCQ0ctsuH%2Bql8D%2BR5PrKu%2BeQU2WHYiOU%2FnnvnE99nEDdZsO0PmOQQSg3bP854H3PqOXWQ40%2B0OwTwlGDV1RoOZY7qUZ5%2FYYWkGrmaJV1eWUzE7idXV8E6%2FUDg2CMsAiwNk7hTgGMw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://culturess.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Sep 2022 17:56:04 GMT
server
ATS/9.1.10.25
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://culturess.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7460d6e5df09902e-FRA
content-length
0
date
Mon, 05 Sep 2022 17:56:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rlY8td8gBmUNsWrZrZEFk1vf6nXmpd0HPRaFoR0LHECNLHW%2BJIe4NoOn3ROdNwTcFrvT7iLZ107DUHE8Q%2FkSgzQfcKm%2F%2BcfrawVBBQnjEXn2XmDXbuV5Tum8VvWZS8lfY88gg1f%2BsH1MyrJbw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
hb
ssc.33across.com/api/v1/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		137 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cf106ddb920508507c27bd1fded19bcb7cf865ef330e49b0f8df876e19e23ca9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ab38d09e-4394-49c9-a8d9-554f005e6b27
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tmax=1000
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
45cb6cc8d1bd6ce3a958654879851db3bb5517d234b406eb6cff7ab6a8685b86

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e0ec04a708c2a53fb990c74bb5d0c278ba14eda619bd5e35752e279f4f84dd74

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
content-length
66
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
date
Mon, 05 Sep 2022 17:56:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.36.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-36-89.compute-1.amazonaws.com
Software
/
Resource Hash
546bc420f96518175d95e7b555319031fe1a53fd3d7ed2e7bc7d65a4aed8ecca

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://culturess.com
x-reason
maxmind anonymous
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
/
shb.richaudience.com/hb/ 		4 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-max-age
86400
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/212244/0/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212244/0/mvo?z=1r&hbv=6.29.1,2.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
openrtb
ex.ingage.tech/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22c719e588ab16bc1bdf8e2c4f80091d9202a4682953dded9d67b67ce31aecd

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9XCQfQsSmcA6jgEXy7DddxumQze9fjozA%2BMIHdbLxgPSanXe254LCQVN5ZC7oOOaMQeJ7hrqyEQnZRiNwFgiJ7i6KKK%2BbH%2B3mz93088GwucXEm6Qc%2FSqCop4Cx38XYHiZW0D48%2FgSbO6rKKbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
cf-ray
7460d6e6af889baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=545698&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2221f27a090f25d34%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2222262cb0b015323%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22545698%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22175840252%2Ffansided%2Fculturess.com%2Fdynamic%23MM_DISPLAY_MANAGER_AD_DYNAMIC-1-2%22%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4e849f96f50649d674f5a281b50f52c42a1495031cbf834d7160eda110172f

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iU5R1%2B7jET3iGxrWv16psG1ir47BLNW1IlNOvYlEYnucG0JyiDxufBjCY%2F7LYYp87ZbAecvWi58Dzf6bPxUczzDQ8nu68309N9Ca4nmDWUj2WT20s3czQaToTiHcFt6xMm0iHKa1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7460d6e5de54bb4f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid-request
a.teads.tv/hb/ 		16 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.69.48 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 05 Sep 2022 17:56:04 GMT
prebid
ads.yieldmo.com/exchange/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.29.1&p=%5B%7B%22placement_id%22%3A%22MM_DISPLAY_MANAGER_AD_DYNAMIC-1-2%22%2C%22callback_id%22%3A%22262a22c8195943%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222530621563095425440%22%2C%22bidFloor%22%3A0.1%2C%22gpid%22%3A%22175840252%2Ffansided%2Fculturess.com%2Fdynamic%23MM_DISPLAY_MANAGER_AD_DYNAMIC-1-2%22%7D%5D&page_url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&bust=1662400571243&dnt=false&description=It%27s%20that%20time%20of%20year%20again%20where%20Ulta%20Beauty%20breaks%20out%20the%20deals%20and%20gets%20us%20all%20ready%20for%20back%20to%20school%20and%20the%20holiday%20season!&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&w=1600&h=1200
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.13.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-13-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ea8788a247680bb2b778f7a7825d1ee88fae6fae76518b8da3cb01d3abf83308
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dfc5472a-b367-4107-ab2b-69deca09ae69
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		336 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17598&site_id=206582&zone_id=1677732&size_id=15&rf=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tg_i.pbadslot=175840252%2Ffansided%2Fculturess.com%2Fdynamic%23MM_DISPLAY_MANAGER_AD_DYNAMIC-1-2&tk_flint=pbjs_lite_v6.29.1&x_source.tid=4d10e4f6-5d8e-45bb-ab13-76c2dbb6bcd8&l_pb_bid_id=30c18929447ced1&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=175840252%2Ffansided%2Fculturess.com%2Fdynamic%23MM_DISPLAY_MANAGER_AD_DYNAMIC-1-2&slots=1&rand=0.675481870183094
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9c76e0206accc26905693d9f76e9b4df8614cec090c885c2008b2dfd21c1117f

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
336
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
minutemedia-d.openx.net//w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://minutemedia-d.openx.net//w/1.0/arj?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4d10e4f6-5d8e-45bb-ab13-76c2dbb6bcd8&nocache=1662400571251&aus=300x250&divids=MM_DISPLAY_MANAGER_AD_DYNAMIC-1-2&aucs=175840252%252Ffansided%252Fculturess.com%252Fdynamic%2523MM_DISPLAY_MANAGER_AD_DYNAMIC-1-2&auid=541176476&aumfs=100
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
dcab25a0426be1dd0c6bc6dbae1dbe3175b11325928a56808a73933a314ba221

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&pid=hbWRrnkc9DDR9&cb=0&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%22MM_DISPLAY_MANAGER_AD_DYNAMIC-1-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22175840252%2Ffansided%2Fculturess.com%2Fdynamic%22%7D%5D&gdpre=1&gdprc=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
0PBQ3MGNMHZMKZ15DF44
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
C0ITZu57LwwkaTnzazLc-TXqfigu9R66puRgVFaGK-gVz22aXYHVqg==
prebid
ads.yieldmo.com/exchange/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.29.1&p=%5B%7B%22placement_id%22%3A%22MM_DISPLAY_MANAGER_AD_DYNAMIC-1-6%22%2C%22callback_id%22%3A%2235debf072922788%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222530621563095425440%22%2C%22bidFloor%22%3A0.1%2C%22gpid%22%3A%22175840252%2Ffansided%2Fculturess.com%2Fdynamic%23MM_DISPLAY_MANAGER_AD_DYNAMIC-1-6%22%7D%5D&page_url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&bust=1662400571260&dnt=false&description=It%27s%20that%20time%20of%20year%20again%20where%20Ulta%20Beauty%20breaks%20out%20the%20deals%20and%20gets%20us%20all%20ready%20for%20back%20to%20school%20and%20the%20holiday%20season!&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&w=1600&h=1200
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.13.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-13-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=545698&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22365012a05335a23%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22376e56f9d7d13f7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22545698%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22175840252%2Ffansided%2Fculturess.com%2Fdynamic%23MM_DISPLAY_MANAGER_AD_DYNAMIC-1-6%22%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d6f3768800426b1412342d6b228ebc1bb47470d69ac9545bcd82884395c94f

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rK7t7IeUNHE%2BLoPiz7HJKxMi1wgo7doWwtBQRpmugVltPGbPhyyMczdAkLyYFbbEIm6I39WEFPC2ZX8T6J%2BCuxGy5mEUR0l1ZtmlVB9a9fKa6bnuRWYzmqfeLCEkyi4kYe1r0qhz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7460d6e5de56bb4f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.36.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-36-89.compute-1.amazonaws.com
Software
/
Resource Hash
e9fd25aa3e17a2594fa6d5f50f6bc55ac2c44b2296d3d96cc1c4e9463a4b3a91

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://culturess.com
x-reason
maxmind anonymous
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid
ib.adnxs.com/ut/v3/ 		139 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
316963d777ae788cb264320e843e57418e18e70f1eac81c907cefc1d44fc55a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6869f1bd-d5bb-4e41-8ea5-96073308cd89
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/212244/0/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212244/0/mvo?z=1r&hbv=6.29.1,2.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tmax=1000
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
accept-ch
sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
edb92fdbb337fa1c6c7b2c63381bcc201243b3c78db49148dadff01f443fadef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a8185e7b-2baa-478b-9235-6d4e7f5af666
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
shb.richaudience.com/hb/ 		4 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-max-age
86400
access-control-allow-credentials
true
arj
minutemedia-d.openx.net//w/1.0/ 		73 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://minutemedia-d.openx.net//w/1.0/arj?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cb5e35e9-4281-4692-8117-21cca052e0a3&nocache=1662400571267&aus=300x250&divids=MM_DISPLAY_MANAGER_AD_DYNAMIC-1-6&aucs=175840252%252Ffansided%252Fculturess.com%252Fdynamic%2523MM_DISPLAY_MANAGER_AD_DYNAMIC-1-6&auid=541176476&aumfs=100
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c5137492d53d4889386da70f1c4dc76f59a27ea8e14bb972907910f3fc43e786

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
dca30f13a0b0df646e93ec171d01b368dcb2680fb0e19f0871786889ea444169

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0580c7a91ec2c6c965620c9db0fe5b979fbaf9edba6e3099baa353413fc25743

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
content-length
66
openrtb
ex.ingage.tech/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d335bc307971ab0aaa0ddc3d5374f7bb9640dddbe77533831aef185b4d1cdb30

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVzSciYzR4GIuFrDQYTLb0nRZnXPZt4LdZEs5guxOYjNrCgntDm1FwAbvTXguT25pr1Jkmj1KNbfXBVCSl%2F4a0H5eCHm%2FeGpE40p7nWH0vxYpwQYo1t0HJN7LdtHpEq9nP%2BCX1wA2py8gWmBeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
cf-ray
7460d6e7184c9baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
date
Mon, 05 Sep 2022 17:56:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		10 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17598&site_id=206582&zone_id=1677732&size_id=15&rf=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tg_i.pbadslot=175840252%2Ffansided%2Fculturess.com%2Fdynamic%23MM_DISPLAY_MANAGER_AD_DYNAMIC-1-6&tk_flint=pbjs_lite_v6.29.1&x_source.tid=cb5e35e9-4281-4692-8117-21cca052e0a3&l_pb_bid_id=63ce32945d8b6cb&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=175840252%2Ffansided%2Fculturess.com%2Fdynamic%23MM_DISPLAY_MANAGER_AD_DYNAMIC-1-6&slots=1&rand=0.13805466780873243
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d3dba596b660652951e5ea23772ca72eb18be97d7f81e21cb65d845af7bb397b

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
5255
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.69.48 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 05 Sep 2022 17:56:04 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&pid=hbWRrnkc9DDR9&cb=1&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%22MM_DISPLAY_MANAGER_AD_DYNAMIC-1-6%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22175840252%2Ffansided%2Fculturess.com%2Fdynamic%22%7D%5D&gdpre=1&gdprc=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
QRHEYJEPA6YR7XWTJ0DQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
DLlSkeW9Q5g46JviBV1dSqTk1KCipaz35sX4FcM-05wv-bHHw62ZJw==
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&pid=hbWRrnkc9DDR9&cb=2&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%22MM_DISPLAY_MANAGER_AD_STATIC-0_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22175840252%2Ffansided%2Fculturess.com%2Ftop%22%7D%5D&gdpre=1&gdprc=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
R5QAE4FN0KY5K34W4R8X
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
r2ttvqVnFpBLVSJtaeGwZv4uGJ6Af-ZebNr5G0fxYI52zCrZ5i1rSw==
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&pid=hbWRrnkc9DDR9&cb=3&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%22MM_DISPLAY_MANAGER_AD_STATIC-1_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22175840252%2Ffansided%2Fculturess.com%2Frightrail1%22%7D%5D&gdpre=1&gdprc=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
0FZAS4WDQ6F61EARKMND
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
DajuFJ4FpsseGE9zB0XNjPwB4PRdS37NnT9g1g2J8xyKu47QyLgN4w==
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&pid=hbWRrnkc9DDR9&cb=4&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%22MM_DISPLAY_MANAGER_AD_STATIC-2_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22175840252%2Ffansided%2Fculturess.com%2Frightrail2%22%7D%5D&gdpre=1&gdprc=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
1QSS0H210Q4GQ0T4979B
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
UEprKIhRtBktkYcaA5nMdvhu-abCVeZmDRrcuNveL_OAG_rHeCaTLQ==
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&pid=hbWRrnkc9DDR9&cb=5&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%22MM_DISPLAY_MANAGER_AD_STATIC-3_4%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22175840252%2Ffansided%2Fculturess.com%2Frightrail2%22%7D%5D&gdpre=1&gdprc=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
F27BRDNKGJ085A8BDT9G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
e7fnlzLMvtzideRLFtf-mAKTq15AHDAnLDF1ZpCBKOuDnLfrWhsGSw==
/
www.facebook.com/tr/ Frame 90C3 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://culturess.com
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://culturess.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 17:56:04 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
tag.js
a.teads.tv/analytics/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL4PD49
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.69.48 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d9de14770fcd48eb127eefe75a2eca6167f8f380b6308a113125eb5645169b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
FAPL_wTzO6B92asTZLcsQA5j4jAsD17M
content-encoding
br
last-modified
Thu, 01 Sep 2022 14:20:42 GMT
x-amz-request-id
34JQ8JSSQNXMM4GF
etag
"b1ef884d17656ee9761c3eac58efad1b"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
date
Mon, 05 Sep 2022 17:56:04 GMT
accept-ranges
bytes
content-length
4878
x-amz-id-2
CVJUENNqY/rDWxAhd0DRyurdutGmf0waf7OpRA2nrnSfPXxziNbcg0iW5HeGpYZL4VZ7Df3XhLk=
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://culturess.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7460d6e729a19a03-FRA
content-length
0
date
Mon, 05 Sep 2022 17:56:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2B%2BD30bqh9GMChgfSNQf2nnqWtFc9ppiCsopQjioAPqIFlYwN2019cCpVGzEIfgwPh4gGjAvJNkg5Voa0TKXiRWVXdlGNpJ2MTqJt2bDpu%2BuaMWAEY5TFzUgQPhY5l5e%2Fne39KD9aMhJdDkS0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://culturess.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Sep 2022 17:56:04 GMT
server
ATS/9.1.10.25
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tmax=1000
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
openrtb
ex.ingage.tech/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc680c24e2b848d44cbbbee20309665a60bdaa5120ee5657d52d89d2a1797cec

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C40sbK8NT2z6bcUE0PwoKe8otAL%2BvpYrOcZrKJ1oQXtT%2BJlap6lfC2KNJY33o3Bp03mE9%2FnuWc9l4iemYow2lmO553S8CRgeFGnAnJ%2BOYWh0mzxJ1jJu1QoutWj%2BREnyfqgW53tRf2A9hlK%2B5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
cf-ray
7460d6e81a359baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
76cf72bac6a54c14faf63e13fd4b0e5050472227111fb2b32ccc3e33e6bb1899

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
content-length
66
bid
ap.lijit.com/rtb/ 		25 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
627a7af0d9a6bb7196e156cc0ffd3423d3b7402fe9549bbb029a00af5b4a1555

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.36.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-36-89.compute-1.amazonaws.com
Software
/
Resource Hash
1b020ac6651afe11ce3602c0fa3754bb12e96760de4b04bd7f8d06feadfd5fe7

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://culturess.com
x-reason
maxmind anonymous
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
fastlane.json
fastlane.rubiconproject.com/a/api/ 		330 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17598&site_id=206582&zone_id=1677732&size_id=2&rf=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tg_i.pbadslot=175840252%2Ffansided%2Fculturess.com%2Ftop%23MM_DISPLAY_MANAGER_AD_STATIC-0_1&tk_flint=pbjs_lite_v6.29.1&x_source.tid=dabfded9-c548-425d-80b9-2a35eed2d6ba&l_pb_bid_id=78964446e6169fb&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=175840252%2Ffansided%2Fculturess.com%2Ftop%23MM_DISPLAY_MANAGER_AD_STATIC-0_1&slots=1&rand=0.05964601745293141
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b2e8b8067ace82754ecb961cee8390984c73a5c6dc1629b3fb9a58a6365513c8

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
330
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
660bded38976f0a5209c78f973a6eb9e04be64d95c366cbb84165679e5cd100a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c828c5b7-74a5-49e0-9f3a-4322f01c902d
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		137 B
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a0e7aca8885f4c74508603b04d7f8f68f1dbac80943bce2d0e1fbffa1dce59ca
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fa89c1a0-4fac-4640-b48a-4aab32f50c5b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
minutemedia-d.openx.net//w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://minutemedia-d.openx.net//w/1.0/arj?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dabfded9-c548-425d-80b9-2a35eed2d6ba&nocache=1662400571465&aus=728x90&divids=MM_DISPLAY_MANAGER_AD_STATIC-0_1&aucs=175840252%252Ffansided%252Fculturess.com%252Ftop%2523MM_DISPLAY_MANAGER_AD_STATIC-0_1&auid=541176476&aumfs=100
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1974e75d20db36d05750128cb3ef2c2d471cf5063a6c05eb5e3f6e1016e04e15

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
shb.richaudience.com/hb/ 		4 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-max-age
86400
access-control-allow-credentials
true
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Wed, 05 Oct 2022 17:56:04 GMT
2f86dc938a55788d3416b876b43a116a.woff2
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/db.onlinewebfonts.com/t/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/db.onlinewebfonts.com/t/2f86dc938a55788d3416b876b43a116a.woff2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::217:6113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Origin
https://culturess.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
x-user-agent
standard
referrer-policy
no-referrer-when-downgrade
x-cache-config
0 0
server
Akamai
date
Mon, 05 Sep 2022 17:56:04 GMT
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=0, no-cache
content-length
564
expires
Mon, 05 Sep 2022 17:56:04 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=a8dac4ece6b196dfddbf0a82298124cc_199081_1662400563999&tm=1661&eT=0&widgetWidth=790&widgetHeight=37&widgetX=240&widgetY=2275&wRV=2000874&pVis=0&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&cheq=0&rtt=625&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
X-TraceId
541496685d69deb9407d4926768a90c2
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
streamFeed.js
widgets.outbrain.com/nanoWidget/2000874/module/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000874/module/streamFeed.js?e=2
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d542f80e9048b08b7ef8009c5f888ed2365f42b20543a15b4457d067e2ae4a8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
last-modified
Sun, 04 Sep 2022 10:17:41 GMT
server
AkamaiNetStorage
etag
"69f504dc48aafc74d37b60e93d71c404:1662287679.687315"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
14141
expires
Mon, 05 Sep 2022 21:56:04 GMT
get
odb.outbrain.com/utils/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose&srcUrl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2Ffeed%2F&idx=1&rand=12667&key=NANOWDGT01&widgetJSId=SB_1&va=true&et=true&format=html&t=YThkYWM0ZWNlNmIxOTZkZmRkYmYwYTgyMjk4MTI0Y2M=&adblck=false&abwl=false&px=1065&py=523&vpd=0&cw=300&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000874&sig=uoZPnpct&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&cmpStat=1&ccpaStat=1&ogn=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed9ef6b6f7b65ab5ae280b4e082da7a12060c2ede37b4612f343bea3994811de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1662400564.362806,VS0,VE134
accept-ranges
bytes
x-served-by
cache-lga21926-LGA, cache-fra19175-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
bc7e15e36bce195ca61e48dd911e6d40
content-encoding
gzip
content-length
3000
expires
Thu, 01 Jan 1970 00:00:00 GMT
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"65df986ae65cffdf92a926e7c42a25a8:1656855971.383201"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
12268
expires
Wed, 05 Oct 2022 17:56:04 GMT
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://culturess.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7460d6e75a039a03-FRA
content-length
0
date
Mon, 05 Sep 2022 17:56:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1s2VhMkgtn5LGCXy3to7nSihS8n%2FRhDQu7ebYviBaIQNpG2AQmUivSqgUXz0BMPBTsPF8QYK7PQbfR3hH4PCSbEIPqNVegfLNy4IYfg6nNjVDl8Mun72WWduP0cDnJjn39o9axFiv8N5hbEWHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://culturess.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Sep 2022 17:56:04 GMT
server
ATS/9.1.10.25
arj
minutemedia-d.openx.net//w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://minutemedia-d.openx.net//w/1.0/arj?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=053473df-5e35-43c2-8bcf-ce339d251824&nocache=1662400571507&aus=300x250%2C300x600&divids=MM_DISPLAY_MANAGER_AD_STATIC-1_2&aucs=175840252%252Ffansided%252Fculturess.com%252Frightrail1%2523MM_DISPLAY_MANAGER_AD_STATIC-1_2&auid=541176476&aumfs=100
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
da2cc9b499be1080e005553fb99c124cc4e1e3bbffeaae7a86f507c3e5b512ef

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
183991764bf3732d470bb64c7e492f4a24d34e2217d78f533257fc161c42c3c1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e5bd4f2a-9831-4c5b-94a1-967531dcff71
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b762ea03a42a9958848791fe4a671e450af0cdf74fde12a07f8267e45cd43607
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5809e097-6280-4af9-af4a-be66e7ed6650
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.36.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-36-89.compute-1.amazonaws.com
Software
/
Resource Hash
0a917e38ffea540e35a7df103a72def2942bdb05de0f1b9b3a72fb1bd24ed1c1

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://culturess.com
x-reason
maxmind anonymous
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
/
shb.richaudience.com/hb/ 		4 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-max-age
86400
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.29.1&p=%5B%7B%22placement_id%22%3A%22MM_DISPLAY_MANAGER_AD_STATIC-1_2%22%2C%22callback_id%22%3A%221007b486dfba4111%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222530621563095425440%22%2C%22bidFloor%22%3A0.1%2C%22gpid%22%3A%22175840252%2Ffansided%2Fculturess.com%2Frightrail1%23MM_DISPLAY_MANAGER_AD_STATIC-1_2%22%7D%5D&page_url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&bust=1662400571511&dnt=false&description=It%27s%20that%20time%20of%20year%20again%20where%20Ulta%20Beauty%20breaks%20out%20the%20deals%20and%20gets%20us%20all%20ready%20for%20back%20to%20school%20and%20the%20holiday%20season!&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&w=1600&h=1200
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.13.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-13-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
mvo
tag.1rx.io/rmp/212244/0/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212244/0/mvo?z=1r&hbv=6.29.1,2.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
date
Mon, 05 Sep 2022 17:56:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
ex.ingage.tech/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dc6cbbd4ee387bbd3c69a9b1522f374c1b1b491ef0f5f046d096f8acd1fe92d

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soBAQrwajXMEAzRqh3Lnzk2KfLVo8RbIfIx%2F3LPtQ82ZCxAQzlSJYU6gQ7VaY4gaLmN1j%2F7EhZZoc827%2FBwor2p1gI6AIjUOO6rY52iLnjIQA56Hzd5k%2BfbuUiVgUkLlX2t1yZ5E665qGXF8dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
cf-ray
7460d6e81a349baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bid-request
a.teads.tv/hb/ 		16 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.69.48 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 05 Sep 2022 17:56:04 GMT
hb
ssc.33across.com/api/v1/ 		0
0
bid
ap.lijit.com/rtb/ 		25 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cfabd0a5afa6076aba37b51231bfc537ba1aa9cb83b9f14bb938de8e00db7828

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tmax=1000
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d36d3105e4f61aaea6f9aa3dd2ad471b1fbd5cb038e31f50da6bbf2ea9faa059

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
content-length
66
fastlane.json
fastlane.rubiconproject.com/a/api/ 		358 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17598&site_id=206582&zone_id=1677732&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tg_i.pbadslot=175840252%2Ffansided%2Fculturess.com%2Frightrail1%23MM_DISPLAY_MANAGER_AD_STATIC-1_2&tk_flint=pbjs_lite_v6.29.1&x_source.tid=053473df-5e35-43c2-8bcf-ce339d251824&l_pb_bid_id=118979be72854432&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=175840252%2Ffansided%2Fculturess.com%2Frightrail1%23MM_DISPLAY_MANAGER_AD_STATIC-1_2&slots=1&rand=0.43102699177203707
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
549db53ab98e0049c0e3564535ee547efb61c5f0fc84518d9f6e7e71d6baa8cd

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
358
Expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=545698&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22119274bd16b10bb8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22120c802e0f1a51da%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22545698%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22545698%22%2C%22sid%22%3A%22300x600%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22175840252%2Ffansided%2Fculturess.com%2Frightrail1%23MM_DISPLAY_MANAGER_AD_STATIC-1_2%22%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90c6d74be627ee673842c0043505e4310f33b10f27b53450e6ae0d9bd1b84f9

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCkJYypUWyTShvuhjnuzhTjif%2Bxi6Rf6NThIbif9W618lixWQL1JOUDxOtoemOmMoz7v30cMGrUZcrqF5qgG%2BBbiXQ0EO6taOxbGh3ngmCDU%2BZ0WRqun7SGC12VjLE9%2Bj4RiPjgx"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7460d6e7787c996c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7EE2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88742
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 05 Sep 2022 17:56:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 06 Sep 2022 18:35:06 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=8517197437325276119
0
0
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=211945
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=02b51048-2d44-11ed-a8e3-129210fe0306
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=02b51048-2d44-11ed-a8e3-129210fe0306
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
45
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
nginx
Location
/partner?source=211945&__user_check__=1&sync_id=02b51048-2d44-11ed-a8e3-129210fe0306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
98
Connection
keep-alive
Content-Length
0
csync
sync.spotim.market/
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-T8tKKQVE2uEC1qdSiaK5wvxWJ5SAPnnR~A
0
0
/
sync.spotim.market/csync/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=02b51543-2d44...
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=02b51005-2d44-11ed-a8e3-129210fe0306
0
0
710530.gif
di.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/710530.gif
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:28:38 GMT
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
age
55647
etag
"643378ef8a85df26380de21f9beb58ba"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
4550
x-amz-cf-id
daakjfnu0RYD6G0lVDgWdw5Gbs0qWYJE5FQJfsk7wk1kPCUzJAZ3eg==
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame B002 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.5.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b8:9800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
280bbf781a90f30d7be755c745f0767af579a8e994f68410e78f234600332480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:37:12 GMT
content-encoding
br
last-modified
Fri, 26 Aug 2022 07:52:49 GMT
server
AmazonS3
age
1133
etag
W/"58a2a81ef788a6bb641f7dc0f75e3196"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
qJ_nY1SKrObfNv.hqic.HKiDm5fU3hlg
via
1.1 53c2dd46a1510fa5872e31600763ab76.cloudfront.net (CloudFront)
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop
ORD52-C1
content-type
application/javascript
x-amz-cf-id
1waQHieZllIVogf6q7NHXOBCsq36ggoEXjpQBIDg9S9TtEAmXw2DHA==
hb_270443_8244.js
player.spotim.market/prebidlink/461777/ Frame B002 		433 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
7057b479a1f426beb0e25df5aee22456b0b30107c73c5c93f604d25908b074ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 19:36:39 GMT
server
nginx
etag
W/"62fe94c7-6c41c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 07 Sep 2022 17:56:04 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B002 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28557
x-xss-protection
0
server
sffe
etag
"1324 / 331 of 1000 / last-modified: 1662156382"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 05 Sep 2022 17:56:04 GMT
wrapper_hb_270443_8244.js
player.spotim.market/prebidlink/461777/ Frame B002 		785 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/461777/wrapper_hb_270443_8244.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
bdec9c8e55304774b4030fa42cd6ec1cd75b0a7e89316ae22d653d5dd877fd56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 16:15:45 GMT
server
nginx
etag
W/"631620b1-311"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 07 Sep 2022 17:56:04 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
get
mv.outbrain.com/Multivac/api/ 		112 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=2000874&apv=false&sig=uoZPnpct&format=html&rand=98502&osLang=en-US&va=true&et=true&cmpStat=1&cnsntv2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&ccpaStat=1&srcUrl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2Ffeed%2F&scrW=1600&scrH=1200&t=YThkYWM0ZWNlNmIxOTZkZmRkYmYwYTgyMjk4MTI0Y2M=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=0&fAB=11984-83711&layeredTestInfo=11984-83711-,12262-0-&dpr=1&cw=790&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0e0df2499616f0d83c60670500ea7e9fdc79b28ba9254e45bec23696c06f637f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1662400565.525362,VS0,VE1022
accept-ranges
bytes
x-served-by
cache-lga21921-LGA, cache-fra19175-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
6fd41fbbe41827ff5ff0ebb1f70fffd6
content-encoding
gzip
content-length
28521
expires
Thu, 01 Jan 1970 00:00:00 GMT
main-chunk.css
static-cdn.spot.im/production/ads/tags/v21.5.0/ads/ 		735 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v21.5.0/ads/main-chunk.css
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efe86bd42cc0348a33bfe2f0c63f7062ec5ec3262199a040a1a0936982e06c66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
PLM_J_jh5Y9Ach2hsm_BVDHotm3.V0S1
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
etag
"2eed037b169cadf3a605f48a3aded937"
last-modified
Fri, 19 Aug 2022 07:20:00 GMT
server
AmazonS3
age
45018
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
date
Mon, 05 Sep 2022 05:25:47 GMT
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
735
x-amz-cf-id
HshotR4a8RZRUc9NvGqIFGsOa2dWrxSNcbrjE6ZGyT85_12tZjr-ZQ==
main-chunk.js
static-cdn.spot.im/production/ads/tags/v21.5.0/ads/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v21.5.0/ads/main-chunk.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5c523dc5508d4a460252e6f1038603166541443cc8b98dc3ae2f9859e1a901b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
oJmxq1iLfZ0_C1j2r8JeoNd1mHdbzxoa
content-encoding
br
etag
W/"93dd2b9522f5edbefc41a45796c96071"
last-modified
Fri, 19 Aug 2022 07:20:00 GMT
server
AmazonS3
age
45787
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date
Mon, 05 Sep 2022 05:12:57 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
kJp3YFbelQqaovVB7HbeWppjojOq13zReu4I7xhP1O5nmN-YcLcXRA==
PugMaster
image6.pubmatic.com/AdServer/ Frame 7EE2 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29010351&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-length
0
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=49dd65f7ef38b8edfa5e34a38d793a5a_199081_1662400564445&tm=1866&eT=0&widgetWidth=300&widgetHeight=54&widgetX=1065&widgetY=523&wRV=2000874&pVis=0&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&rtt=64&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
X-TraceId
0647968e15aa56493a6e588b6a75cf09
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
pubads_impl_2022083001.js
securepubads.g.doubleclick.net/gpt/ Frame B002 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131975
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 08:35:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Sep 2023 11:47:16 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=49dd65f7ef38b8edfa5e34a38d793a5a&pvId=a8dac4ece6b196dfddbf0a82298124cc&sid=5756244&pid=199081&idx=1&wId=102&pad=0&org=0&tm=1913&eT=3&cnsnt=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&wRV=2000874&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:04 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
949c305d4895b81214ea2d0b9a6796d0
Content-Length
4
Expires
0
player.js
player.aniview.com/script/6.1/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
122879f9ef49d7193bb88733d44188ff5685a0643ebcf6c990cf1869941fce8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdszJUDLm-lOI77sGKizBY_wpbLHadPowrQbLqX7_mIvzLKsry1HQvbjA35aNfrZ6bZ42au7Xjy1HELZvpAbC7u5Zg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9907
last-modified
Mon, 05 Sep 2022 05:26:06 GMT
server
UploadServer
etag
"8d89280892e65faa7038c46fb8fc3d91"
vary
Accept-Encoding
x-goog-hash
crc32c=mpcN/w==, md5=jYkoCJLmX6pwOMRvuPw9kQ==
x-goog-generation
1662355566859222
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9907
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 18:01:04 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=61efc86b826fa14969030914&e=playerLoaded&cb=1662400571746&r=https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hbw_master_270443_8244.js
player.spotim.market/prebidlink/x461777/ Frame B002 		383 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/wrapper_hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
199da19156874c9155ab4fafc898fa9128e1a63008dedf56feaaed7063acca2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 16:15:45 GMT
server
nginx
etag
W/"631620b1-5fac9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 07 Sep 2022 17:56:04 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
config.json
player.adtelligent.com/exchange_rates/279896/ Frame B002 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fculturess.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
7b38c432f96f8b1a3f63192174d9660c5b8f5f0d8e3170904c341376c56edde6

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 12:01:08 GMT
server
nginx
etag
W/"6315e504-847"
content-type
application/json
access-control-allow-origin
https://culturess.com
expires
Wed, 07 Sep 2022 17:56:04 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame B002 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 05 Sep 2022 17:36:19 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:55 GMT
server
AmazonS3
age
1186
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
a6V7oS6MJekMtl13dionPNzoByx_kXUL68CB0OIlNxucWOnbIW95YQ==
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame B002 		346 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b8:9800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd61da406f098f861a0c9524f9c6bd9cf10c6e96cf653f71f399ba0f67d7ab35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:37:12 GMT
content-encoding
br
last-modified
Mon, 05 Sep 2022 16:52:18 GMT
server
AmazonS3
age
1133
etag
W/"ed0a40ad3e908d7074a386072e0dd4db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
cgT89U2wcquZa0J.6h0jRFQbrPkvCDoM
via
1.1 53c2dd46a1510fa5872e31600763ab76.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
ORD52-C1
content-type
text/javascript
x-amz-cf-id
oeM5w1JekOLyraTajJo7zagoyaWRLAi2yYF7gX8K1DzHeqyrOC81hQ==
/
ghb.spotim.market/geo/ Frame B002 		149 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
94822a4eff910db4747dfca256b07c769a9e06b5d62a3e64a4612e7f1264693f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
149
tracking
ghb.spotim.market/adunit/ Frame B002 		43 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=8244&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fculturess.com&adid=p2dmlu.00&features=82144&vpbv=N079&lifecycle_tte=291
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://culturess.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.safeservingcdn.com/prebidlink/19240/ Frame E5DE 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.safeservingcdn.com/prebidlink/19240/j.html?i=11598
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 05 Sep 2022 17:56:04 GMT
etag
W/"620bee41-43d"
expires
Wed, 07 Sep 2022 17:56:04 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
AVmanager.js
player.aniview.com/script/6.1/ Frame 1E00 		388 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7a40a463b00a11829a0e510859c76b9754429b9f2b6041208182f2afb4c718ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduXzhdCf823X6fQNJFDrOvq0dpSdYwB7orBHywvhYo0kR7YPBScFHTHKE7ZFhMRGom-S_N2ZwjoTrf8r67b4HmntmuP8fm0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
112108
last-modified
Mon, 05 Sep 2022 05:26:06 GMT
server
UploadServer
etag
"9c554c8926491b040b9c4a94b0f974fb"
vary
Accept-Encoding
x-goog-hash
crc32c=OL8ECg==, md5=nFVMiSZJGwQLnEqUsPl0+w==
x-goog-generation
1662355566662413
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
112108
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 18:01:04 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame B002 		248 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fculturess.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://culturess.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
t9Z1c5Bx-wOaDxrvOrboUT-IatGozwTtGSuAn552KL1o-po7x3Ec8g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B002 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
56150
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 05 Sep 2022 02:20:15 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
fO00le2OR_-CKkaZnxq-kVJA-59z5vYZVdGqzMJGZtr4IkAOB1HRJg==
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=culturess.com&sn=&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&cd6=stable&cd7=row1-column1&cd9=22591923899&cd10=v21.5.0&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.53&apppkg=&fv=3&proto=https&clsid=a82ad107-fcc0-4a34-9efd-cb2fdba6ed90&rando=35&pid=5e0e296628a061270b21ccab&cid=61efc86b826fa14969030914&stagid=&stplid=&e=inventory&vi=0&cb=1662400571976
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		51 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_ed8vmIJd&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=36c37fa0-9944-4c57-b7c0-263a651db58f&AV_CDIM5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM9=22591923899&AV_CDIM10=v21.5.0&AV_SCHAIN=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=61efc86b826fa14969030914&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=culturess.com&AV_DADPOS=3&d36=6.2.53&responsive=1&sver=2&avtoken=571975&omv=1.0.1&clsid=a82ad107-fcc0-4a34-9efd-cb2fdba6ed90&rando=35&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1662400571995&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.192.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-192-96.compute-1.amazonaws.com
Software
/
Resource Hash
39eccec0fcd53671e11be73e04f3f510e8562e2c45966099ef6e77b47b423fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 25 Aug 2022 04:09:25 GMT
hbw_master_307825_11598.js
p.safeservingcdn.com/prebidlink/y19240/ Frame E5DE 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.safeservingcdn.com/prebidlink/y19240/hbw_master_307825_11598.js
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/19240/j.html?i=11598
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
9d9bc14894c7671a2ee110062eb53017b8172319a8a69162d76c66805c2b6f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/prebidlink/19240/j.html?i=11598
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 16:52:03 GMT
server
nginx
etag
W/"630ceeb3-13d1b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 07 Sep 2022 17:56:04 GMT
hb_307825_11598.js
player.adtelligent.com/prebidlink/ex19241/ Frame E5DE 		286 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19241/hb_307825_11598.js
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19240/hbw_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
d3f5d2edb1d7efe3e24417b3a48999d2090f8b7cab6a0f773e4075b33122de03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 20:18:51 GMT
server
nginx
etag
W/"62fe9eab-47661"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 07 Sep 2022 17:56:04 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame B002 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-21-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Mon, 05 Sep 2022 18:11:04 GMT
/
ghb.adtelligent.com/geo/ Frame E5DE 		149 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19240/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
94822a4eff910db4747dfca256b07c769a9e06b5d62a3e64a4612e7f1264693f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
149
tracking
ghb.adtelligent.com/adunit/ Frame E5DE 		43 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11598&full_page_url=https%3A%2F%2Fculturess.com&adid=p2dmr8.ud&features=16480&vpbv=N079&lifecycle_tte=142
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19240/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
bid
c.amazon-adsystem.com/e/dtb/ Frame B002 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&pid=78tfmy4mVXD5e&cb=0&ws=336x280&v=22.8.252032&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1602411747217-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x250%22%5D%2C%22sn%22%3A%22%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%22%7D%5D&cfgv=1&schain=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprc=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
GA8ZBZNSCPAY5BP9K8VM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
M0YeXfK1P_G2gDNL83vNf7DMqsjXF3cPGlcc_cJ3r-dr2A7RhJm4Zg==
csyncs
ghb.spotim.market/ Frame B002 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/csyncs?aid1=524901&aid2=572165&aid3=730717&aid4=735207&aid5=736239&aid6=736291&aid7=744445&aid8=744458&aid9=744459&aid10=752915&aid11=757041&aid12=767137&aid13=767587
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9a31f3657c6d94eb301870a3bab9b049b452e6d92ec31a556bc8a5e20c86a115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:56:04 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://culturess.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
878
sync.html
s.adtelligent.com/ Frame F582 		1 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=572165
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d1a91ee2c662edbb612f73ff8f00178f42eea90c96ee9c837b78a33086ffbc2c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://culturess.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
581
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame EA68 		1 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=730717
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d1a91ee2c662edbb612f73ff8f00178f42eea90c96ee9c837b78a33086ffbc2c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://culturess.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
581
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame 5DCE 		1 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=744459
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d1a91ee2c662edbb612f73ff8f00178f42eea90c96ee9c837b78a33086ffbc2c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://culturess.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
581
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame 7D3B 		1 KB
981 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=752915
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6728a0ce89e4654e589280a209df5c1d5c8a690bca4a720b79df7255560d118a

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://culturess.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
680
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame 4A4D 		1 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=744458
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d1a91ee2c662edbb612f73ff8f00178f42eea90c96ee9c837b78a33086ffbc2c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://culturess.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
581
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 17:56:05 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame 5C4D 		1 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=744445
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d1a91ee2c662edbb612f73ff8f00178f42eea90c96ee9c837b78a33086ffbc2c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://culturess.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
581
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame E1C6 		1 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=736291
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d1a91ee2c662edbb612f73ff8f00178f42eea90c96ee9c837b78a33086ffbc2c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://culturess.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
581
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame 8321 		1 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=735207
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d1a91ee2c662edbb612f73ff8f00178f42eea90c96ee9c837b78a33086ffbc2c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://culturess.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
581
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame 236B 		1 KB
981 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=736239
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6728a0ce89e4654e589280a209df5c1d5c8a690bca4a720b79df7255560d118a

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://culturess.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
680
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 17:56:04 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.spotim.market/ Frame 1C6E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=8517197437325276119
0
0
/
onetag-sys.com/usync/ Frame 30AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame EC27
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 17:56:05 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 05 Sep 2022 17:56:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
server
AkamaiGHost
getuid
eb2.3lift.com/ Frame C431 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 05 Sep 2022 17:56:04 GMT
isyn
prebid.a-mo.net/ Frame FDFC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 05 Sep 2022 17:56:04 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
3
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7F7E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88742
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 05 Sep 2022 17:56:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 06 Sep 2022 18:35:06 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame B002
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1662400564991
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5105827954
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5105827954
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
etag
RXef8bc7360d434eab93e385a2fd341886003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5105827954
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.spotim.market/ Frame B002 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame B002
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
43 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7460d6eb4a4492ba-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtTvnFQnIMYWcF5hiVuY%2FOsIbwcV5kwzCuUvtyax%2BUdI2giSPgBItwerFZ0Op04ZI6kQGEsejgTVrHx6WYgtoe6NXBCX6KfZWrjU1gTAKEAIggSu7gH1e83mDq%2F%2Fl96%2FQQnXPY%2Bc6Yqr%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMX7Hl7PwnCOrg29WdbxkKBZPGuZPXJqLG1q1NYobW5TrH%2BG0J39YHVguZPqomFjUMN%2F7SGutJDRDpkrv6qePB7KuvSf8j1ewTkSm2MdS2rf%2Bdq%2Fa%2FkccnwleO%2FNjA0rB2MFYtZb8qprJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
cache-control
no-cache
cf-ray
7460d6eb0d5f9243-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
csync
sync.spotim.market/ Frame B002
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58558/occ
  • https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-7.z7CiBE2uHZZfEDFC_0D1jdRX6Vs0qJKmE3fOY-~A
0
0
csync
sync.spotim.market/ Frame B002 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B002 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.spotim.market/ Frame F582 		0
0
csync
sync.spotim.market/ Frame EA68 		0
0
csync
sync.spotim.market/ Frame 5DCE 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7D3B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=752915
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.spotim.market/ Frame 5C4D 		0
0
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://culturess.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7460d6ebd8c59a03-FRA
content-length
0
date
Mon, 05 Sep 2022 17:56:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WriNvAfmQa%2FKKni8OpHRo7VySfrv7hYUcdPgMpZjc1Pw7p%2B06XuwtDcR7kLHjPc05ssSYGB7BuY5uflYGCCE1JQLtm2Xt%2FaWWGfc%2BTf%2FQ%2FceVQEb%2FG6y0QOqTmNGSTUJJ2v%2BDsR3x1dea6sfcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://culturess.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Sep 2022 17:56:05 GMT
server
ATS/9.1.10.25
prebid
ads.yieldmo.com/exchange/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.29.1&p=%5B%7B%22placement_id%22%3A%22MM_DISPLAY_MANAGER_AD_STATIC-2_3%22%2C%22callback_id%22%3A%22122398454e25150d%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222530621563095425440%22%2C%22bidFloor%22%3A0.1%2C%22gpid%22%3A%22175840252%2Ffansided%2Fculturess.com%2Frightrail2%23MM_DISPLAY_MANAGER_AD_STATIC-2_3%22%7D%5D&page_url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&bust=1662400572238&dnt=false&description=It%27s%20that%20time%20of%20year%20again%20where%20Ulta%20Beauty%20breaks%20out%20the%20deals%20and%20gets%20us%20all%20ready%20for%20back%20to%20school%20and%20the%20holiday%20season!&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&w=1600&h=1200
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.13.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-13-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		140 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1f371fc7eb0459632a6ed1a7f73a2ef0cbcbea239bc9c69e2cab18ccc95b0423
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:05 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f47c6b16-4633-46d8-9f51-614dc1205444
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.36.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-36-89.compute-1.amazonaws.com
Software
/
Resource Hash
843aaa4342933048f663c0a8bed53197783c1b83132c0a679f4b2080dbcecc03

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://culturess.com
x-reason
maxmind anonymous
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
mvo
tag.1rx.io/rmp/212244/0/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212244/0/mvo?z=1r&hbv=6.29.1,2.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c9c59a027224b86979e16aa2889e4ef6e8fef217760adef5013194905d1f2941
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:05 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8833efc6-4077-4d57-9391-dd7b46a175d4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ex.ingage.tech/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfae44c53d705556eb16900720cfed3feefb0675aadacbc80fe4b5dda22b1e1b

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMqXF%2FcGEK7RxtqYZdcdJ4DmzyF2biTB0XpgYfm1atbcCYluyoJCIfquUlDe4RysQAU0MS9m%2F7CpV1qYWa9NP0I6eIOe7qURU3vfFKW3UZXwGqoHQsLjKEB7XAz2FcWrMjGlx9vG1xKpu5YktQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
cf-ray
7460d6ec9a699baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastlane.json
fastlane.rubiconproject.com/a/api/ 		358 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17598&site_id=206582&zone_id=1677732&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tg_i.pbadslot=175840252%2Ffansided%2Fculturess.com%2Frightrail2%23MM_DISPLAY_MANAGER_AD_STATIC-2_3&tk_flint=pbjs_lite_v6.29.1&x_source.tid=0861e273-3225-4ecc-b735-57b14c029930&l_pb_bid_id=134f57462097161f&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=175840252%2Ffansided%2Fculturess.com%2Frightrail2%23MM_DISPLAY_MANAGER_AD_STATIC-2_3&slots=1&rand=0.6346397641327404
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
28ee90b63cacc580bc0a1b4e5db534530425a36cd85c6844afcbcc4450389911

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
358
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
date
Mon, 05 Sep 2022 17:56:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		25 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
59fbf8354eeee89e93a1fa1caab2ec9d5425fab4174c42e836fdd38cbe4f20e8

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tmax=1000
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
accept-ch
sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=545698&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22141096d34f8f73d2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22142ba84b6f9a62f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22545698%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22545698%22%2C%22sid%22%3A%22300x600%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22175840252%2Ffansided%2Fculturess.com%2Frightrail2%23MM_DISPLAY_MANAGER_AD_STATIC-2_3%22%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e1e7c897ae098db7b17d01d365660d4418f994f3b78843bef9b3c6f20e448a

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZx1MJQR1Fob4BWuaRO9D9rB52u2XDgP4NSe%2BPZsk0trpp8f9nYQG%2BYCxzasAN6ett6frszB4vq3VHw3lXIsJib3Snp6808Z%2FeTk8T8Ou3GJiMhcT65u2guEPsJ%2BdSsPMCD%2BLTM0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7460d6ebe856996c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3a4ddd5c2300607f80502504f27d85cf6d6d577176e6c20b751810f40e6bbcfc

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
content-length
66
arj
minutemedia-d.openx.net//w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://minutemedia-d.openx.net//w/1.0/arj?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0861e273-3225-4ecc-b735-57b14c029930&nocache=1662400572247&aus=300x250%2C300x600&divids=MM_DISPLAY_MANAGER_AD_STATIC-2_3&aucs=175840252%252Ffansided%252Fculturess.com%252Frightrail2%2523MM_DISPLAY_MANAGER_AD_STATIC-2_3&auid=541176476&aumfs=100
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9275ff187a73b177620cb0d9c4b821749326cc6251e8c224c345505652435471

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		0
0
bid-request
a.teads.tv/hb/ 		16 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.69.48 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 05 Sep 2022 17:56:05 GMT
/
shb.richaudience.com/hb/ 		4 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-max-age
86400
access-control-allow-credentials
true
csync
sync.spotim.market/ Frame E1C6 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 236B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=736239
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.spotim.market/ Frame 8321 		0
0
usync.js
eus.rubiconproject.com/ Frame EC27 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73375
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Tue, 06 Sep 2022 14:19:00 GMT
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame B002 		784 KB
255 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b8:9800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a142d3040a5245210269450dbdae2ce261226b7224f70f97646fff372bebd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:37:12 GMT
content-encoding
br
last-modified
Mon, 05 Sep 2022 16:52:44 GMT
server
AmazonS3
age
1134
etag
W/"2da028834bd270c20d406f3bcf04e08d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
8qVaSo693_Q2Xc21_3K8FR3GW2SXhLPH
via
1.1 53c2dd46a1510fa5872e31600763ab76.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
ORD52-C1
content-type
text/javascript
x-amz-cf-id
VlFfPLPD_pP94M3z852TkGUs-U4YqKEHGS0ax5HmDE9wrpkUpcMkVw==
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://culturess.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Sep 2022 17:56:05 GMT
server
ATS/9.1.10.25
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://culturess.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7460d6ec29779a03-FRA
content-length
0
date
Mon, 05 Sep 2022 17:56:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NP9Vu7CI2nJNvCWSnxayE9rqpNXPfcpXLtHWihouW9mVSkqb52f5M5u8hN88H2J3Cy5qJB381xsqC3wZ3qZYAmvhQEF8ZZ%2Ft8mjdpV0ISr9p76GyxerLhFk6Tm%2BPpFRFGB2pBGcbUh9Oo6CHGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.36.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-36-89.compute-1.amazonaws.com
Software
/
Resource Hash
56a2b9011e4fc9a0a145497c45545512456f2040c99f63669745c0e6bfa44dc9

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://culturess.com
x-reason
maxmind anonymous
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
hb
ssc.33across.com/api/v1/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b490e57703421aa999ccc5cf47d1756d50405a6421b3683482532fe8d4526a43

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
content-length
66
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
date
Mon, 05 Sep 2022 17:56:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=545698&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221610d5298d0d7e98%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216216f350a1ce214%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22545698%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22545698%22%2C%22sid%22%3A%22300x600%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22175840252%2Ffansided%2Fculturess.com%2Frightrail2%23MM_DISPLAY_MANAGER_AD_STATIC-3_4%22%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb121be460e4f49cbad264bd4eabfa75577b6e2f86230b1c5bbf8d05ee1df3d

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozZsqog2bz8bAx0ZaKA8V6M%2BmiqVhU0EedNMqac8Dszut9ifWfPOwegMX5VxPy2TgvQc7ifU2dANEqxppK4FjC4cy1LcTm5jg55OA%2FrKuhnve1RZ8F9Cb%2BBp0scxX%2FmvXw6pelVO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7460d6ec18b7996c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
mvo
tag.1rx.io/rmp/212244/0/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212244/0/mvo?z=1r&hbv=6.29.1,2.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tmax=1000
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
9423fb91cff4badec7ffc41034895b7c0b4bac2e3283c597a9e61b85411eabc7

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
prebid
ads.yieldmo.com/exchange/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.29.1&p=%5B%7B%22placement_id%22%3A%22MM_DISPLAY_MANAGER_AD_STATIC-3_4%22%2C%22callback_id%22%3A%22170637f7cbc80597%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222530621563095425440%22%2C%22bidFloor%22%3A0.1%2C%22gpid%22%3A%22175840252%2Ffansided%2Fculturess.com%2Frightrail2%23MM_DISPLAY_MANAGER_AD_STATIC-3_4%22%7D%5D&page_url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&bust=1662400572285&dnt=false&description=It%27s%20that%20time%20of%20year%20again%20where%20Ulta%20Beauty%20breaks%20out%20the%20deals%20and%20gets%20us%20all%20ready%20for%20back%20to%20school%20and%20the%20holiday%20season!&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&w=1600&h=1200
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.13.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-13-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e23db34d14d622bb6aeb7c7efa2e14d9c543d148b4364266730ac5bb1d26240b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:05 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c6075896-62d6-4cdf-86be-e7575f2eed4d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ex.ingage.tech/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37194dd744d828bcfc688d5fb653f427b1ea658c4ae45c841be4062c7aacd553

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80J2L8rATcjGdV1S4r9grjFyhhxaA7pr3s5%2FLM9v%2Bx0T%2FlZsEr1RtkgZA8h3gzkSq7tpZPS5yC8Ni3PnrpH7doLj44YNos3Y71Wgvr9Xi6F5CVLjXiukvuUdBJfHyZm3SUZkkrX6vAyeKqTfFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
cf-ray
7460d6eceb1a9baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arj
minutemedia-d.openx.net//w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://minutemedia-d.openx.net//w/1.0/arj?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=420f05ba-4933-4cde-89d9-52a3f6b8d615&nocache=1662400572287&aus=300x250%2C300x600&divids=MM_DISPLAY_MANAGER_AD_STATIC-3_4&aucs=175840252%252Ffansided%252Fculturess.com%252Frightrail2%2523MM_DISPLAY_MANAGER_AD_STATIC-3_4&auid=541176476&aumfs=100
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5b98d8e17f723506a0eebd242abbc4d6783cb75b0c483cf0055b56b49553564b

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d0dbd401bb62e7a53dbdcb3924a23f676ecf8ed5675d11947208d76a74b708ce
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:05 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
376fca03-b0f4-45aa-ae52-5a2bd2ba3db4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		358 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17598&site_id=206582&zone_id=1677732&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tg_i.pbadslot=175840252%2Ffansided%2Fculturess.com%2Frightrail2%23MM_DISPLAY_MANAGER_AD_STATIC-3_4&tk_flint=pbjs_lite_v6.29.1&x_source.tid=420f05ba-4933-4cde-89d9-52a3f6b8d615&l_pb_bid_id=180ea02d82b96488&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=175840252%2Ffansided%2Fculturess.com%2Frightrail2%23MM_DISPLAY_MANAGER_AD_STATIC-3_4&slots=1&rand=0.5860958918381864
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9c6411535309f23e64f9f55accdd280e2fdc3be1cf6b7637816e13459f77397f

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
358
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
shb.richaudience.com/hb/ 		4 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://culturess.com
access-control-max-age
86400
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.69.48 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 05 Sep 2022 17:56:05 GMT
csync
sync.spotim.market/ Frame 4A4D 		0
0
usermatch
ssum.casalemedia.com/ Frame 192F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4654e8131f5865f29da883405a88f64509f7ce77c11113db4c24a95b59ae214

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7460d6ee1fba5b3e-FRA
content-encoding
br
content-type
text/html
date
Mon, 05 Sep 2022 17:56:05 GMT
dropped-udsids
241|45|230|39|88|130|17|57
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdi4nV49au4yQbE%2F41xywGKSizcNx5369xaukKRJP4Rn1%2F2mx%2F%2Bsx1Fis2lYt6IYGRl09zynufHqMqa3c5vZZZnuSrm%2Fp%2BS%2FHsC0XEXJQW0nXiZ2%2BbCy60%2FX0f%2FbkyDidXBGH1IK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame F05C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D2%26key%3D%24S...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=2&key=02b51005-2d44-11ed-a8e3-129210fe0306
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=2&key=02b51005-2d44-11ed-a8e3-129210fe0306
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.80.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-80-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 05 Sep 2022 17:56:05 GMT

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 05 Sep 2022 17:56:05 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=2&key=02b51005-2d44-11ed-a8e3-129210fe0306
Server
nginx
X-fe
73
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0FE7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Mon, 05 Sep 2022 17:56:04 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1
cookiesyncendpoint
sync.aniview.com/ Frame FE40
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=55&key=8517197437325276119
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=55&key=8517197437325276119
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.80.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-80-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 05 Sep 2022 17:56:05 GMT

Redirect headers

AN-X-Request-Uuid
2865c7c1-663e-45b5-b0e4-202aa672e648
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Sep 2022 17:56:05 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=55&key=8517197437325276119
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DE21 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88741
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 05 Sep 2022 17:56:05 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 06 Sep 2022 18:35:06 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
occ
ups.analytics.yahoo.com/ups/58543/ Frame D765 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Mon, 05 Sep 2022 17:56:05 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
usync.html
eus.rubiconproject.com/ Frame 6B15
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 17:56:05 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 05 Sep 2022 17:56:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame 88DA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=200&key=OPTOUT
0
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.80.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-80-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 05 Sep 2022 17:56:05 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 05 Sep 2022 17:56:05 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=200&key=OPTOUT
pragma
no-cache
sync
ssbsync.smartadserver.com/api/ Frame 3E09 		0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 05 Sep 2022 17:56:05 GMT
avpb6.27.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1E00 		178 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds_YyvkSUnTufqj4XsZtFAGSl8lFCMaarl4ForxDNutpelgjtmjbaOT9vpvYIcuSmU3AmHfMTzffx1hJg3DC6kix8kLZwQD
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
54791
last-modified
Mon, 05 Sep 2022 05:26:07 GMT
server
UploadServer
etag
"6aaf2d6f81db16a19b9a8702200ece8f"
vary
Accept-Encoding
x-goog-hash
crc32c=ABPkGg==, md5=aq8tb4HbFqGbmocCIA7Ojw==
x-goog-generation
1662355567182175
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
54791
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 18:01:05 GMT
avpb6.27.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1E00 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu_9EZRh1A9wjPh1AUbvgqUz6hyP-WzIkaI4xWm94n0oqnoIXco6gbT2n_MBZ2MzSTwKCHD1BWJfRf9q7MHBy_-Nr3IoHMA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
24663
last-modified
Mon, 05 Sep 2022 05:26:07 GMT
server
UploadServer
etag
"443235b30dfca332fbe982d211a2f025"
vary
Accept-Encoding
x-goog-hash
crc32c=ehhcow==, md5=RDI1sw38ozL76YLSEaLwJQ==
x-goog-generation
1662355567347498
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
24663
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 18:01:05 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
144 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&cb=2400572555&vwd=400&vht=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
122 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545647359&url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&cb=2400572556&vwd=400&vht=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
122 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545647353&url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&cb=2400572556&vwd=400&vht=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:04 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
mvkd9vpdfv8hi0id2tbk8nvis5d51gdp
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=culturess.com&rs=culturess.com&sid=44896&t=1662400565&cip=80.255.10.196&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662400565115-935559409326-007208-009-003599&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=56158603516&d39=&d65=&apppkg=&cd10=v21.5.0&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&cd6=stable&cd7=row1-column1&cd9=22591923899&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=61efc86b826fa14969030914&e=request&cb=1662400572559&asid=614337a85c49df000b43be8e%2C6102abe5ddfd4a3fff5ecc08%2C614ca70120845e08015d7cfc%2C624ef036fd31be29be492375%2C61113df07fc6a449737e6160%2C61113d9c30d7241a532153f1%2C61ee6ef4a6c15a1f254981d5%2C61113d220281b5606b69210b%2C61f7b00dfdf82a166154d2a4%2C628cf6ca9829fd6d455cfe92%2C611dfa3275dc6a0c257fae79%2C62723804be4a590dd848c288%2C61312cb99bd61a2e0c1d0f94%2C61312c6f520a741f1b4d5991&ofpr=4.02%2C8.125%2C3.61%2C4%2C%2C%2C4.989%2C%2C5.06%2C9.44%2C9.96%2C2.582%2C9.44%2C2.93&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usync.js
eus.rubiconproject.com/ Frame 6B15 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73375
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Tue, 06 Sep 2022 14:19:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
X-SpotX-Timing-Transform
0.000302
X-SpotX-Timing-SpotMarket
0.003799
X-SpotX-Timing-Page-Mux
0.000976
X-SpotX-Timing-Page-Require
0.000349
X-fe
055
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000027
X-SpotX-Timing-Page
0.009309
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000314
Last-Modified
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003799
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.003528
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
X-SpotX-Timing-Transform
0.000327
X-SpotX-Timing-SpotMarket
0.003592
X-SpotX-Timing-Page-Mux
0.001024
X-SpotX-Timing-Page-Require
0.000381
X-fe
038
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.007475
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000311
Last-Modified
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003592
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001822
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
324642
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/324642?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
X-SpotX-Timing-Transform
0.000545
X-SpotX-Timing-SpotMarket
0.003883
X-SpotX-Timing-Page-Mux
0.000989
X-SpotX-Timing-Page-Require
0.000461
X-fe
137
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000019
X-SpotX-Timing-Page
0.008591
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000345
Last-Modified
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003883
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002334
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
X-SpotX-Timing-Transform
0.000263
X-SpotX-Timing-SpotMarket
0.003265
X-SpotX-Timing-Page-Mux
0.000887
X-SpotX-Timing-Page-Require
0.000319
X-fe
112
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.006374
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000287
Last-Modified
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003265
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001340
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
X-SpotX-Timing-Transform
0.000457
X-SpotX-Timing-SpotMarket
0.003968
X-SpotX-Timing-Page-Mux
0.001031
X-SpotX-Timing-Page-Require
0.000470
X-fe
056
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.008220
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000399
Last-Modified
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003968
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001873
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
X-SpotX-Timing-Transform
0.000761
X-SpotX-Timing-SpotMarket
0.004216
X-SpotX-Timing-Page-Mux
0.000826
X-SpotX-Timing-Page-Require
0.000311
X-fe
092
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.008362
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000276
Last-Modified
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004216
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001958
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
X-SpotX-Timing-Transform
0.000320
X-SpotX-Timing-SpotMarket
0.003447
X-SpotX-Timing-Page-Mux
0.001099
X-SpotX-Timing-Page-Require
0.000450
X-fe
004
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.008238
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000363
Last-Modified
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003447
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002540
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f8c4cf9f-af1a-4b79-b0c3-c5e61ba6e380&nocache=1662400572634&us_privacy=1---&pubcid=ce600662-ef66-413e-8883-bc782850a9d4&schain=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557060392&vwd=400&vht=300&aumfs=4000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
tag
p4dt2-980w2.ads.tremorhub.com/ad/ 		55 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p4dt2-980w2.ads.tremorhub.com/ad/tag?adCode=p4dt2-u5qoc&playerWidth=400&playerHeight=300&srcPageUrl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&supplyCode=p4dt2-980w2&mediaId=VideoId&schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,&transactionId=536713f7-7e0e-45aa-8dad-14594ce14e03&floor=USD:8.125&referrer=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&us_privacy=1---&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:191d:3f4:ef20:24a8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
c5d49e644cf538cc0f857acfad9c5e8c98f8765279e5383081943ba21ad402c9

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
324641
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/324641?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
X-SpotX-Timing-Transform
0.000274
X-SpotX-Timing-SpotMarket
0.003009
X-SpotX-Timing-Page-Mux
0.000805
X-SpotX-Timing-Page-Require
0.000304
X-fe
058
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000019
X-SpotX-Timing-Page
0.006938
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000273
Last-Modified
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003009
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002241
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
X-SpotX-Timing-Transform
0.000479
X-SpotX-Timing-SpotMarket
0.004973
X-SpotX-Timing-Page-Mux
0.001908
X-SpotX-Timing-Page-Require
0.001194
X-fe
012
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000027
X-SpotX-Timing-Page
0.013387
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000638
Last-Modified
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004973
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.004149
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000019
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 192F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxY4NMHsjeTEs0CFbMCLJQAABIYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxY4NMHsjeTEs0CFbMCLJQAABIYAAAIB&dcc=t
43 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxY4NMHsjeTEs0CFbMCLJQAABIYAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NGFV9DVP99NBWSW9THTJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VJ78XP4BXC8M2BD8Q08R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxY4NMHsjeTEs0CFbMCLJQAABIYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 192F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YxY4NMHsjeTEs0CFbMCLJQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK5Thhx_sfNtMbXTCAWEwvQ&google_cver=1&gdpr=1
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK5Thhx_sfNtMbXTCAWEwvQ&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7460d6ef791b5cb0-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wreaD1hHv%2BHdoiN%2B9smYRri0aaGxexdbIrJI7YkZznDSdSJQmJJ8fOdHfeu876sjVa5IazfxeswvrL8%2FWxkABZWOvNBZwRBTGJapYm74C8ZBxbwGtcnDqrrczCWtY1B77WUgYprpXpevg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK5Thhx_sfNtMbXTCAWEwvQ&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 192F 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YxY4NMHsjeTEs0CFbMCLJQAABIYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 192F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 192F 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1662400566.590323,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4061-HHN
ie
match.prod.bidr.io/cookie-sync/ Frame 192F 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.183.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-183-30.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:05 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 192F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7460d6f0cb6e5cb0-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABDdsF5LShOb5jR1r%2FczDt2pU%2Bl4k6J4eTVnllwnrDewrab%2F1txRg%2F6tmxzNSc0TCmYHR%2BtfrIDK6mZGuBRUYTupoMh3DsPStGCTX5XZdrUpGW5CS4FxxyJfsJR9lMDguHcy7kArytmqYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 192F
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821587111971
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821587111971
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7460d6efc9bb5cb0-FRA
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3qJSdPBjKGX5fJXffYuXNl4K0tTUwNPqPScDXjr48Dyokpex%2B218gRwcntfa4qzCRObJgGPR%2BxarYlp3uxJ2RYpYG7K77UH1RRxP%2FQYxavvj9DZslJ4%2FRZrbN2FXIahHdTf7ZnC1%2ByGMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821587111971
Date
Mon, 05 Sep 2022 17:56:05 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesyncendpoint
sync.aniview.com/ Frame 192F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662400565115-935559409326-007208-009-003599&biddername=42&key=YxY4NMHsjeTEs0CFbMCLJQAA%261158
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662400565115-935559409326-007208-009-003599%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.80.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-80-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
content-length
0
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000874/module/ 		503 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000874/module/singleAnimationOnFeed.js?e=2
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36404e38218b616b01d536bf0a7ef92668438a5b1cc7c60dc633f6d4ed814b5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
last-modified
Sun, 04 Sep 2022 10:17:41 GMT
server
AkamaiNetStorage
etag
"d0c15ad116cb243bd06bc5cc16d110f2:1662287677.932563"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
339
expires
Mon, 05 Sep 2022 21:56:05 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=3acd2626c8f3c9eb2ec8cabeeb57d3b2_199081_1662400564755&tm=2887&eT=0&widgetWidth=790&widgetHeight=337&widgetX=240&widgetY=2324&wRV=2000874&pVis=1&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&rtt=1080&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
X-TraceId
917db89eadf3648c081ec14a0471aca4
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=31b331a888fc7d728102ea3100157a08_199081_1662400564911&tm=2903&eT=0&widgetWidth=790&widgetHeight=337&widgetX=240&widgetY=2685&wRV=2000874&pVis=1&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&rtt=1080&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
X-TraceId
7c683e9da655b2bd3683cdb5123ed815
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=537010e4c5c4080c8a8ea7f9a285daf5_199081_1662400565103&tm=2904&eT=0&widgetWidth=790&widgetHeight=270&widgetX=240&widgetY=3046&wRV=2000874&pVis=1&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&rtt=1080&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
X-TraceId
e67709e501b2a2996a439a4d4e20cc3b
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=168475d8e8d17746eb9781ae8058bd27_199081_1662400565187&tm=2906&eT=0&widgetWidth=790&widgetHeight=224&widgetX=240&widgetY=3340&wRV=2000874&pVis=0&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&rtt=1080&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
X-TraceId
3f161565bbffcacabf346ec28c62b308
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=fac2dec12872adf03037c29dc62c6d5f_199081_1662400565457&tm=2907&eT=0&widgetWidth=790&widgetHeight=337&widgetX=240&widgetY=3588&wRV=2000874&pVis=1&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&rtt=1080&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
X-TraceId
e7c4b1b5f6a1d8d6acb66b82045bed3d
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
get
mv.outbrain.com/Multivac/api/ 		50 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose&settings=true&recs=true&widgetJSId=SB_1&key=NANOWDGT01&version=2000874&apv=false&sig=uoZPnpct&format=html&rand=38963&osLang=en-US&va=true&et=true&cmpStat=1&cnsntv2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&ccpaStat=1&srcUrl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2Ffeed%2F&scrW=1600&scrH=1200&t=YThkYWM0ZWNlNmIxOTZkZmRkYmYwYTgyMjk4MTI0Y2M=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=6&lastCardIdx=0&fAB=9820-42692&layeredTestInfo=9820-42692-,12262-0-&dpr=1&cw=300&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f2d40c3f02982a00a1b0e6ad8263b554f74a8a8ba6f9eb650bda234a0340eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:06 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1662400566.597559,VS0,VE549
accept-ranges
bytes
x-served-by
cache-lga21936-LGA, cache-fra19175-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
3e283a03e3bbd463df5fc9362717aec9
content-encoding
gzip
content-length
10651
expires
Thu, 01 Jan 1970 00:00:00 GMT
eyJpdSI6Ijc5NWMzNWRmMTlmYTNlMGQ4YWQ5YTZjNDdjZDhkZTE0YjZhZGRlMTc1ODgyNTVhZjc4MjY3ZWU2YjJiYjk3MWIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc5NWMzNWRmMTlmYTNlMGQ4YWQ5YTZjNDdjZDhkZTE0YjZhZGRlMTc1ODgyNTVhZjc4MjY3ZWU2YjJiYjk3MWIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5695c61250ed1ed58077beeca4118dfd05b8d66ee6703619067dafae787119ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Wed, 16 Mar 2022 09:49:02 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=828200
access-control-allow-credentials
false
x-traceid
5253fb0776facd902cfd2913eb65862f
timing-allow-origin
*, *
content-length
16902
eyJpdSI6IjYyYzA0ZTIzZjcwZWMxNDY2NTVjZGIxODg3N2E0OTJjMWExNDQ0ZjM2YjdiNjYxYWZlZWE3MGRjZWY5YjY0M2EiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjYyYzA0ZTIzZjcwZWMxNDY2NTVjZGIxODg3N2E0OTJjMWExNDQ0ZjM2YjdiNjYxYWZlZWE3MGRjZWY5YjY0M2EiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
41480432d4dd6d3aa855a561c3759f6c0ce1a73575bddd15af9b73d5dd8f95ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Thu, 28 Jul 2022 09:12:37 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1764615
access-control-allow-credentials
false
x-traceid
2b85fbb3dfa14c7b1180720f27caf7f0
timing-allow-origin
*, *
content-length
21818
eyJpdSI6ImIzN2Y4MTlmZjI2MWExOTFmNWU3OTU3ZmQwMzBhNTE3NWE3NjcwOGI5NDQ4ZjcxMGU4ZWQyODMzNjkzODUxN2EiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIzN2Y4MTlmZjI2MWExOTFmNWU3OTU3ZmQwMzBhNTE3NWE3NjcwOGI5NDQ4ZjcxMGU4ZWQyODMzNjkzODUxN2EiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67a80d899a8e949e6dfe9375b16c63feb58458c235dbd1797df93f99c4f134e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Thu, 09 Jun 2022 02:37:43 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1949896
access-control-allow-credentials
false
x-traceid
5a90d0d5315635e95130a70be216ad85
timing-allow-origin
*, *
content-length
38466
eyJpdSI6ImE0OTI5ZDQxNzljYTQyNTJmNmE4NTczY2ZkYzI3MzQyNzc1NzVjZjFmNjY3NTkxNGFmZTA3YTVhNThlZDFjZGEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE0OTI5ZDQxNzljYTQyNTJmNmE4NTczY2ZkYzI3MzQyNzc1NzVjZjFmNjY3NTkxNGFmZTA3YTVhNThlZDFjZGEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c1cbc1166bf2046860f9d623461537cfe9e939c56120255666899b2631e1a6ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Fri, 05 Aug 2022 08:46:00 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2050680
access-control-allow-credentials
false
x-traceid
bb4b50912785ab237915190b107ee2c4
timing-allow-origin
*, *
content-length
14184
eyJpdSI6IjQwMzUyYmE4ODFiNjdhZWU0M2Q5OGNkYjI4MDI3YzE3MjI0OTZhNjllNDFmZjk1ZGRhYWZkY2E1ZWRkODc1NTgiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQwMzUyYmE4ODFiNjdhZWU0M2Q5OGNkYjI4MDI3YzE3MjI0OTZhNjllNDFmZjk1ZGRhYWZkY2E1ZWRkODc1NTgiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
90a802894f6f19b7b10e4b692da44da0559added83b4f738869d32e258f4a9ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Mon, 08 Aug 2022 14:07:33 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2262912
access-control-allow-credentials
false
x-traceid
939d7f96a0564623c4dbb81e081b4d9f
timing-allow-origin
*, *
content-length
19772
eyJpdSI6IjZlMDY1ODVlMDQ1ZDdmMjlhZjAwZmZiOWU0Zjk5NDdkMzEyOWE0MWIxYzE4MjBkMzVmMjJmMjM2YmU1ZGNiNzQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZlMDY1ODVlMDQ1ZDdmMjlhZjAwZmZiOWU0Zjk5NDdkMzEyOWE0MWIxYzE4MjBkMzVmMjJmMjM2YmU1ZGNiNzQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
63ff673881cd46862c43f1b8db153f5fb733ddee417980c8c0985fa44b9553aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Fri, 05 Aug 2022 08:45:59 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1999723
access-control-allow-credentials
false
x-traceid
eb3b41fbae70801cc1bf3a42efd8904d
timing-allow-origin
*, *
content-length
27958
eyJpdSI6ImEzY2EyMDA3OTBhM2I4OGVkMzY4YjBkMWY4MDgyYTZlZGRjZGUxMWJhNTU5ZGQ5NGMxZTAzN2U2ZTNkODkxNGUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImEzY2EyMDA3OTBhM2I4OGVkMzY4YjBkMWY4MDgyYTZlZGRjZGUxMWJhNTU5ZGQ5NGMxZTAzN2U2ZTNkODkxNGUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
01d87f7aa037bd8205802a2d42ce6e460a4aeaf96270444dfb67e29c79cdc976

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Mon, 22 Aug 2022 13:42:11 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1240711
access-control-allow-credentials
false
x-traceid
60d27ade3caa032cab90dc4f6a89166b
timing-allow-origin
*, *
content-length
15188
eyJpdSI6Ijg1MTJjZDA4ODc0OWRiYmNiYzZlNDhkMjM3ZWNkODY1ZmFiN2IxZjQ0MjI4ZGNkNzhiMDFiZTY0ZGFjZjEzNDMiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg1MTJjZDA4ODc0OWRiYmNiYzZlNDhkMjM3ZWNkODY1ZmFiN2IxZjQ0MjI4ZGNkNzhiMDFiZTY0ZGFjZjEzNDMiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2b6b1359cda276b3c2ae1331b70e2ba48466fe6572855ce8f77b2d8f0bbf4b12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Sat, 06 Aug 2022 02:28:28 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1475106
access-control-allow-credentials
false
x-traceid
886301ebb039231d31f6285fe213fe7e
timing-allow-origin
*, *
content-length
131988
eyJpdSI6IjRhZDBjZjhlYTc0ODUwZGNjNmE4YWI0ZmY3NjU5MDViMWNjOGU3YzUzMTg2N2Y3MTZiYTQzODEzZWMzYTk4YTgiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjRhZDBjZjhlYTc0ODUwZGNjNmE4YWI0ZmY3NjU5MDViMWNjOGU3YzUzMTg2N2Y3MTZiYTQzODEzZWMzYTk4YTgiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd577d73843dcd584216be5020ce9ba9a50a34fe598bd17e2d266a78d5322cc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Sun, 04 Sep 2022 11:39:22 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2360712
access-control-allow-credentials
false
x-traceid
d55ef4d54d0b2adb6fc07c3936aae9e5
timing-allow-origin
*, *
content-length
64796
eyJpdSI6IjIwMTYyMGE3YTgyNTViOGFiOTM5M2Y3YTAxZTYxNWRkYTFlMTZhOGUwOTlkYjY4Zjg2M2UxMjhiNDAzOTIzMDAiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjIwMTYyMGE3YTgyNTViOGFiOTM5M2Y3YTAxZTYxNWRkYTFlMTZhOGUwOTlkYjY4Zjg2M2UxMjhiNDAzOTIzMDAiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d1fd6ca1309796782973dadf6f79768b17d8e3904fdf546f131f46f5cc7bec44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Sun, 04 Sep 2022 10:10:27 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2435227
access-control-allow-credentials
false
x-traceid
e73f2f102207be416842219987568360
timing-allow-origin
*, *
content-length
50840
eyJpdSI6IjM5OTUyOWUxNjMxZDAyMzBjMGFlZmQ3N2NmNGYwMzA4NDUwMjE2Y2NhOWM3NDY4NTI5OTNmYzcxMWE0NGQ5OTQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM5OTUyOWUxNjMxZDAyMzBjMGFlZmQ3N2NmNGYwMzA4NDUwMjE2Y2NhOWM3NDY4NTI5OTNmYzcxMWE0NGQ5OTQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b6dda6fb1066fea4243e6c52fc5436e30919e9233dfc0e449d5725b9c6d399be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Wed, 15 Dec 2021 15:23:13 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2126871
access-control-allow-credentials
false
x-traceid
014ddfd112424c907d86db81c55a5bcb
timing-allow-origin
*, *
content-length
20868
eyJpdSI6IjIyZjM4NWU4NmUzMWVhNDBhMmMyOGJmNzgxMTBhZTZjY2RiMGRlMDIyZmFiNzU2YmM1NmJlYzY3ZjA4ODNiZDEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjIyZjM4NWU4NmUzMWVhNDBhMmMyOGJmNzgxMTBhZTZjY2RiMGRlMDIyZmFiNzU2YmM1NmJlYzY3ZjA4ODNiZDEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f2297a33e24eb2e8b24768fefff82d7c7d6930d19a5ebc86c63f838dc808d41c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
last-modified
Mon, 04 Jul 2022 08:39:45 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2259851
access-control-allow-credentials
false
x-traceid
412be84f8a7597992c7382484f117d3f
timing-allow-origin
*, *
content-length
38208
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame EC27 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&us_privacy=1---&khaos=L7P2DGPC-21-3CST
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
c57992b917a1c5de787b922c662fdf18
Content-Type
image/gif
ecm3
s.amazon-adsystem.com/ Frame EC27
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5rlqG9hlSMSbkJDe35j89Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5rlqG9hlSMSbkJDe35j89Q
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5rlqG9hlSMSbkJDe35j89Q
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
936A908C6PQFV17KHC6N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5rlqG9hlSMSbkJDe35j89Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EC27
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/K-tQ5r3Z_HSg9r1EW_BAacn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4498987488488472879
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4498987488488472879
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

date
Mon, 05 Sep 2022 17:56:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4498987488488472879
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame EC27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMwkUrsSVhDU08qoc1DFjE&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMwkUrsSVhDU08qoc1DFjE&google_cver=1
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMwkUrsSVhDU08qoc1DFjE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame EC27 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
709414.gif
id.rlcdn.com/ Frame EC27 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EC27
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ATtSempSQ92xXKl8pUc29w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ATtSempSQ92xXKl8pUc29w
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ATtSempSQ92xXKl8pUc29w
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
HTTP/1.1
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Y4ASZRTV9WZ5PPJ59B86
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ATtSempSQ92xXKl8pUc29w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EC27
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdQMkRHUEMtMjEtM0NTVA==&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdQMkRHUEMtMjEtM0NTVA==&us_privacy=1---
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdQMkRHUEMtMjEtM0NTVA==&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EC27
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzM3OWU0MTRkMDU1YmU5YTg4YjNmMjU3ZDJiYzBmMmQ0ZWZhZTY2Nw&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzM3OWU0MTRkMDU1YmU5YTg4YjNmMjU3ZDJiYzBmMmQ0ZWZhZTY2Nw&us_privacy=1---
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzM3OWU0MTRkMDU1YmU5YTg4YjNmMjU3ZDJiYzBmMmQ0ZWZhZTY2Nw&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
prebid
prebid.deepintent.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://culturess.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 05 Sep 2022 17:56:05 GMT
server
b
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://culturess.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 05 Sep 2022 17:56:06 GMT
/
ghb.adtelligent.com/v2/auction/ Frame B002 		274 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
f870aac248502ab1730be779e943fc2042093f69bbc0b37e3533da11055575de

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:05 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://culturess.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
239
/
b1h.zemanta.com/api/bidder/prebid/bid/ Frame B002 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.255 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://culturess.com
Access-Control-Allow-Credentials
true
/
b1h.zemanta.com/api/bidder/prebid/bid/ Frame B002 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.255 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://culturess.com
Access-Control-Allow-Credentials
true
cdb
bidder.criteo.com/ Frame B002 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=5703877736
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame B002 		931 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
abef413600be1e526eb7027dd2665f03018eb523a659cf24e1191289642dc7d3

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://culturess.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ Frame B002 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
61d4520a75285450f201ba80560ebe42de6c3e86f3c3cb740fdcb3a75c7aac1d

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://culturess.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
translator
hbopenbid.pubmatic.com/ Frame B002 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
date
Mon, 05 Sep 2022 17:56:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.deepintent.com/ Frame B002 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 17:56:06 GMT
server
b
vary
Origin
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://culturess.com
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
unruly_prebid
targeting.unrulymedia.com/ Frame B002 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://culturess.com
pragma
no-cache
date
Mon, 05 Sep 2022 17:56:06 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bids
prebid-us.creativecdn.com/bidder/prebid/ Frame B002 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
date
Mon, 05 Sep 2022 17:56:06 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ Frame B002 		94 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
054971fa2c7097d02a4e6ae9ce515e311366395367c17e33b08444f3ebfc2235

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
pod
X-Sovrn-Pod: ad_ap6ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
98
c
prebid.a-mo.net/a/ Frame B002 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
date
Mon, 05 Sep 2022 17:56:05 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
50
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ Frame B002 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=98933608205
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B002 		355 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&gdpr=0&rp_schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,&eid_pubcid.org=ce600662-ef66-413e-8883-bc782850a9d4%5E1&eid_spotim.market=09b2c7de-e49d-401c-aee3-fffc06b8cf4f%5E1&rf=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tg_i.pbadslot=%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%23div-gpt-ad-1602411747217-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=8371c600-9d3b-4042-ba65-b3a8677cc28d&l_pb_bid_id=3943eba74043c2d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%23div-gpt-ad-1602411747217-0&slots=1&rand=0.19231685121956144
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cf470514851f088f42ee22450764368775be4bae7b5af2c25668faf13bc195ab

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
355
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B002 		356 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=16%2C159&gdpr=0&rp_schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,&eid_pubcid.org=ce600662-ef66-413e-8883-bc782850a9d4%5E1&eid_spotim.market=09b2c7de-e49d-401c-aee3-fffc06b8cf4f%5E1&rf=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tg_i.pbadslot=%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%23div-gpt-ad-1602411747217-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=8371c600-9d3b-4042-ba65-b3a8677cc28d&l_pb_bid_id=4038d8faabffc75&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%23div-gpt-ad-1602411747217-0&slots=1&rand=0.03209778866111712
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e52840d7832029058f1cfba7004e1a570daf1b6803f046abd8310aa36fe34edd

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
356
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B002 		356 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=16%2C159&gdpr=0&rp_schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,&eid_pubcid.org=ce600662-ef66-413e-8883-bc782850a9d4%5E1&eid_spotim.market=09b2c7de-e49d-401c-aee3-fffc06b8cf4f%5E1&rf=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tg_i.pbadslot=%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%23div-gpt-ad-1602411747217-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=8371c600-9d3b-4042-ba65-b3a8677cc28d&l_pb_bid_id=4108dd62e7dc053&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%23div-gpt-ad-1602411747217-0&slots=1&rand=0.90328083848243
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6535d55e335297ac2d15745a366047f06ba2842bc6623a00059131af1058791c

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
356
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B002 		356 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=16%2C159&gdpr=0&rp_schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,&eid_pubcid.org=ce600662-ef66-413e-8883-bc782850a9d4%5E1&eid_spotim.market=09b2c7de-e49d-401c-aee3-fffc06b8cf4f%5E1&rf=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tg_i.pbadslot=%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%23div-gpt-ad-1602411747217-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=8371c600-9d3b-4042-ba65-b3a8677cc28d&l_pb_bid_id=4239511e12a93cb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%23div-gpt-ad-1602411747217-0&slots=1&rand=0.6609905093141393
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
54d4f5ae436984bc1d608b420aaed654c54dc9e5d84dd13e3331ad82623bb5d9

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
356
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B002 		353 B
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2290538&size_id=15&alt_size_ids=16%2C159&gdpr=0&rp_schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,&eid_pubcid.org=ce600662-ef66-413e-8883-bc782850a9d4%5E1&eid_spotim.market=09b2c7de-e49d-401c-aee3-fffc06b8cf4f%5E1&rf=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&tg_i.pbadslot=%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%23div-gpt-ad-1602411747217-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=8371c600-9d3b-4042-ba65-b3a8677cc28d&l_pb_bid_id=430e8e947e05e08&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%23div-gpt-ad-1602411747217-0&slots=1&rand=0.04146352623996963
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cb923427e4f31573c8d4c4bd8c8256e9cd1351ae120f1f53969905be3b306537

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
353
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
spot-im-d.openx.net/w/1.0/ Frame B002 		174 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8371c600-9d3b-4042-ba65-b3a8677cc28d%2C8371c600-9d3b-4042-ba65-b3a8677cc28d%2C8371c600-9d3b-4042-ba65-b3a8677cc28d%2C8371c600-9d3b-4042-ba65-b3a8677cc28d%2C8371c600-9d3b-4042-ba65-b3a8677cc28d&nocache=1662400573085&gdpr=0&pubcid=ce600662-ef66-413e-8883-bc782850a9d4&schain=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&aus=300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250&divids=div-gpt-ad-1602411747217-0%2Cdiv-gpt-ad-1602411747217-0%2Cdiv-gpt-ad-1602411747217-0%2Cdiv-gpt-ad-1602411747217-0%2Cdiv-gpt-ad-1602411747217-0&aucs=%252F39694909%252C22591923899%252FDBV%252FDBV-FansidedROS%2523div-gpt-ad-1602411747217-0%2C%252F39694909%252C22591923899%252FDBV%252FDBV-FansidedROS%2523div-gpt-ad-1602411747217-0%2C%252F39694909%252C22591923899%252FDBV%252FDBV-FansidedROS%2523div-gpt-ad-1602411747217-0%2C%252F39694909%252C22591923899%252FDBV%252FDBV-FansidedROS%2523div-gpt-ad-1602411747217-0%2C%252F39694909%252C22591923899%252FDBV%252FDBV-FansidedROS%2523div-gpt-ad-1602411747217-0&auid=540934835%2C541192057%2C543856208%2C556676089%2C545719853
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9370088ff6f051ceb78c424558b0167b35d8a7dcad511026248b9150b468a4fb

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:06 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame B002 		34 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2ba2ef30ace3adf9c893bc9486f384469f020eb1b332e58887e2311b4d496b9c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9665b3ae-8b15-41aa-a509-73dbbf43235b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame B002 		358 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&SafeFrame=true&CanonicalUrl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&PublisherDomain=https%3A%2F%2Fculturess.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
9f010e256c351c8f8fd0a611b34c2e889f5e72805a42f622ec7b9012088425ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
23
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
358
expires
0
bidRequest
c2shb.ssp.yahoo.com/ Frame B002 		62 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c0017474985ad89cda5ed603fd&pos=4850946&cmd=bid&secure=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9ff53355766c89d8351fe4062ce452f1b5d873949b64a0912f31bb3c014fa3b4

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:06 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://culturess.com
access-control-allow-credentials
true
content-length
62
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame B002 		186 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
c5b41ecba4bf2257b9d0aedc1dd44bdd1c078c0b25e59a4cc47a2942af6d5ff7

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:06 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
186
expires
0
cygnus
htlb.casalemedia.com/ Frame B002 		37 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%226464a8cf7a288d9%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%2C%22page%22%3A%22https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A1%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.1-c%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2265e5aabcdb16aac%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22581365%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22336x280%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22320x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F39694909%2C22591923899%2FDBV%2FDBV-FansidedROS%23div-gpt-ad-1602411747217-0%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22pub_yXO4Yd5V1rhJ%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ce600662-ef66-413e-8883-bc782850a9d4%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bdae7879c27710be27ca450e99922421eb15c21278a37156db2d939a11ba5d8

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoQsmMi6ogBd4yDW3N0Lat%2FrPARE4kyck2rR7dbvFikRJYEU0s2GLSYlL3vBPgSlHGmZ1SyquaYNA0Oow4bFyLhVL5N6gDfIaLV9nMZys1KwSoK%2FnllawEGZZt8eg2UmVFO2QSIt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7460d6f1397d996c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
/
ghb1.adtelligent.com/v2/auction/ Frame B002 		1 KB
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
7a3514cae399947f561ddff61e01ca8c59d327ab99add43c020b0a17f9290476

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://culturess.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
320
prebid-request
onetag-sys.com/ Frame B002 		15 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://culturess.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
config.json
player.adtelligent.com/exchange_rates/307824/ Frame E5DE 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fculturess.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19241/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
7b38c432f96f8b1a3f63192174d9660c5b8f5f0d8e3170904c341376c56edde6

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:05 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 12:01:13 GMT
server
nginx
etag
W/"6315e509-847"
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
expires
Wed, 07 Sep 2022 17:56:05 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
avpb6.27.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1E00 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:06 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsPza884M0Hoj_wW4Duuk1KpQoDFKQnfgt18e-mPWQQRTqrWzv286WgZRI_Ke_dQaBg5_haAwZI8Jln-L5T68XkxLMqRJlB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20155
last-modified
Mon, 05 Sep 2022 05:26:07 GMT
server
UploadServer
etag
"19ef1bb54bb174173ff91d8a198fdcc3"
vary
Accept-Encoding
x-goog-hash
crc32c=ISjrfQ==, md5=Ge8btUuxdBc/+R2KGY/cww==
x-goog-generation
1662355567432736
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20155
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 18:01:06 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=culturess.com&rs=culturess.com&sid=44896&t=1662400565&cip=80.255.10.196&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662400565115-935559409326-007208-009-003599&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=56158603516&d39=&d65=&apppkg=&cd10=v21.5.0&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&cd6=stable&cd7=row1-column1&cd9=22591923899&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=61efc86b826fa14969030914&e=request&cb=1662400573147&asid=614337a85c49df000b43be8e%2C624ef036fd31be29be492375%2C614ca70120845e08015d7cfc%2C61f7b00dfdf82a166154d2a4%2C61ee6ef4a6c15a1f254981d5%2C628cf6ca9829fd6d455cfe92%2C614b567f9101b84b0b7a8835%2C626a93bb788722268e109138%2C61d709751f6e2139536b0306%2C61921642e078164902193389%2C61312cb99bd61a2e0c1d0f94%2C611dfa3275dc6a0c257fae79%2C619e33605e94025d3d427cd6%2C62723804be4a590dd848c288&ofpr=4.02%2C4%2C3.61%2C5.06%2C4.989%2C9.44%2C3.61%2C2.29%2C2.15%2C2.71%2C9.44%2C9.96%2C3.57%2C2.582&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000311
X-SpotX-Timing-SpotMarket
0.004240
X-SpotX-Timing-Page-Mux
0.001280
X-SpotX-Timing-Page-Require
0.000452
X-fe
115
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.008322
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000364
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004240
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001659
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
324642
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/324642?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000365
X-SpotX-Timing-SpotMarket
0.005815
X-SpotX-Timing-Page-Mux
0.000937
X-SpotX-Timing-Page-Require
0.000325
X-fe
142
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000030
X-SpotX-Timing-Page
0.012775
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000276
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005815
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.005015
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000382
X-SpotX-Timing-SpotMarket
0.005322
X-SpotX-Timing-Page-Mux
0.000972
X-SpotX-Timing-Page-Require
0.000411
X-fe
066
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000034
X-SpotX-Timing-Page
0.010416
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000326
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005322
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002953
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000377
X-SpotX-Timing-SpotMarket
0.005015
X-SpotX-Timing-Page-Mux
0.000965
X-SpotX-Timing-Page-Require
0.000431
X-fe
092
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.010404
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000387
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005015
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.003208
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000017
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000343
X-SpotX-Timing-SpotMarket
0.005119
X-SpotX-Timing-Page-Mux
0.000947
X-SpotX-Timing-Page-Require
0.000297
X-fe
064
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.008923
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000376
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005119
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001826
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000262
X-SpotX-Timing-SpotMarket
0.003469
X-SpotX-Timing-Page-Mux
0.000879
X-SpotX-Timing-Page-Require
0.000464
X-fe
062
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.006973
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000300
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003469
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001582
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=51ef5666-3690-44e7-802f-efe1bca5be6e&nocache=1662400573304&us_privacy=1---&pubcid=ce600662-ef66-413e-8883-bc782850a9d4&schain=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557060392&vwd=400&vht=300&aumfs=4000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:06 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://culturess.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000639
X-SpotX-Timing-SpotMarket
0.004347
X-SpotX-Timing-Page-Mux
0.002026
X-SpotX-Timing-Page-Require
0.000336
X-fe
095
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.009559
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000308
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004347
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001887
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000319
X-SpotX-Timing-SpotMarket
0.004612
X-SpotX-Timing-Page-Mux
0.001083
X-SpotX-Timing-Page-Require
0.000367
X-fe
141
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000028
X-SpotX-Timing-Page
0.010078
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000314
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004612
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.003343
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000347
X-SpotX-Timing-SpotMarket
0.004511
X-SpotX-Timing-Page-Mux
0.001201
X-SpotX-Timing-Page-Require
0.000381
X-fe
138
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.009416
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000453
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004511
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002504
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000017
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000739
X-SpotX-Timing-SpotMarket
0.004519
X-SpotX-Timing-Page-Mux
0.001293
X-SpotX-Timing-Page-Require
0.000370
X-fe
089
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.009450
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000318
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004519
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002195
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000321
X-SpotX-Timing-SpotMarket
0.003736
X-SpotX-Timing-Page-Mux
0.001046
X-SpotX-Timing-Page-Require
0.000426
X-fe
052
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.007674
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000466
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003736
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001658
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000017
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
324641
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/324641?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.001311
X-SpotX-Timing-SpotMarket
0.008265
X-SpotX-Timing-Page-Mux
0.002334
X-SpotX-Timing-Page-Require
0.000432
X-fe
137
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
X-SpotX-Timing-Page
0.016921
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000389
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.008265
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.004149
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=dfaf0cd373e9a519ecf8cdecfedcb1e0_199081_1662400565797&tm=3487&eT=0&widgetWidth=300&widgetHeight=322&widgetX=1065&widgetY=572&wRV=2000874&pVis=1&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&rtt=575&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 05 Sep 2022 17:56:06 GMT
content-encoding
gzip
X-TraceId
6d477de107083dd9fd8708201214d9ca
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=f485af47a33d5f3231057f47160791ad_199081_1662400565957&tm=3492&eT=0&widgetWidth=300&widgetHeight=278&widgetX=1065&widgetY=918&wRV=2000874&pVis=1&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&rtt=575&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 05 Sep 2022 17:56:06 GMT
content-encoding
gzip
X-TraceId
585d01e86d1b88e462074553cd991e26
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=d5e96c2cdda24a2bdd59f84902ecffb6_199081_1662400566080&tm=3494&eT=0&widgetWidth=300&widgetHeight=278&widgetX=1065&widgetY=1220&wRV=2000874&pVis=1&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&rtt=575&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 05 Sep 2022 17:56:06 GMT
content-encoding
gzip
X-TraceId
ab76d368c85afdd8d2447aff4c5a2562
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
eyJpdSI6IjkzZDBmNWJiMDU4Y2Y1NWI1MGY4MjExMzQyM2M1OTI3MWNiMzYxZjlmNjMzMmMwZDNlMjc4OTAzOTYxYTI1YmUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkzZDBmNWJiMDU4Y2Y1NWI1MGY4MjExMzQyM2M1OTI3MWNiMzYxZjlmNjMzMmMwZDNlMjc4OTAzOTYxYTI1YmUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
59f207b3633adea702cc54e564a0f791c00874044e875a3591333d1e14c696de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:06 GMT
last-modified
Mon, 15 Aug 2022 06:48:10 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=621854
access-control-allow-credentials
false
x-traceid
8a336c18b724ecb06ff9adccca0a6c75
timing-allow-origin
*, *
content-length
82948
eyJpdSI6IjAyNGQyYWRmMDQ4YmQyYWNhZTI5N2JkMjQyOTY3MTk3ZDc3ZWJmM2Y5YjNmOWVmNzRlY2MyZWMwODgxZjllZDYiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjAyNGQyYWRmMDQ4YmQyYWNhZTI5N2JkMjQyOTY3MTk3ZDc3ZWJmM2Y5YjNmOWVmNzRlY2MyZWMwODgxZjllZDYiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f1251842b74330773699f769f12f2634b163cd84d9f232668c59bb92d71b001c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:06 GMT
last-modified
Fri, 19 Aug 2022 13:18:11 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1218465
access-control-allow-credentials
false
x-traceid
1fc45a8ecdbd71f57859554fe3b60ec5
timing-allow-origin
*, *
content-length
40192
eyJpdSI6IjA0MmYxYjI3NGMxMGYzMzgzMzhlYzgzODQ1MmM0NjQxOGM0OGE3OGZlMTU2YTczN2Q4MGQ5OWZiYTU4MjJmOTAiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjA0MmYxYjI3NGMxMGYzMzgzMzhlYzgzODQ1MmM0NjQxOGM0OGE3OGZlMTU2YTczN2Q4MGQ5OWZiYTU4MjJmOTAiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0a4e927973c5b619eaab045178678c3bc6f893521882f15d541c312c2ee882db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:06 GMT
last-modified
Mon, 05 Sep 2022 14:49:59 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2456931
access-control-allow-credentials
false
x-traceid
27d139f585d7282869106dd8706e5c35
timing-allow-origin
*, *
content-length
41972
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=dfaf0cd373e9a519ecf8cdecfedcb1e0&pvId=a8dac4ece6b196dfddbf0a82298124cc&sid=5756244&pid=199081&idx=7&wId=1515&pad=1&org=0&tm=3504&eT=3&cnsnt=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&wRV=2000874&pVis=1&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:06 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
5b5e643f2658358a00543eebc93e234c
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=f485af47a33d5f3231057f47160791ad&pvId=a8dac4ece6b196dfddbf0a82298124cc&sid=5756244&pid=199081&idx=8&wId=1515&pad=1&org=0&tm=3504&eT=3&cnsnt=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&wRV=2000874&pVis=1&lsd=-1&eIdx=2&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:06 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
76a66c2b32f5bfe890e94e6785092817
Content-Length
4
Expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=culturess.com&rs=culturess.com&sid=44896&t=1662400565&cip=80.255.10.196&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662400565115-935559409326-007208-009-003599&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=56158603516&d39=&d65=&apppkg=&cd10=v21.5.0&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&cd6=stable&cd7=row1-column1&cd9=22591923899&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=61efc86b826fa14969030914&e=request&cb=1662400573448&asid=624ef036fd31be29be492375%2C61f7b12c80b47b211a52de37%2C61312c6f520a741f1b4d5991%2C60fe8e778b51f207f669ae25%2C626a93bb788722268e109138%2C614b567f9101b84b0b7a8835%2C61dc008b892e0d58f9617858%2C61921642e078164902193389%2C61d709751f6e2139536b0306%2C619e33605e94025d3d427cd6&ofpr=4%2C5.06%2C2.93%2C2.64%2C2.29%2C3.61%2C2.995%2C2.71%2C2.15%2C3.57&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000378
X-SpotX-Timing-SpotMarket
0.004798
X-SpotX-Timing-Page-Mux
0.000851
X-SpotX-Timing-Page-Require
0.000466
X-fe
030
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000027
X-SpotX-Timing-Page
0.010973
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000275
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004798
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.004162
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=67bb76ef-118a-4cc5-9101-c5e56586db1d&nocache=1662400573455&us_privacy=1---&pubcid=ce600662-ef66-413e-8883-bc782850a9d4&schain=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557060392&vwd=400&vht=300&aumfs=4000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:06 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000313
X-SpotX-Timing-SpotMarket
0.004204
X-SpotX-Timing-Page-Mux
0.001270
X-SpotX-Timing-Page-Require
0.000487
X-fe
001
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.009327
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000476
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004204
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002555
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000481
X-SpotX-Timing-SpotMarket
0.005581
X-SpotX-Timing-Page-Mux
0.000946
X-SpotX-Timing-Page-Require
0.000412
X-fe
032
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000006
X-SpotX-Timing-Page
0.009449
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000350
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005581
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001659
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://culturess.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000531
X-SpotX-Timing-SpotMarket
0.004170
X-SpotX-Timing-Page-Mux
0.001090
X-SpotX-Timing-Page-Require
0.000485
X-fe
008
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000035
X-SpotX-Timing-Page
0.011934
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000380
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004170
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.005227
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000326
X-SpotX-Timing-SpotMarket
0.004695
X-SpotX-Timing-Page-Mux
0.001598
X-SpotX-Timing-Page-Require
0.000410
X-fe
104
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.009337
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000474
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004695
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001814
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000017
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000283
X-SpotX-Timing-SpotMarket
0.003724
X-SpotX-Timing-Page-Mux
0.001011
X-SpotX-Timing-Page-Require
0.000396
X-fe
071
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.007341
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000290
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003724
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001619
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
324642
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/324642?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000294
X-SpotX-Timing-SpotMarket
0.003331
X-SpotX-Timing-Page-Mux
0.000967
X-SpotX-Timing-Page-Require
0.000362
X-fe
049
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.008215
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000276
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003331
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002947
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:06 GMT
X-SpotX-Timing-Transform
0.000282
X-SpotX-Timing-SpotMarket
0.003409
X-SpotX-Timing-Page-Mux
0.000948
X-SpotX-Timing-Page-Require
0.000385
X-fe
094
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000020
X-SpotX-Timing-Page
0.007803
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000299
Last-Modified
Mon, 05 Sep 2022 17:56:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003409
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002449
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pd
u.openx.net/w/1.0/ Frame 4139 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 05 Sep 2022 17:56:06 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 3CCC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1662400573474&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame F801 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 05 Sep 2022 17:56:06 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 4E3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1662400573326&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame FF5B 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 05 Sep 2022 17:56:06 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://p.safeservingcdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://p.safeservingcdn.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Mon, 05 Sep 2022 17:56:07 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
prebid-request
onetag-sys.com/ Frame E5DE 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19241/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
rtb.adxpremium.services/openrtb2/ Frame E5DE 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame E5DE 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19241/hb_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
58add5872e6b0c5c5c2df1fa9aebdcc06e3b56a4fee5538c5e68debf28d38b2f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:07 GMT
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b910ae4c-c3bb-4ed8-8b92-706f2c9cbefb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame E5DE 		0
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19241/hb_307825_11598.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame E5DE 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=40031891902
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19241/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:06 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://p.safeservingcdn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame E5DE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19241/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Mon, 05 Sep 2022 17:56:07 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
loadMonitor.js
cdn.wazimo.com/engine/common/widgets/mmlogger/ 		561 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.wazimo.com/engine/common/widgets/mmlogger/loadMonitor.js
Requested by
Host: cdn.wazimo.com
URL: https://cdn.wazimo.com/engine/common/widgets/mmlogger/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4579 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35507afa8f30bc00343eaca8c0f6cee6e2657bd90904d5b03f2c795a42b103ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 07 Aug 2022 08:27:19 GMT
server
cloudflare
age
5945
etag
W/"62ef7767-28c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwMjfCCsqzOVSdI4X22bI47LWiDnUdmudg9VBwTq%2FLnLHxi6JHwLefyHJAXV4Kh2uexMAdd0xUlzkKAiIdfzzgQNplyyZvNWgyF%2FL%2Fxl6CMe0al83ew%2BndPkPc0Khk1iTnj38En8FB%2BydYmX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=652
cf-ray
7460d6fb88139193-FRA
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
minify
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame B002 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:07 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 06 Sep 2022 17:56:07 GMT
mut
ghb.adtelligent.com/adunit/ Frame E5DE 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19240/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.safeservingcdn.com
Date
Mon, 05 Sep 2022 17:56:07 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B002 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:08 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:08 GMT
server
nginx
etag
W/"63041db0-15cdc"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 06 Sep 2022 17:56:08 GMT
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159660
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:06 GMT
content-length
0
sync
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/sync?px=1&src=prebid&
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pd
u.openx.net/w/1.0/ 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:08 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=ed5c9c44-9786-49b2-afd1-64b17bce6157
  • https://x.bidswitch.net/ul_cb/sync?ssp=insticator&custom_data=ed5c9c44-9786-49b2-afd1-64b17bce6157
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=02f3aee3-2a95-4594-9955-bb3b2f2455dc&ssp=insticator&gdpr=&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=02f3aee3-2a95-4594-9955-bb3b2f2455dc&ssp=insticator&gdpr=&gdpr_consent=
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:08 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=02f3aee3-2a95-4594-9955-bb3b2f2455dc&ssp=insticator&gdpr=&gdpr_consent=
Date
Mon, 05 Sep 2022 17:56:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ 		95 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:08 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
ed5c9c44-9786-49b2-afd1-64b17bce6157
ex.ingage.tech/v1/sync/yahoo/
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/yahoo?userId=ed5c9c44-9786-49b2-afd1-64b17bce6157&to=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58602%2Focc
  • https://ups.analytics.yahoo.com/ups/58602/occ
  • https://ex.ingage.tech/v1/syncPage/yahoo?uid=y-7.z7CiBE2uHZZfEDFC_0D1jdRX6Vs0qJKmE3fOY-~A
  • https://ex.ingage.tech/v1/sync/yahoo/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=y-7.z7CiBE2uHZZfEDFC_0D1jdRX6Vs0qJKmE3fOY-~A
0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/yahoo/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=y-7.z7CiBE2uHZZfEDFC_0D1jdRX6Vs0qJKmE3fOY-~A
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xa9r%2FyMB38Vm%2BDvNdATDcWLYPrw1vIxiC9KoJ6CK7jCjl9GzkVmhZlv1zsjwJRP259%2F1L6fNecmjhUWESBNRQwpsbeY%2Fc%2BjjLCRLXTAFu%2BKtupZbk8rLi5LZOcwrwQrtd%2BkRX4g9WHW4PlDOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
7460d7002fbd9baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 05 Sep 2022 17:56:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h26cdyyDihhGM%2B1tSKEsZukaLhJlHWqKoDuYVXofaNoYmC5rgezJLROfsxDYWdkAjIOs%2Fz9ZrZaTSANsbRD9YxHFnyj70EPdF5B1CBW%2B5v4aRZjw6%2Bna54%2F%2FFMid%2F1waWmq8OJLG3BI5LBNoqw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/v1/sync/yahoo/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=y-7.z7CiBE2uHZZfEDFC_0D1jdRX6Vs0qJKmE3fOY-~A
access-control-allow-credentials
true
cf-ray
7460d6ff5e3f9baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
ed5c9c44-9786-49b2-afd1-64b17bce6157
ex.ingage.tech/v1/sync/amx/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2Fed5c9c44-9786-49b2-afd1-64b17bce6157%3Fuid%3D
  • https://ex.ingage.tech/v1/sync/amx/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=c7cd6a51-6f36-4e92-a4ee-bbb8999f6252&gdpr=0&gdpr_consent=&us_privacy=
0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/amx/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=c7cd6a51-6f36-4e92-a4ee-bbb8999f6252&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTUuVJ7xSYZKaK9ISTrplIw6iwpysSGiaf1DQqrRusty4214wwAImpkrR%2BjS3Smo6J3GhUr7kV18ALUPghx1y0VR5LDXLnL6OdgRGjiKN6f7gsDjBAyfX1Q5GtgkAmaQOG1VbX4GaGWuV47lrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
7460d6feace69baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
https://ex.ingage.tech/v1/sync/amx/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=c7cd6a51-6f36-4e92-a4ee-bbb8999f6252&gdpr=0&gdpr_consent=&us_privacy=
date
Mon, 05 Sep 2022 17:56:07 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
v1
match.sharethrough.com/universal/
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/sharethrough?userId=ed5c9c44-9786-49b2-afd1-64b17bce6157&to=https%3A%2F%2Fmatch.sharethrough.com%2Funiversal%2Fv1%3Fsupply_id%3Djc3Tkmr6
  • https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Server
35.158.53.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-53-117.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:08 GMT

Redirect headers

date
Mon, 05 Sep 2022 17:56:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhN4Oh%2B0KgnOFzmOL3PxudFmup9TFiJ8sNAPBQXa3%2B4chKZuYZtrWsAPOpEoytv1Yu4s3SxJVpFFVKaPpnwypIrG9kraiRsO0N5ncNegwi9eFIU8f5Lf16aVvaEogzVcEHDoK6gAeX8FbQMYdw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6
access-control-allow-credentials
true
cf-ray
7460d6fe9cb69baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
ed5c9c44-9786-49b2-afd1-64b17bce6157
ex.ingage.tech/v1/sync/sovrn/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Fed5c9c44-9786-49b2-afd1-64b17bce6157%3Fuid%3D%24UID
  • https://ex.ingage.tech/v1/sync/sovrn/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=FRD0uBZHkXVplsWoQnKNqHXJ
0
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/sovrn/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=FRD0uBZHkXVplsWoQnKNqHXJ
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCbmt%2FVWTcxSkjBC7s0ExHbDNfacHij%2BnmTwDO4VuYESiNWM60lAOKtppq6QSYTaYiVUZGxRaFnOE4YrmAzkON26Jasv0a0azwwXsTxw8umUagPdR2op6vIZPTMUDkA8JSg5dG7Uc5DcO1aOKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
7460d6feace99baa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 05 Sep 2022 17:56:08 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
location
https://ex.ingage.tech/v1/sync/sovrn/ed5c9c44-9786-49b2-afd1-64b17bce6157?uid=FRD0uBZHkXVplsWoQnKNqHXJ
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
access-control-allow-credentials
true
connection
close
access-control-allow-headers
X-Requested-With, Content-Type
score.min.js
js.ad-score.com/ 		342 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000690
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:8c00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b366b9bf5b25904baa338c952865b1930f64efcbfdcd932da4bc38016d12dfcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 13:59:01 GMT
Content-Encoding
gzip
Age
14227
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Mon, 05 Sep 2022 13:59:01 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
VIE50-P1
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
XMiGdPp1FgYzJrsKElzXEDzgES9PeoORHM-K0ePqECsZNNFiL1Yjxg==
Expires
Tue, 06 Sep 2022 13:59:01 GMT
log-viewability
log.outbrainimg.com/api/loggerBatch/ 		4 B
325 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:08 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
d51e0125b34a453a0ab2ac65f0d86788
Content-Length
4
Expires
0
cors
data.ad-score.com/data/ 		50 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=aUBgajoYmKWDFIMczItPLMvHRXIRsyLX-FE7fPshldVrlKDUT2HrPEUw=-E0zHPs5vbVHmNw==&pm_ct=e4afcf7be070ae6e0d15364e&pm_pl=1662400575711&pm_td=8&pid=1000690&en=1.1&callback=__pm_glbl_ahfdaFWwPfZoFn7miCG6Og9J._gc1&v=faa5f06
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000690
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
9eba94335eda1e5ce0687b9d23412342bea382a25adfbb24c9cab53750b0bb81

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:08 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
50
x.html
js.ad-score.com/ Frame 930A 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000690
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:8c00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
70bb3612f638898cab7ec20489bacefed12aa916a20b724014957f451c7f098a

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
52437
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Sep 2022 13:58:58 GMT
Last-Modified
Sun, 04 Sep 2022 13:35:27 GMT
Transfer-Encoding
chunked
Via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
X-Amz-Cf-Id
bCMlLh5L8-eD90FmlctQSAPogVhwPimDDyu2RVB0BSlIbO8kNjxzHQ==
X-Amz-Cf-Pop
VIE50-P1
X-Cache
Hit from cloudfront
truncated
/ Frame 5C24 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
ea6fbf36-dffa-43a3-9222-bc932d845c92
https://culturess.com/ 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://culturess.com/ea6fbf36-dffa-43a3-9222-bc932d845c92
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17d8be269a7c8c056019540e8184e4c95d349ff3d80253bd43923621b31f8d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
10517
Content-Type
text/javascript
c3031b46-881c-461b-bda2-f3fc9de80417
https://culturess.com/ 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://culturess.com/c3031b46-881c-461b-bda2-f3fc9de80417
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ 		1 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=aUBgajoYmKWDFIMczItPLMvHRXIRsyLX-FE7fPshldVrlKDUT2HrPEUw=-E0zHPs5vbVHmNw==&pm_ct=e4afcf7be070ae6e0d15364e&pm_pl=1662400575711&pm_td=215&pid=1000690&en=1.1&callback=__pm_glbl_ahfdaFWwPfZoFn7miCG6Og9J._gc2&v=faa5f06
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000690
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://culturess.com
Date
Mon, 05 Sep 2022 17:56:08 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/gif
cors
data.ad-score.com/data/ 		1 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=aUBgajoYmKWDFIMczItPLMvHRXIRsyLX-FE7fPshldVrlKDUT2HrPEUw=-E0zHPs5vbVHmNw==&pm_ct=e4afcf7be070ae6e0d15364e&pm_pl=1662400575711&pm_td=307&pid=1000690&en=1.1&callback=__pm_glbl_ahfdaFWwPfZoFn7miCG6Og9J._gc3&v=faa5f06
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000690
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://culturess.com
Date
Mon, 05 Sep 2022 17:56:08 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
d3fc7ead-2c25-4ed9-b45c-20a8a2f07c89
https://culturess.com/ 		288 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://culturess.com/d3fc7ead-2c25-4ed9-b45c-20a8a2f07c89
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
x.html
js.ad-score.com/ Frame 930A 		0
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000690
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000690
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:8c00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.ad-score.com/x.html?pid=1000690
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 13:58:58 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Sun, 04 Sep 2022 13:35:27 GMT
Age
52437
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
VIE50-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
RWJBF8rGJvJB65uIsJuVnIjJCmyFJbOKF45JwvnY4DtQWTssA4jWWw==
Via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame E5DE 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19241/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:08 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 06 Sep 2022 17:56:08 GMT
syncframe
gum.criteo.com/ Frame 7CEC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=culturess.com&gdpr=1&gdpr_consent=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a4341c4c513889841887be579831125200a94753a15e19bec0252a8569b3a931
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 17:56:09 GMT
server
Kestrel
server-processing-duration-in-ticks
339949
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame E5DE 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:08 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:08 GMT
server
nginx
etag
W/"63041db0-15cdc"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 06 Sep 2022 17:56:08 GMT
cors
data.ad-score.com/data/ 		1 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=aUBgajoYmKWDFIMczItPLMvHRXIRsyLX-FE7fPshldVrlKDUT2HrPEUw=-E0zHPs5vbVHmNw==&pm_ct=e4afcf7be070ae6e0d15364e&pm_pl=1662400575711&pm_td=393&pid=1000690&en=1.1&callback=__pm_glbl_ahfdaFWwPfZoFn7miCG6Og9J._gc4&v=faa5f06
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000690
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://culturess.com
Date
Mon, 05 Sep 2022 17:56:09 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
multitracking
ghb.spotim.market/adunit/ Frame B002 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461777/hbw_master_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://culturess.com
Date
Mon, 05 Sep 2022 17:56:08 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
cors
data.ad-score.com/data/ 		1 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=aUBgajoYmKWDFIMczItPLMvHRXIRsyLX-FE7fPshldVrlKDUT2HrPEUw=-E0zHPs5vbVHmNw==&pm_ct=e4afcf7be070ae6e0d15364e&pm_pl=1662400575711&pm_td=482&pid=1000690&en=1.1&callback=__pm_glbl_ahfdaFWwPfZoFn7miCG6Og9J._gc5&v=faa5f06
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000690
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://culturess.com
Date
Mon, 05 Sep 2022 17:56:09 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=culturess.com&rs=culturess.com&sid=44896&t=1662400565&cip=80.255.10.196&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662400565115-935559409326-007208-009-003599&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=56158603516&d39=&d65=&apppkg=&cd10=v21.5.0&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&cd6=stable&cd7=row1-column1&cd9=22591923899&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=61efc86b826fa14969030914&e=request&cb=1662400576522&asid=624ef036fd31be29be492375%2C61f7b12c80b47b211a52de37%2C60fe8e778b51f207f669ae25%2C61dc008b892e0d58f9617858&ofpr=4%2C5.06%2C2.64%2C2.995&fpo=%2C%2C%2C
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
324642
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/324642?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:09 GMT
X-SpotX-Timing-Transform
0.000279
X-SpotX-Timing-SpotMarket
0.003363
X-SpotX-Timing-Page-Mux
0.000887
X-SpotX-Timing-Page-Require
0.000284
X-fe
020
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000024
X-SpotX-Timing-Page
0.007560
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000259
Last-Modified
Mon, 05 Sep 2022 17:56:09 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003363
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002451
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=97f539df-f902-44f7-ba7a-8b008d5379f0&nocache=1662400576532&us_privacy=1---&pubcid=ce600662-ef66-413e-8883-bc782850a9d4&schain=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557060392&vwd=400&vht=300&aumfs=4000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:09 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:09 GMT
X-SpotX-Timing-Transform
0.000691
X-SpotX-Timing-SpotMarket
0.003740
X-SpotX-Timing-Page-Mux
0.001184
X-SpotX-Timing-Page-Require
0.000470
X-fe
086
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.008938
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000407
Last-Modified
Mon, 05 Sep 2022 17:56:09 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003740
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002428
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:09 GMT
X-SpotX-Timing-Transform
0.000294
X-SpotX-Timing-SpotMarket
0.003985
X-SpotX-Timing-Page-Mux
0.001120
X-SpotX-Timing-Page-Require
0.000565
X-fe
114
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000022
X-SpotX-Timing-Page
0.009353
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000400
Last-Modified
Mon, 05 Sep 2022 17:56:09 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003985
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.002955
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=culturess.com&rs=culturess.com&sid=44896&t=1662400565&cip=80.255.10.196&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662400565115-935559409326-007208-009-003599&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=56158603516&d39=&d65=&apppkg=&cd10=v21.5.0&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&cd6=stable&cd7=row1-column1&cd9=22591923899&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=61efc86b826fa14969030914&e=request&cb=1662400576571&asid=624ef036fd31be29be492375&ofpr=4&fpo=
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1a9c3d6e-8746-4c8d-b662-17e975aab5db&nocache=1662400576574&us_privacy=1---&pubcid=ce600662-ef66-413e-8883-bc782850a9d4&schain=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557060392&vwd=400&vht=300&aumfs=4000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:09 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=culturess.com&rs=culturess.com&sid=44896&t=1662400565&cip=80.255.10.196&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662400565115-935559409326-007208-009-003599&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=56158603516&d39=&d65=&apppkg=&cd10=v21.5.0&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&cd6=stable&cd7=row1-column1&cd9=22591923899&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=61efc86b826fa14969030914&e=request&cb=1662400576611&asid=624ef036fd31be29be492375&ofpr=4&fpo=
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e71887fc-157a-4514-89bb-a556b790b238&nocache=1662400576619&us_privacy=1---&pubcid=ce600662-ef66-413e-8883-bc782850a9d4&schain=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557060392&vwd=400&vht=300&aumfs=4000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:09 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://culturess.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame 7CEC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.safeservingcdn.com&sn=ChromeSyncframe&so=0&topUrl=culturess.com&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=w3wyoHxWUEVIVWRodTFSbXNCcFJUSE1lV3pjNWxRK0k4bVE5aEx5bTFGeURlWkxESHBOT05GZ1orRXhnYVJwaWEwdy9PSmIxczU2M1cySEdYbXBHZ04xSXl5SzRjZjllQjZHRTNranlMdlBPVmxNN3JRNmg3cE14dHc0dm...
340 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=w3wyoHxWUEVIVWRodTFSbXNCcFJUSE1lV3pjNWxRK0k4bVE5aEx5bTFGeURlWkxESHBOT05GZ1orRXhnYVJwaWEwdy9PSmIxczU2M1cySEdYbXBHZ04xSXl5SzRjZjllQjZHRTNranlMdlBPVmxNN3JRNmg3cE14dHc0dmR5ZmkxaUowWmE3ZXR2dExYbXFlT2p5c0RvVGg1M00xcFYzMEVZRDI0SXNCUTNCc1U5LzlvMTJaa3ZBUWtNYW5TRnRMK1hHQ3JWY3RackJobXl1b3RMQU9VamI2dzRKMHA0NEV0TlBQZ25BbStaUjVKTFpRPXw&cppv=2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a4ec3b885793a7f614d15175f491e315191ae826c964b94436deb5594885746f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:09 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2972311
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:08 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=w3wyoHxWUEVIVWRodTFSbXNCcFJUSE1lV3pjNWxRK0k4bVE5aEx5bTFGeURlWkxESHBOT05GZ1orRXhnYVJwaWEwdy9PSmIxczU2M1cySEdYbXBHZ04xSXl5SzRjZjllQjZHRTNranlMdlBPVmxNN3JRNmg3cE14dHc0dmR5ZmkxaUowWmE3ZXR2dExYbXFlT2p5c0RvVGg1M00xcFYzMEVZRDI0SXNCUTNCc1U5LzlvMTJaa3ZBUWtNYW5TRnRMK1hHQ3JWY3RackJobXl1b3RMQU9VamI2dzRKMHA0NEV0TlBQZ25BbStaUjVKTFpRPXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
294252
content-length
0
expires
0
cors
data.ad-score.com/data/ 		1 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=aUBgajoYmKWDFIMczItPLMvHRXIRsyLX-FE7fPshldVrlKDUT2HrPEUw=-E0zHPs5vbVHmNw==&pm_ct=e4afcf7be070ae6e0d15364e&pm_pl=1662400575711&pm_td=1283&pid=1000690&en=1.1&callback=__pm_glbl_ahfdaFWwPfZoFn7miCG6Og9J._gc6&v=faa5f06
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000690
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://culturess.com
Date
Mon, 05 Sep 2022 17:56:09 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=culturess.com&rs=culturess.com&sid=44896&t=1662400565&cip=80.255.10.196&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662400565115-935559409326-007208-009-003599&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=56158603516&d39=&d65=&apppkg=&cd10=v21.5.0&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&cd6=stable&cd7=row1-column1&cd9=22591923899&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 17:56:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mut
ghb.adtelligent.com/adunit/ Frame E5DE 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19240/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.safeservingcdn.com
Date
Mon, 05 Sep 2022 17:56:09 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fculturess.com%2F&domain=culturess.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://culturess.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 05 Sep 2022 17:56:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
247586
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame B002
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fculturess.com%2F&domain=culturess.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=qs8OUXx2cG5uWDBrbnZhSWlNd0tvRXRvZ09RTUNxSVdieXV5Y0NaMHFFVCtxWjVuZk1tcVg3Q3MyeEFxamI4RG1sVXNWbEdkWEUrSkRCSW92NTZoekMxVzN2V2xZQnRFaHdhTFZObi9IWjRuNEV4VDhzSVRTeEw4eVRaTl...
419 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qs8OUXx2cG5uWDBrbnZhSWlNd0tvRXRvZ09RTUNxSVdieXV5Y0NaMHFFVCtxWjVuZk1tcVg3Q3MyeEFxamI4RG1sVXNWbEdkWEUrSkRCSW92NTZoekMxVzN2V2xZQnRFaHdhTFZObi9IWjRuNEV4VDhzSVRTeEw4eVRaTlJ6cFFSd2dURTV3c2VXa1NUZGV3UkVwV01rd2UwQVpqSm9mZGtQZm5LR0FIeTBQV3VBaW9VSDRleE05aHl0bTkvRU16MDFKbldieUZUclg3ZVlNdStvOTV2eVF0aUd1dmhaOWNVVHlYNFV4eTM3bk1QR0lPT0xiTGhmeGlsNlBYb1l6cnd6RzN6SWJTWFZNdG1mRUQ2aEp5cUM4bFJMUT09fA&cppv=2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cc3e6072a9ecc0f4908ce3001677722b321672be97cb044f3eb54be1951b1758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:11 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1947335
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:11 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qs8OUXx2cG5uWDBrbnZhSWlNd0tvRXRvZ09RTUNxSVdieXV5Y0NaMHFFVCtxWjVuZk1tcVg3Q3MyeEFxamI4RG1sVXNWbEdkWEUrSkRCSW92NTZoekMxVzN2V2xZQnRFaHdhTFZObi9IWjRuNEV4VDhzSVRTeEw4eVRaTlJ6cFFSd2dURTV3c2VXa1NUZGV3UkVwV01rd2UwQVpqSm9mZGtQZm5LR0FIeTBQV3VBaW9VSDRleE05aHl0bTkvRU16MDFKbldieUZUclg3ZVlNdStvOTV2eVF0aUd1dmhaOWNVVHlYNFV4eTM3bk1QR0lPT0xiTGhmeGlsNlBYb1l6cnd6RzN6SWJTWFZNdG1mRUQ2aEp5cUM4bFJMUT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
275656
content-length
0
expires
0
692.json
id5-sync.com/g/v2/ Frame B002 		216 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
971cdbd79f0cfc0ed09bac40313fe47c2d3b856d5659800de0fa40e090bdff4d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://culturess.com
date
Mon, 05 Sep 2022 17:56:10 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame B002 		63 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.72.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-72-119.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d8979fc4115bb665e2d98d532d4c70ea960c3f7585f269b52eea8ac6640a0336

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:11 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://culturess.com
cache-control
no-cache
x-server
10.45.2.124
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame B002 		63 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461777/hb_270443_8244.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f5dff53e17b2a4af2b3467bf749dd0a23129d08a5b492098e2d487b6c9c08252

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 17:56:10 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://culturess.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 05 Oct 2022 17:56:11 GMT
envelope
api.rlcdn.com/api/identity/ Frame B002 		0
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.safeservingcdn.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.safeservingcdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 05 Sep 2022 17:56:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
241071
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame E5DE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.safeservingcdn.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=b5gIinw3dG9KRGh1K1hmR2JnR1pFWURlYlJONCtwMU83Z0JFam9JdWZzaW9xQTJvcGo4SHhpZTVKSXFJUFhTQXlYVDd3NU1uT2s5UktHSWo2S3hUc3hRQWUxRkdvcW9mSGtIdDFlditqS1RXRTREY1Z2Zy9hcGtsajgxVz...
481 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=b5gIinw3dG9KRGh1K1hmR2JnR1pFWURlYlJONCtwMU83Z0JFam9JdWZzaW9xQTJvcGo4SHhpZTVKSXFJUFhTQXlYVDd3NU1uT2s5UktHSWo2S3hUc3hRQWUxRkdvcW9mSGtIdDFlditqS1RXRTREY1Z2Zy9hcGtsajgxVzU2L3pTUlV1bDdoM0tnOEtMMkhlRk1naVBydUFBUnNuYW1LODlrR1VGWFFpcXdZSzBuNm9lRzM2Ym5KZHdnNk5OY1ZZRWZXcnNwdm8xZElFM1BXQUFMQXVJaXExODh0S0tBcHovV0lFOTIvRUtQZlZlYkxaelZzLzhITm1BdUx2MlIrYkhva1B3SUdqZVVaeDZhZm1DQWJBSDBlSU1iUDlhZGJpT2NtRUdGZFBDY2NqOStLYz18&cppv=2
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b2f1d75b5f27cc61899d0f2791278fd3d10d658c92c3ce7352a87752cc17788f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:11 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1971322
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:11 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=b5gIinw3dG9KRGh1K1hmR2JnR1pFWURlYlJONCtwMU83Z0JFam9JdWZzaW9xQTJvcGo4SHhpZTVKSXFJUFhTQXlYVDd3NU1uT2s5UktHSWo2S3hUc3hRQWUxRkdvcW9mSGtIdDFlditqS1RXRTREY1Z2Zy9hcGtsajgxVzU2L3pTUlV1bDdoM0tnOEtMMkhlRk1naVBydUFBUnNuYW1LODlrR1VGWFFpcXdZSzBuNm9lRzM2Ym5KZHdnNk5OY1ZZRWZXcnNwdm8xZElFM1BXQUFMQXVJaXExODh0S0tBcHovV0lFOTIvRUtQZlZlYkxaelZzLzhITm1BdUx2MlIrYkhva1B3SUdqZVVaeDZhZm1DQWJBSDBlSU1iUDlhZGJpT2NtRUdGZFBDY2NqOStLYz18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
294902
content-length
0
expires
0
692.json
id5-sync.com/g/v2/ Frame E5DE 		215 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19241/hb_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
b3c0cd797d4faf3648dc84de4a0b8fc98bc6b9f4767cd5e6da3e78782b8be22a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Mon, 05 Sep 2022 17:56:11 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qs8OUXx2cG5uWDBrbnZhSWlNd0tvRXRvZ09RTUNxSVdieXV5Y0NaMHFFVCtxWjVuZk1tcVg3Q3MyeEFxamI4RG1sVXNWbEdkWEUrSkRCSW92NTZoekMxVzN2V2xZQnRFaHdhTFZObi9IWjRuNEV4VDhzSVRTeEw4eVRaTlJ6cFFSd2dURTV3c2VXa1NUZGV3UkVwV01rd2UwQVpqSm9mZGtQZm5LR0FIeTBQV3VBaW9VSDRleE05aHl0bTkvRU16MDFKbldieUZUclg3ZVlNdStvOTV2eVF0aUd1dmhaOWNVVHlYNFV4eTM3bk1QR0lPT0xiTGhmeGlsNlBYb1l6cnd6RzN6SWJTWFZNdG1mRUQ2aEp5cUM4bFJMUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 05 Sep 2022 17:56:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
578830
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=b5gIinw3dG9KRGh1K1hmR2JnR1pFWURlYlJONCtwMU83Z0JFam9JdWZzaW9xQTJvcGo4SHhpZTVKSXFJUFhTQXlYVDd3NU1uT2s5UktHSWo2S3hUc3hRQWUxRkdvcW9mSGtIdDFlditqS1RXRTREY1Z2Zy9hcGtsajgxVzU2L3pTUlV1bDdoM0tnOEtMMkhlRk1naVBydUFBUnNuYW1LODlrR1VGWFFpcXdZSzBuNm9lRzM2Ym5KZHdnNk5OY1ZZRWZXcnNwdm8xZElFM1BXQUFMQXVJaXExODh0S0tBcHovV0lFOTIvRUtQZlZlYkxaelZzLzhITm1BdUx2MlIrYkhva1B3SUdqZVVaeDZhZm1DQWJBSDBlSU1iUDlhZGJpT2NtRUdGZFBDY2NqOStLYz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 05 Sep 2022 17:56:12 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
407360
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixels
pix.spot.im/api/v1/ 		0
237 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ed8vmIJd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-91.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 17:56:13 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
0-oSGcsTrt68acW19yim62bsI0a-BSDrrY2bQ66XrgU4XwVDZpLoIQ==
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=culturess.com&rs=culturess.com&sid=44896&t=1662400565&cip=80.255.10.196&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662400565115-935559409326-007208-009-003599&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=56158603516&d39=&d65=&apppkg=&cd10=v21.5.0&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&cd6=stable&cd7=row1-column1&cd9=22591923899&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 17:56:17 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=496632634&t=event&ni=0&_s=1&dl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&ul=en-us&de=UTF-8&dt=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Timer&ea=15%20seconds&el=&_u=aGDAgEABAAAAAG~&jid=&gjid=&cid=660372148.1662400570&tid=UA-1577313-14&_gid=639148187.1662400570&gtm=2wg8v0KXFQXHB&cd1=&cd2=386&cd3=https%3A%2F%2Fculturess.com%2F%3Fp%3D198760&cd4=kspinney&cd5=ENTERTAINMENT&cd6=Culture&cd7=Fashion&cd8=Article&cd9=Payable%20Pageviews&cd10=web-staticPHP&cd11=Culturess&cd12=Culturess%2CFashion%2CBeauty%2C21%20Days%20of%20Beauty%2CUlta%2CUlta%20Beauty&cd13=386&cd14=198760&cd15=34200&cd16=Culturess&cd17=&cd23=en&cd24=en&cd27=Article&cd40=10&cd73=400&cd75=21%20Days%20of%20Beauty%20is%20back%20at%20Ulta%20with%20plenty%20of%20deals%20to%20choose%20from&cd78=4&cm1=400&cd29=0&cd31=no%20attempt&cd32=lifestyle%2Cfashion%2Cculture%2Cculturess%2Cbeauty%2C21%20days%20of%20beauty%2Culta%2Culta%20beauty&cd33=homepage%2Cauthor%2Fkspinney&cd34=none&cd35=invalid&cd38=830%3A467&cd41=video&cd42=vplayer&cd43=&cd44=none&cd45=none&cd46=yes&cd47=0&cd48=none&cd49=none&cd50=yes&cd51=none&cd52=0&cd53=fansided&cd54=O%26O%20-%20culturess%20-%20EN%20desktop%20Organic%20Podding%20Main&cd55=none&cd56=10%20sec&cd57=auto%20play&cd59=none&cd61=1&cd63=&cd64=none&cd65=&cd66=660&cd67=660&cd68=none&cd69=none&cd70=none&cd71=mmPlusNumberOfFoundPlayerOnPage&cd72=0&cd74=none&cd77=4.3.84&cd84=no&z=2018176981
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 10:49:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25634
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=49dd65f7ef38b8edfa5e34a38d793a5a&pvId=a8dac4ece6b196dfddbf0a82298124cc&sid=5756244&pid=199081&idx=1&wId=102&pad=0&org=0&tm=16920&eT=9&cnsnt=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&wRV=2000874&pVis=0&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:19 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
a555fc092d527b17d95e9075c262c6c8
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=f485af47a33d5f3231057f47160791ad&pvId=a8dac4ece6b196dfddbf0a82298124cc&sid=5756244&pid=199081&idx=8&wId=1515&pad=1&org=0&tm=18514&eT=9&cnsnt=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&wRV=2000874&pVis=1&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:21 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
b64f520a3b584149528a522a9d2b96ad
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=dfaf0cd373e9a519ecf8cdecfedcb1e0&pvId=a8dac4ece6b196dfddbf0a82298124cc&sid=5756244&pid=199081&idx=7&wId=1515&pad=1&org=0&tm=18514&eT=9&cnsnt=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&wRV=2000874&pVis=1&lsd=-1&eIdx=&cnsntV2=CPe1FgAPe1FgAAcABBENCfCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:21 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
9f496544968dee717609bce91b64e7f7
Content-Length
4
Expires
0
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=culturess.com&rs=culturess.com&sid=44896&t=1662400565&cip=80.255.10.196&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662400565115-935559409326-007208-009-003599&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=56158603516&d39=&d65=&apppkg=&cd10=v21.5.0&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&cd6=stable&cd7=row1-column1&cd9=22591923899&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 17:56:23 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=culturess.com&rs=culturess.com&sid=44896&t=1662400565&cip=80.255.10.196&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662400565115-935559409326-007208-009-003599&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=56158603516&d39=&d65=&apppkg=&cd10=v21.5.0&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&cd6=stable&cd7=row1-column1&cd9=22591923899&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 17:56:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		74 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_ed8vmIJd&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=36c37fa0-9944-4c57-b7c0-263a651db58f&AV_CDIM5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM9=22591923899&AV_CDIM10=v21.5.0&AV_SCHAIN=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=61efc86b826fa14969030914&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=culturess.com&AV_DADPOS=3&d36=6.2.53&responsive=1&sver=2&avtoken=571975&omv=1.0.1&clsid=a82ad107-fcc0-4a34-9efd-cb2fdba6ed90&rando=35&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1662400597818&AV_C_USER_ID=1662400565115-935559409326-007208-009-003599&wfc=27
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.192.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-192-96.compute-1.amazonaws.com
Software
/
Resource Hash
903c19f9a6b15c70d62b998454aae5ea2b663f74d13799e212fd17891639fe65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:30 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://culturess.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 25 Aug 2022 04:09:50 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=culturess.com&rs=culturess.com&sid=87336&t=1662400590&cip=80.255.10.196&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662400565115-935559409326-007208-009-003599&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=2472750862&d39=&d65=&apppkg=&cd1=sp_ed8vmIJd&cd2=Desktop&cd3=pitc&cd4=36c37fa0-9944-4c57-b7c0-263a651db58f&cd7=row1-column1&cd9=22591923899&cd10=v21.5.0&cd6=stable&cd5=03fftZR0O7ZFb8VVnTu2vNvEfXslVgo77oRYa0eOoPu-gNcwWQ2JlQoEUk3m0fIw&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=61efc86b826fa14969030914&e=request&cb=1662400598045&asid=614337343965e665fb4b2067%2C62d7f309c91b5e477f030b01%2C620e352b84a4a15021234014%2C611df9946bc7f31aa14cd70a%2C61ee6e90e4368b5f973ab86a%2C611bbf7754a9882a7910fd04%2C614ca74a3f22850e2c64516b%2C61d7094807dba842553f4634%2C61c097236cfc8b42b0224235&ofpr=2.36%2C8.75%2C7.087%2C5.81%2C4.989%2C8.375%2C2.75%2C2.15%2C17.9&fpo=%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 17:56:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
tag
p4dt2-980w2.ads.tremorhub.com/ad/ 		55 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p4dt2-980w2.ads.tremorhub.com/ad/tag?adCode=p4dt2-omhdu&playerWidth=400&playerHeight=300&srcPageUrl=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&supplyCode=p4dt2-980w2&mediaId=VideoId&schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,&transactionId=6e232ed9-5e1d-4763-aa23-d09a5a979145&floor=USD:8.375&referrer=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&us_privacy=1---&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:191d:3f4:ef20:24a8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
fa9b24f32547c7a8634822a7a062292f8e472dd99bd3c08ece7802ccaf27b0cb

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:31 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://culturess.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
324641
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/324641?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:30 GMT
X-SpotX-Timing-Transform
0.000239
X-SpotX-Timing-SpotMarket
0.003299
X-SpotX-Timing-Page-Mux
0.001425
X-SpotX-Timing-Page-Require
0.000340
X-fe
122
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000018
X-SpotX-Timing-Page
0.010693
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000281
Last-Modified
Mon, 05 Sep 2022 17:56:30 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003299
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.005080
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:30 GMT
X-SpotX-Timing-Transform
0.001321
X-SpotX-Timing-SpotMarket
0.003747
X-SpotX-Timing-Page-Mux
0.001073
X-SpotX-Timing-Page-Require
0.000405
X-fe
116
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
X-SpotX-Timing-Page
0.010272
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000320
Last-Modified
Mon, 05 Sep 2022 17:56:30 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003747
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.003368
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:30 GMT
X-SpotX-Timing-Transform
0.000286
X-SpotX-Timing-SpotMarket
0.004322
X-SpotX-Timing-Page-Mux
0.001092
X-SpotX-Timing-Page-Require
0.000498
X-fe
112
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.007937
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000320
Last-Modified
Mon, 05 Sep 2022 17:56:30 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004322
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001403
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://culturess.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=25724882&componentId=prebid&componentSubId=mustang&timestamp=1662400598058&pKey=-1001389162&_fw_us_privacy=1---&schain=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C!&loc=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&playerSize=400x300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-202.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:30 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://culturess.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1662400590843087-547
Expires
Mon, 05 Sep 2022 17:56:30 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:30 GMT
X-SpotX-Timing-Transform
0.000401
X-SpotX-Timing-SpotMarket
0.003612
X-SpotX-Timing-Page-Mux
0.000957
X-SpotX-Timing-Page-Require
0.000319
X-fe
041
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.007231
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000329
Last-Modified
Mon, 05 Sep 2022 17:56:30 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003612
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001599
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 05 Sep 2022 17:56:30 GMT
X-SpotX-Timing-Transform
0.000386
X-SpotX-Timing-SpotMarket
0.003896
X-SpotX-Timing-Page-Mux
0.000995
X-SpotX-Timing-Page-Require
0.000402
X-fe
023
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.007674
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000354
Last-Modified
Mon, 05 Sep 2022 17:56:30 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003896
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://culturess.com
X-SpotX-Timing-Page-Misc
0.001625
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://culturess.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2d2f424e7d15281466d452ed56716&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buse...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1dda_7139956175491326724&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MmQyZjQyNGU3ZDE1MjgxNDY2ZDQ1MmVkNTY3MTY=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBY3hNCl0IOF86rStt_UPQI&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: culturess.com
URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 17:56:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 17:56:32 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1662400592215088-600
Expires
Mon, 05 Sep 2022 17:56:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=aE5yLKaEir7lnyaKjGFx_2
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=aE5yLKaEir7lnyaKjGFx_2
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=aE5yLKaEir7lnyaKjGFx_2
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=aE5yLKaEir7lnyaKjGFx_2
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=8517197437325276119
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-T8tKKQVE2uEC1qdSiaK5wvxWJ5SAPnnR~A
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=02b51005-2d44-11ed-a8e3-129210fe0306
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=8517197437325276119
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=734125&extuid=$UID
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-7.z7CiBE2uHZZfEDFC_0D1jdRX6Vs0qJKmE3fOY-~A
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=${USER_ID}
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=${USER_ID}
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=${USER_ID}
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=${USER_ID}
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=${USER_ID}
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=aE5yLKaEir7lnyaKjGFx_2
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=${USER_ID}
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=${USER_ID}
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=aE5yLKaEir7lnyaKjGFx_2
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=${USER_ID}
Domain
rtb.adxpremium.services
URL
https://rtb.adxpremium.services/openrtb2/auction
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1432

Verdicts & Comments Add Verdict or Comment

258 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| apstag object| OneTrustStub function| OptanonWrapper function| showAds object| _wpemojiSettings object| mm_video_data object| mm_plugin_data object| fs_detect object| siteData function| $ function| jQuery function| iFrameResize object| dataLayer object| googletag object| __fs_dfp_targeting object| _comscore function| fsLongformScroll object| jQuery11240838755130768418 object| evtPreviewData object| disqusData function| lazyLoadInit function| siteSidebarMatchMainHeight function| fsTouchDetect function| fsUuid function| fsGetCookie function| sendDataToOneTrust function| setEuConsentCookie function| checkAdVisibility function| lazyLoadAd function| requestTick function| requestPinnedTick function| empty function| hidePinnedAd function| refreshPinnedAd function| showPinnedAd function| moveHeaderAdToTop function| attachGPTEvent function| breakingNewsDetect function| load_mosaic_slider function| loadHotStoriesSlider function| loadVideoSlider function| debounce function| throttle function| getSectionPos function| setMenuSelect object| adVars object| $nav function| resizeSetAppMenu function| scrollSetAppMenu object| Stickyfill string| ispage object| localforage object| infinityData object| wp object| infiniteScrollInitialData function| __tcfapi object| otStubData object| twemoji boolean| apstagLOADED object| _sp_ function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| wz boolean| loading object| ggeac object| google_tag_data object| google_js_reporting_queue object| webpackChunkgroundcontrol function| bootAd object| Audit object| STR object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| google_tag_manager function| postscribe object| google_tag_manager_external object| __twttrll object| twttr object| __twttr string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| interdeal function| getAdTypeCustParam function| getUserConsent function| getVideoCustParam function| getVideoTag object| s1 function| admiral function| 4dm1r11545242527 object| COMSCORE function| udm_ object| ns_p object| __otccpaooLocation string| my_las_uid object| gaplugins object| gaGlobal object| gaData function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI undefined| google_measure_js_timing object| otTCF object| otIabModule object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups function| onYouTubeIframeAPIReady object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| __SPOTIM__ object| process object| __OPEN_WEB__ string| OW_AD_UNIT_TYPE string| __SPOTIM_PAGE_VIEW_ID__ object| regeneratorRuntime object| DD_LOGS object| mmCommercialApi object| device object| mmPrebid object| adsbygoogle object| webpackChunkmplayer function| monti object| voltax object| monetizationEventsReporter object| $$mm-analytics number| rand string| adid_number number| protectedMediaResponseTimeStart function| removePlayers boolean| run_on_inner_pages string| pid function| getPMParams object| possibleUTMParams function| HandleResultFromPM boolean| resultHandled function| AdScoreCORS function| fire_err_pixel function| getQueryParams object| query function| setCookie function| getCookie function| getQueryParam function| needRunJS object| js object| html object| fs_ad_slots object| wzMM number| wz_mmPlusWinningBidCpm string| wz_mmPlusWinningBidder string| wz_mmPlusWinningAdSystem string| wz_mmPlusWinningAdCreativeID string| wz_mmPlusWinningAmazonBid string| wz_mmPlusAdUnit string| wz_mmPlusWinningBidPrebidBidderCode string| wz_mmPlusGAMCustom string| wz_mmPlusConfigName number| wz_EventUniqueID string| wz_mmPlusVideoPlayerId string| wz_clientId string| wz_clientSessionId object| wz_affiliateId string| wz_author object| adObject string| lastAdWrapperCreativeId string| lastAdWrapperId undefined| adWrapperIds undefined| adWrapperCreativeIds object| gamCustomArr object| osArr string| gamCustomDecode object| muxjs object| SPOTIM function| owActionQueue function| initMoatTracking object| ats object| PublisherCommonId object| webpackChunkads undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| ns_ object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| teads_analytics function| parcelRequire function| avPlayer object| storageAni object| __pm_glbl object| __pm_glbl_ahfdaFWwPfZoFn7miCG6Og9J object| __pm_ads_list string| AdScoreObject function| adScore function| getUserAgentData object| freewheelssp_cache

113 Cookies

Domain/Path Name / Value
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/db.onlinewebfonts.com/t Name: stateCode
Value: BY
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/db.onlinewebfonts.com/t Name: countryCode
Value: DE
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/db.onlinewebfonts.com/t Name: cityCode
Value: NURNBERG
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/db.onlinewebfonts.com/t Name: isMobile
Value: false
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/db.onlinewebfonts.com/t Name: isTablet
Value: false
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/db.onlinewebfonts.com/t Name: userDevice
Value: desktop
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose Name: stateCode
Value: BY
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose Name: countryCode
Value: DE
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose Name: cityCode
Value: NURNBERG
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose Name: isMobile
Value: false
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose Name: isTablet
Value: false
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose Name: userDevice
Value: desktop
culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose Name: ntvSession
Value: {}
culturess.com/wp-content/plugins/voltax-video-player/styles Name: stateCode
Value: BY
culturess.com/wp-content/plugins/voltax-video-player/styles Name: countryCode
Value: DE
culturess.com/wp-content/plugins/voltax-video-player/styles Name: cityCode
Value: NURNBERG
culturess.com/wp-content/plugins/voltax-video-player/styles Name: isMobile
Value: false
culturess.com/wp-content/plugins/voltax-video-player/styles Name: isTablet
Value: false
culturess.com/wp-content/plugins/voltax-video-player/styles Name: userDevice
Value: desktop
culturess.com/wp-content/plugins/fansided-shortcodes/dist Name: stateCode
Value: BY
culturess.com/wp-content/plugins/fansided-shortcodes/dist Name: countryCode
Value: DE
culturess.com/wp-content/plugins/fansided-shortcodes/dist Name: cityCode
Value: NURNBERG
culturess.com/wp-content/plugins/fansided-shortcodes/dist Name: isMobile
Value: false
culturess.com/wp-content/plugins/fansided-shortcodes/dist Name: isTablet
Value: false
culturess.com/wp-content/plugins/fansided-shortcodes/dist Name: userDevice
Value: desktop
culturess.com/wp-content/themes/fansided-v5/assets/images Name: stateCode
Value: BY
culturess.com/wp-content/themes/fansided-v5/assets/images Name: countryCode
Value: DE
culturess.com/wp-content/themes/fansided-v5/assets/images Name: cityCode
Value: NURNBERG
culturess.com/wp-content/themes/fansided-v5/assets/images Name: isMobile
Value: false
culturess.com/wp-content/themes/fansided-v5/assets/images Name: isTablet
Value: false
culturess.com/wp-content/themes/fansided-v5/assets/images Name: userDevice
Value: desktop
cdn.mmctsvc.com/commercial-api Name: stateCode
Value: BY
cdn.mmctsvc.com/commercial-api Name: countryCode
Value: DE
cdn.mmctsvc.com/commercial-api Name: userPlatform
Value: desktop
app2.cision.com/ Name: JSESSIONID
Value: 0777205F949F5989EF98968B34D37173
.cision.com/ Name: __cf_bm
Value: SWrd23BU44Q47oJ3pgX8arYKWDCUQggmHrXdhgPRxXg-1662400561-0-AdAa8vYHdgdJxS7edGfTqoGPwAt6BB+/5mY02N3MOcTA2iOEl5pkN0SfdvPzkGGtoHHGFu/UHDaJBOKCQes5kh8=
culturess.com/ Name: usprivacy
Value: 1---
culturess.com/ Name: _wzmm.session
Value: "wz6316383a26d18"
.culturess.com/ Name: _gid
Value: GA1.2.639148187.1662400570
.culturess.com/ Name: _gat_UA-1577313-14
Value: 1
.culturess.com/ Name: _gat_UA-62176714-31
Value: 1
.culturess.com/ Name: _ga_NB8RD6J3M6
Value: GS1.1.1662400570.1.0.1662400570.60.0.0
.culturess.com/ Name: _ga_QRG8P3B6SJ
Value: GS1.1.1662400570.1.0.1662400570.0.0.0
culturess.com/ Name: OneTrustWPCCPAGoogleOptOut
Value: true
.spot.im/ Name: device_uuid
Value: 09b2c7de-e49d-401c-aee3-fffc06b8cf4f
.culturess.com/ Name: _ga
Value: GA1.2.660372148.1662400570
.culturess.com/ Name: _dc_gtm_UA-1577313-14
Value: 1
.culturess.com/ Name: _fbp
Value: fb.1.1662400570640.2080083778
.culturess.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Sep+05+2022+17%3A56%3A10+GMT%2B0000+(GMT)&version=6.37.0&isIABGlobal=false&hosts=&consentId=faa66026-469b-41ac-801c-bab31c59a72c&interactionCount=0&landingPath=https%3A%2F%2Fculturess.com%2F2022%2F08%2F29%2F21-days-beauty-back-ulta-plenty-deals-choose%2F&groups=C0002%3A0%2CC0001%3A1%2CC0004%3A0%2CC0003%3A0%2CSTACK42%3A0
.culturess.com/ Name: _awl
Value: 2.1662400563.0.5-7daf4ed8f74d3bc1512da9ef9baf2939-6763652d6575726f70652d7765737431-0
data.ad-score.com/ Name: token
Value: aBMZeUuXGnlLC-jssr-fDMjEIckiIqwZ
culturess.com/ Name: _dd_s
Value: logs=1&id=f29e87c5-e013-42c1-a1ef-2bd7c160f5e4&created=1662400570332&expire=1662401471175
culturess.com/ Name: ntv_as_us_privacy
Value: 1---
culturess.com/ Name: hb_insticator_uid
Value: ed5c9c44-9786-49b2-afd1-64b17bce6157
culturess.com/ Name: _lr_geo_location
Value: DE
.postrelease.com/ Name: opt_out
Value: 1
.adnxs.com/ Name: uuid2
Value: 8517197437325276119
.rubiconproject.com/ Name: khaos
Value: L7P2DGPC-21-3CST
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qr5MqV+tfbbrOQFbWGgM44fR/rFJVNr6iK7I8FWAH9suQ62HyTI0VLge5RzJxrGgpZymPvo8pleP903QIzDI5CqAFMci+Bwpm4=
.culturess.com/ Name: spotim_visitId
Value: {%22visitId%22:%2209b2c7de-e49d-401c-aee3-fffc06b8cf4f%22%2C%22creationDate%22:%222022-09-05T17:56:10.945Z%22%2C%22duration%22:1}
.spotxchange.com/ Name: audience
Value: 02b51005-2d44-11ed-a8e3-129210fe0306
.yahoo.com/ Name: A3
Value: d=AQABBDQ4FmMCEEq4uNrS1TD-8hrdcz9XPo8FEgEBAQGJF2MgYwAAAAAA_eMAAA&S=AQAAAkQArvS5Ea96Bj6IqnU8FMY
culturess.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.culturess.com/ Name: _pubcid
Value: ce600662-ef66-413e-8883-bc782850a9d4
.casalemedia.com/ Name: CMID
Value: YxY4NMHsjeTEs0CFbMCLJQAA
.casalemedia.com/ Name: CMPS
Value: 1158
.casalemedia.com/ Name: CMPRO
Value: 1158
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ef8bc736-0d43-4eab-93e3-85a2fd341886-003%22%2C%22zdxidn%22%3A%222069.55%22%2C%22nxtrdr%22%3Afalse%7D
.casalemedia.com/ Name: CMST
Value: YxY4NWMWODUA
.casalemedia.com/ Name: CMRUM3
Value: f16316383505a0&396316383505a0&586316383505a0&27631638350b40&2d6316383505a0&e6631638352760&116316383505a0&8263163835a8c0
.doubleclick.net/ Name: IDE
Value: AHWqTUmMNtGZOjQtVrZaTiBox6SrNEdX-HtVTlJwV87jeYtyOMKYl3LJAHQ8Z0ACktg
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjS1MDc0NLQ0NxTiM9S1yC8rzk0vcMwsDHMDAOS9sQklAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjS1MDc0NLQ0NxTiM9S1yC8rzk0vcMwsDHMDAOS9sQklAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZkYmBgamZqbmgGAFelI9MQAAAA
.aniview.com/ Name: 2_C_200
Value: OPTOUT
sync.aniview.com/ Name: 2_C_200
Value: OPTOUT
.casalemedia.com/ Name: CMTS
Value: 5132
.prebid.a-mo.net/ Name: __amc
Value: 1_1662400565_1662400565
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 482769=5090036
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1313617845%3B%24ql%3DHigh%3B%24qpc%3D93138%3B%24qt%3D25_176_7906t%3B%24dma%3D0
.smartadserver.com/ Name: pid
Value: 3121299927188206592
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1313617845%3B%24ql%3DHigh%3B%24qpc%3D93138%3B%24qt%3D25_176_7906t%3B%24dma%3D0&c=1&l=778303439&lo=-234712989&lt=637979973659771548&o=1
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: FRD0uBZHkXVplsWoQnKNqHXJ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A3qeS6UD6U2ZrpxFrZqi-aA
.openx.net/ Name: i
Value: ce600662-ef66-413e-8883-bc782850a9d4|1662400565
.adnxs.com/ Name: icu
Value: ChgIp95KEAoYASABKAEwtvDYmAY4AUABSAEKGAjhrFoQChgBIAEoATC38NiYBjgBQAFIAQoYCJPIbRAKGAMgAygDMLXw2JgGOANAA0gDELfw2JgGGAQ.
.bidswitch.net/ Name: tuuid
Value: 02f3aee3-2a95-4594-9955-bb3b2f2455dc
.bidswitch.net/ Name: c
Value: 1662400568
.bidswitch.net/ Name: tuuid_lu
Value: 1662400568
.bidswitch.net/ Name: custom_data
Value: ed5c9c44-9786-49b2-afd1-64b17bce6157
ex.ingage.tech/ Name: instUid
Value: ed5c9c44-9786-49b2-afd1-64b17bce6157
.analytics.yahoo.com/ Name: IDSYNC
Value: "18wk~26zt:196m~26zt:197u~26zt"
js.ad-score.com/ Name: token
Value: YNQiMlUXfnrMt-r1v8-IMvvUGoStGXtA
culturess.com/ Name: pmtimesig
Value: [[1662400575721,0]]
.criteo.com/ Name: uid
Value: c034eb31-6fb9-495b-9aa7-9e4fa7ce81ec
culturess.com/ Name: _lr_retry_request
Value: true
culturess.com/ Name: _lr_env_src_ats
Value: false
culturess.com/ Name: vmpbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-05T17%3A56%3A11%22%7D
.culturess.com/ Name: panoramaId_expiry
Value: 1662486971032
.culturess.com/ Name: cto_bundle
Value: JGJcIV9pWWNSUmQlMkZjSkZna2U2RHZYRTdtd2xyd29lJTJGTWNjRVQ0bzFzdG8lMkZZN1F6eWI0SjZzRWFUc3BPJTJGanNHJTJCUERYVWclMkJHeGtzblF1S0g5OXdrcmF5dFRMb1I2TiUyRm84dUk3WmFaVUg1MXpTNSUyRlVhdFVPOEFlTTJzV1N6c1hVdERBRGpJYU1jWUsyZEE5cEJPam1jZmJMQnlRJTNEJTNE
.culturess.com/ Name: cto_bidid
Value: -R6Mjl9KTFhCdEJxcCUyQmIxWmc5NlRiREI4UnZHeGNWdnNmYk5iWkhFUzBUeG9UbGw5NnVIN0ZON1lHRXF2SUxwREZvbmFkNXR1aDdaZ2NDeXk1SXlwRWVrZVBreVEwdTVwMzZnY3ZiWnk1JTJCYXRWOXMlM0Q
.aniview.com/ Name: aniC
Value: 1662400565115-935559409326-007208-009-003599
ads.stickyadstv.com/ Name: UID
Value: 2d2f424e7d15281466d452ed56716
.ads.stickyadstv.com/ Name: updated
Value: 1
.ads.stickyadstv.com/ Name: sessionId
Value: c64047c7581dfcf3144324e9e461da17
.ads.stickyadstv.com/ Name: UID
Value: 2d2f424e7d15281466d452ed56716
ads.stickyadstv.com/ Name: sessionId
Value: c64047c7581dfcf3144324e9e461da17
.fwmrm.net/ Name: _uid
Value: "l1dda_7139956175491326724"

6 Console Messages

Source Level URL
Text
network error URL: https://di.rlcdn.com/710530.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/db.onlinewebfonts.com/t/2f86dc938a55788d3416b876b43a116a.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://culturess.com/2022/08/29/21-days-beauty-back-ulta-plenty-deals-choose/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1432' from origin 'https://culturess.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1432
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.teads.tv
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adx.adform.net
ap.lijit.com
api-2-0.spot.im
api.rlcdn.com
app2.cision.com
ats.rlcdn.com
b1h.zemanta.com
b1sync.zemanta.com
bidder.criteo.com
bqstreamer.com
bucket1.mm-syringe.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
cdn.cookielaw.org
cdn.equalweb.com
cdn.fansided.com
cdn.mmctsvc.com
cdn.wazimo.com
cdn3.optimizely.com
cm.g.doubleclick.net
connect.facebook.net
content.voltaxservices.io
content.wazimo.com
culturess.com
d3ujids68p6xmq.cloudfront.net
data.ad-score.com
di.rlcdn.com
direct-events-collector.spot.im
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
ex.ingage.tech
factor-service.prod.voltaxservices.io
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gammamaximum.com
geo.privacymanager.io
geolocation.onetrust.com
ghb.adtelligent.com
ghb.spotim.market
ghb1.adtelligent.com
go1.aniview.com
gum.criteo.com
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
images2.minutemediacdn.com
imasdk.googleapis.com
jadserve.postrelease.com
js.ad-score.com
launcher.spot.im
log.outbrainimg.com
ls.skimresources.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mcdp-nydc1.outbrain.com
memorizeneck.com
minutemedia-d.openx.net
mug.criteo.com
mv.outbrain.com
native.sharethrough.com
odb.outbrain.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
p.safeservingcdn.com
p.skimresources.com
p4dt2-980w2.ads.tremorhub.com
pix.spot.im
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
platform.twitter.com
player.adtelligent.com
player.aniview.com
player.spotim.market
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.deepintent.com
prg.smartadserver.com
promotions.minutemediaservices.com
publisher-assets.spot.im
r.skimresources.com
region1.analytics.google.com
region1.google-analytics.com
rtb.adxpremium.services
rtb.openx.net
rumcdn.geoedge.be
s.adtelligent.com
s.amazon-adsystem.com
s.ntv.io
s.skimresources.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
shb.richaudience.com
spot-im-d.openx.net
ssbsync.smartadserver.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.richaudience.com
sync.search.spotxchange.com
sync.spotim.market
syndication.twitter.com
t.skimresources.com
tag.1rx.io
targeting.unrulymedia.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
track1.aniview.com
u.openx.net
u12097671.ct.sendgrid.net
ups.analytics.yahoo.com
web.hb.ad.cpe.dotomi.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.oo-syringe.com
x.bidswitch.net
api.rlcdn.com
rtb.adxpremium.services
ssc.33across.com
sync.spotim.market
104.18.18.126
104.18.19.126
104.244.42.136
108.138.17.121
108.138.7.37
108.138.7.47
13.32.99.89
13.32.99.90
130.211.115.4
141.95.98.71
142.250.185.230
143.204.89.5
147.75.85.234
15.197.193.217
151.101.130.217
151.101.14.132
151.101.194.49
151.139.128.11
157.90.211.246
157.90.3.144
167.89.118.28
178.250.2.131
178.250.2.146
18.134.84.23
18.194.70.236
18.203.72.119
18.66.112.11
18.66.122.120
18.66.97.41
18.66.97.91
185.184.10.30
185.184.8.90
185.255.84.150
185.64.190.78
185.86.139.94
185.94.180.123
185.94.180.126
193.0.160.128
198.47.127.18
198.47.127.22
2.18.69.48
2.18.69.56
2.21.20.132
2.21.20.151
2.21.20.156
2.21.20.202
2.21.20.221
2001:4860:4802:32::36
209.54.182.161
213.19.147.43
213.19.147.45
216.52.2.30
216.58.212.130
23.205.235.133
23.35.229.181
23.35.236.201
23.35.237.86
23.75.240.210
2406:2600:4::b
2600:1901:0:802f::1
2600:1901:0:f8d1::1
2600:1f18:612b:4264:191d:3f4:ef20:24a8
2600:9000:211a:bc00:1:4290:76c0:93a1
2600:9000:21b8:9800:4:b37b:9440:93a1
2600:9000:223f:a600:8:48e:53c0:93a1
2600:9000:2304:8c00:a:deb0:3380:93a1
2602:803:c003:200::61
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:4579
2606:4700:20::ac43:4728
2606:4700:20::ac43:4771
2606:4700:3036::ac43:c951
2606:4700:4400::6812:2962
2606:4700::6810:9540
2606:4700::6811:804d
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2008
2a00:1450:400c:c00::9c
2a02:2638:1::3
2a02:26f0:3500:58c::2c79
2a02:26f0:4700::215:4a2a
2a02:26f0:4700::215:4a52
2a02:26f0:4700::215:4a63
2a02:26f0:dc::217:6113
2a02:fa8:8806:20::2100
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:1c03:949a:3875:f724
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5142::2
3.126.157.114
3.126.56.137
34.120.117.212
34.226.74.25
34.98.67.61
35.158.53.117
35.186.253.211
35.190.59.101
35.190.91.160
35.201.67.47
35.244.159.8
35.244.174.68
37.157.4.23
37.252.173.22
37.252.173.62
38.91.45.7
44.193.192.96
45.133.44.3
45.133.44.4
51.89.9.254
52.222.206.192
52.222.209.55
52.28.203.152
52.87.80.187
52.95.118.179
54.155.183.30
54.205.36.89
54.77.13.172
63.34.160.33
64.202.112.127
64.74.236.255
66.155.71.149
69.173.144.138
69.173.144.139
76.223.111.18
8.43.72.97
81.17.55.112
92.123.21.200
96.16.142.89
01d87f7aa037bd8205802a2d42ce6e460a4aeaf96270444dfb67e29c79cdc976
0254cc54470c23817c68274abda4fd059880ce2f1a723ae624e9b339562d85a7
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054971fa2c7097d02a4e6ae9ce515e311366395367c17e33b08444f3ebfc2235
0580c7a91ec2c6c965620c9db0fe5b979fbaf9edba6e3099baa353413fc25743
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07906062c4cb6cf9965578634032e2573e30edd821b2cf0a68d8f3ce5ecbb367
07e431b9e2389a65efadf220b47a1a34dc289629279849964bf927a2d66a46b0
081a747f23737dedf0226fb629e575f2e4dccdd2ba113ac15ba8913415c6b90d
08b3d60cf22a301353fd3d6907dfcb94a0330b3344e5be986e22cd83f1441b58
0979cd8b320c1523b170110c212e466a8b53845d4b75c2a0255b05b6ad8e0342
09d6f3768800426b1412342d6b228ebc1bb47470d69ac9545bcd82884395c94f
09eb938302b8e15bf0bdc27afbb0d78ccfbeae9c6f3ef9fc28ed4c899462617a
0a4e927973c5b619eaab045178678c3bc6f893521882f15d541c312c2ee882db
0a7d2102b40065807ab283b7a4a2256bf1c18d3cb804b46035999e8be8593d25
0a917e38ffea540e35a7df103a72def2942bdb05de0f1b9b3a72fb1bd24ed1c1
0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e0df2499616f0d83c60670500ea7e9fdc79b28ba9254e45bec23696c06f637f
0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73
122879f9ef49d7193bb88733d44188ff5685a0643ebcf6c990cf1869941fce8d
1345143a08742abcbce99e1f3439995f1a4a4b6739aebc12d4eb56cceb77de95
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8
1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
17d8be269a7c8c056019540e8184e4c95d349ff3d80253bd43923621b31f8d41
183991764bf3732d470bb64c7e492f4a24d34e2217d78f533257fc161c42c3c1
1974e75d20db36d05750128cb3ef2c2d471cf5063a6c05eb5e3f6e1016e04e15
199da19156874c9155ab4fafc898fa9128e1a63008dedf56feaaed7063acca2b
19c459b0ed66b69066cef6ca25981e3c5252bb0712e6307769acdafb59ddfbf6
1b020ac6651afe11ce3602c0fa3754bb12e96760de4b04bd7f8d06feadfd5fe7
1b2295f150d93c7cbbae441911d7d71dbca1852c713744b0aea4a8566ab5342d
1b2ca6ff8eae7053a49885bd470d8208b92e834d9464869dfff89f6bb41a0cbf
1c9374cf61008ebf8aee12f06b7e8544d5745ba4c6ed385887a421325743728d
1f371fc7eb0459632a6ed1a7f73a2ef0cbcbea239bc9c69e2cab18ccc95b0423
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5
23272b9c8e03e5972c0c3d0ed2fedfaf16cfd913766077399fc7d54b77230e8b
248d34284cbbad91bbcd3b7af2f51b2df49311b7b1ff1117606366eed50277cd
266dd23f7b6c0cd10e47dc420ce1734f0d62d32a867e5d543cef04fe77db0484
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
280bbf781a90f30d7be755c745f0767af579a8e994f68410e78f234600332480
28ee90b63cacc580bc0a1b4e5db534530425a36cd85c6844afcbcc4450389911
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1
29bd20722dcc17f6d043bd905e16bfa1c6d38b301713b616e606ec7fd6cadb9d
2b6b1359cda276b3c2ae1331b70e2ba48466fe6572855ce8f77b2d8f0bbf4b12
2ba2ef30ace3adf9c893bc9486f384469f020eb1b332e58887e2311b4d496b9c
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ca8b364effc1bc14307e86e63c763d97ac4679909d03eee0581a1bfc2661b51
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8eb8e96e4642198b4bf42b26a34cd87de62058ea2533daeb8d5ae4bbbba446
2f2d40c3f02982a00a1b0e6ad8263b554f74a8a8ba6f9eb650bda234a0340eff
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195
316963d777ae788cb264320e843e57418e18e70f1eac81c907cefc1d44fc55a2
323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141
334a98eaeec325cbc84a300e98e133aae9fac74e682f34d11bf0cea7236781f1
35507afa8f30bc00343eaca8c0f6cee6e2657bd90904d5b03f2c795a42b103ca
36404e38218b616b01d536bf0a7ef92668438a5b1cc7c60dc633f6d4ed814b5c
37194dd744d828bcfc688d5fb653f427b1ea658c4ae45c841be4062c7aacd553
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
380438fbfce6f2930e3deb99dbadfeee4eca7bfa3f09a6cc8a2250af90df13f7
384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66
39eccec0fcd53671e11be73e04f3f510e8562e2c45966099ef6e77b47b423fe9
3a4ddd5c2300607f80502504f27d85cf6d6d577176e6c20b751810f40e6bbcfc
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c74bfd19cedcbfab8f92f307f5c9a314170d18d943795e91fa999e139985980
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3dc6cbbd4ee387bbd3c69a9b1522f374c1b1b491ef0f5f046d096f8acd1fe92d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41480432d4dd6d3aa855a561c3759f6c0ce1a73575bddd15af9b73d5dd8f95ad
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45cb6cc8d1bd6ce3a958654879851db3bb5517d234b406eb6cff7ab6a8685b86
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b24793c627bd2413036d2612e3799c76da967359153a6f01ca2316592709ad0
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
4db0b34910389b4cde633b1a16b6f3855c624b87c749681e804732a0a4b73d3d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f808368b7d46fb5ca2841964ebb52519e57a058455eb1e50f90a25aecd2346f
53e8bf1a49a2f76631d49e08800fe4b5a87ba7f094d189185604d44df74e186e
546bc420f96518175d95e7b555319031fe1a53fd3d7ed2e7bc7d65a4aed8ecca
549db53ab98e0049c0e3564535ee547efb61c5f0fc84518d9f6e7e71d6baa8cd
54c09d17405fc079c641533fb989b284d6b25fe4a402017701cfbf0d22b31611
54d4f5ae436984bc1d608b420aaed654c54dc9e5d84dd13e3331ad82623bb5d9
5525fe0659c283e57d8ca8f0ff56cba585bd7fe8532df9387c0a824ae35dec76
5695c61250ed1ed58077beeca4118dfd05b8d66ee6703619067dafae787119ed
56a2b9011e4fc9a0a145497c45545512456f2040c99f63669745c0e6bfa44dc9
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986
58add5872e6b0c5c5c2df1fa9aebdcc06e3b56a4fee5538c5e68debf28d38b2f
59f207b3633adea702cc54e564a0f791c00874044e875a3591333d1e14c696de
59fbf8354eeee89e93a1fa1caab2ec9d5425fab4174c42e836fdd38cbe4f20e8
5b98d8e17f723506a0eebd242abbc4d6783cb75b0c483cf0055b56b49553564b
5bdae7879c27710be27ca450e99922421eb15c21278a37156db2d939a11ba5d8
5d819eb3171878e122406f5b8430e11baedc026f70054199205cf736558e818f
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61d4520a75285450f201ba80560ebe42de6c3e86f3c3cb740fdcb3a75c7aac1d
627a7af0d9a6bb7196e156cc0ffd3423d3b7402fe9549bbb029a00af5b4a1555
6323865009dcb5c3a76c9f8dfb485d28eeceec77f8783565265e2c378d37e3d6
63ff673881cd46862c43f1b8db153f5fb733ddee417980c8c0985fa44b9553aa
6535d55e335297ac2d15745a366047f06ba2842bc6623a00059131af1058791c
660bded38976f0a5209c78f973a6eb9e04be64d95c366cbb84165679e5cd100a
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6663429c3dbd4c3635c0ddd025f7f65d2966bcebfb857eae97a0b7376e71d795
6728a0ce89e4654e589280a209df5c1d5c8a690bca4a720b79df7255560d118a
67a80d899a8e949e6dfe9375b16c63feb58458c235dbd1797df93f99c4f134e1
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68d4f7f16f4dc745363bb4541a1de458687ef3ec8f31200ea4133f9e655e2ae6
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb
6d3282900f478b5abd8d6e76d85a16e6d6ec60adba9b7648ff8e6c881505d9ab
6d9de14770fcd48eb127eefe75a2eca6167f8f380b6308a113125eb5645169b0
6f5d18b1769507b97d8718a598fcecd3bc9e270bc11a520d769b2d06452418f6
7057b479a1f426beb0e25df5aee22456b0b30107c73c5c93f604d25908b074ac
70bb3612f638898cab7ec20489bacefed12aa916a20b724014957f451c7f098a
72f546d8d3d21951d12a0a4069c1bc576a73a65407b6458e999ef6a8d62e20f8
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
769317f76d7d2670d9445ac516c6888967c310c6c4df441799946b37bf8d8af8
76cf72bac6a54c14faf63e13fd4b0e5050472227111fb2b32ccc3e33e6bb1899
7a3514cae399947f561ddff61e01ca8c59d327ab99add43c020b0a17f9290476
7a40a463b00a11829a0e510859c76b9754429b9f2b6041208182f2afb4c718ab
7b38c432f96f8b1a3f63192174d9660c5b8f5f0d8e3170904c341376c56edde6
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c4379ae888a737fd330f0c964e263b1a64a51a7a69a5c76f3dc049a7f1b325a
7eb121be460e4f49cbad264bd4eabfa75577b6e2f86230b1c5bbf8d05ee1df3d
7f976fa2b8374df939d4ee4d1f5d24c4bf7607520d4460bc08d049d364b4905c
815c5cf96cba89df34f548dce80eb0b389538e7b5f223410882876612fc7f7c2
819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843aaa4342933048f663c0a8bed53197783c1b83132c0a679f4b2080dbcecc03
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86abcf27cf5192ec6219333bfa420e42969d6c0ace395687dab2d3eaecdf1322
8722734be0c355083eb7091acbc370d631975d03182cf7791b7fea751e34ad08
886a288f8411ed44778c0c250d1ee4a2080389f871b8bad18241bdfe58df505d
88858746394e808583ef266c11a187912d469a25fb002287ea2ea5ff0b4919ec
8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
903c19f9a6b15c70d62b998454aae5ea2b663f74d13799e212fd17891639fe65
90a802894f6f19b7b10e4b692da44da0559added83b4f738869d32e258f4a9ff
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9275ff187a73b177620cb0d9c4b821749326cc6251e8c224c345505652435471
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92bedfcf702976be1772280721f02346ec7cd570c6f116f7cf7032452666d3d5
9370088ff6f051ceb78c424558b0167b35d8a7dcad511026248b9150b468a4fb
9384b83d0217ed2aa98aaa86e39ffc0d7a682907f4113601eeec99ac48579b1e
9423fb91cff4badec7ffc41034895b7c0b4bac2e3283c597a9e61b85411eabc7
94822a4eff910db4747dfca256b07c769a9e06b5d62a3e64a4612e7f1264693f
95695b57c64f7bd2a63eaa7bfc0d9ba4a42511696039dc32694d5e9ef366df4b
971cdbd79f0cfc0ed09bac40313fe47c2d3b856d5659800de0fa40e090bdff4d
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
99c16a7b377eeef3c6d01e83fd7bc69b2d244bfeb53b80ab0e6e1ba87386ad22
9a31f3657c6d94eb301870a3bab9b049b452e6d92ec31a556bc8a5e20c86a115
9ac912f73fff1b0dada62a7096d745cbe6a2c88769dc4896025b794fcd8aa7e5
9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00
9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9c6411535309f23e64f9f55accdd280e2fdc3be1cf6b7637816e13459f77397f
9c76e0206accc26905693d9f76e9b4df8614cec090c885c2008b2dfd21c1117f
9d9bc14894c7671a2ee110062eb53017b8172319a8a69162d76c66805c2b6f74
9eba94335eda1e5ce0687b9d23412342bea382a25adfbb24c9cab53750b0bb81
9f010e256c351c8f8fd0a611b34c2e889f5e72805a42f622ec7b9012088425ad
9ff53355766c89d8351fe4062ce452f1b5d873949b64a0912f31bb3c014fa3b4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e7aca8885f4c74508603b04d7f8f68f1dbac80943bce2d0e1fbffa1dce59ca
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4341c4c513889841887be579831125200a94753a15e19bec0252a8569b3a931
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4654e8131f5865f29da883405a88f64509f7ce77c11113db4c24a95b59ae214
a4ec3b885793a7f614d15175f491e315191ae826c964b94436deb5594885746f
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a8a7ec14eb2db57e76702e317637d3376a787e8ea33454e02fc258fd72c4267a
aae9ac918a287059b8fd674ca5991cd38069a18ee5a3c927a0bae2312bb3c1bb
ab809458d9efa125c9ccb5952d6d68b86bddaa85b2706004f928ac8d019655af
abef413600be1e526eb7027dd2665f03018eb523a659cf24e1191289642dc7d3
adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a
afd968c1b8f95bdb7236be3770e14f06f937a6ee42e4c9f217ca624d6d39a732
b0c2113e1ad7f23803d09116ac468469cad617e7afe10de77779e14a25f1a08b
b0f9acc2facbbbf8a8d2c056a0be3238c6b28354369e5b21ff15ac38f49810ec
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2
b2e8b8067ace82754ecb961cee8390984c73a5c6dc1629b3fb9a58a6365513c8
b2f1d75b5f27cc61899d0f2791278fd3d10d658c92c3ce7352a87752cc17788f
b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a
b353528761824c57015ccfab1864b17a318778de4bc85cec9f66e2485bb1f49b
b35f202c4f288dd7a6478e161b6639cb3025197a7cf4594b77315145b5d1e636
b366b9bf5b25904baa338c952865b1930f64efcbfdcd932da4bc38016d12dfcb
b393f9c320cbb557f0344993c5e65ca72f6f771ecd4f773fa6a2fd3f1ac36b6c
b3c0cd797d4faf3648dc84de4a0b8fc98bc6b9f4767cd5e6da3e78782b8be22a
b490e57703421aa999ccc5cf47d1756d50405a6421b3683482532fe8d4526a43
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6dda6fb1066fea4243e6c52fc5436e30919e9233dfc0e449d5725b9c6d399be
b762ea03a42a9958848791fe4a671e450af0cdf74fde12a07f8267e45cd43607
b82f1be33a3a2d8d5e1af6191b3b5c6fe5523e67b041d5f887157da4330ed2b7
b898fc380e4e5659d960aa1732d650078a5d350eb4d07d571fd749bf48384fef
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bdec9c8e55304774b4030fa42cd6ec1cd75b0a7e89316ae22d653d5dd877fd56
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
beb6d4ed9e70b9f611405b8e7e5c09782669c6f434fa81f990cc3690adfd6f20
c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35
c1a142d3040a5245210269450dbdae2ce261226b7224f70f97646fff372bebd8
c1cbc1166bf2046860f9d623461537cfe9e939c56120255666899b2631e1a6ba
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d126928499e63ba73ea68e379ea83c5fc83b383c0a80665a4f843f183685d0
c5137492d53d4889386da70f1c4dc76f59a27ea8e14bb972907910f3fc43e786
c5b41ecba4bf2257b9d0aedc1dd44bdd1c078c0b25e59a4cc47a2942af6d5ff7
c5d49e644cf538cc0f857acfad9c5e8c98f8765279e5383081943ba21ad402c9
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c889d3593066c74eae7b8f0ee34c61dbe7c6a57a1807830e7c29bd807781fac6
c907ff5de3815d7660b3695631617e16aece8701385bd9120f232d94c956f130
c90c6d74be627ee673842c0043505e4310f33b10f27b53450e6ae0d9bd1b84f9
c9c59a027224b86979e16aa2889e4ef6e8fef217760adef5013194905d1f2941
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb923427e4f31573c8d4c4bd8c8256e9cd1351ae120f1f53969905be3b306537
cc3e6072a9ecc0f4908ce3001677722b321672be97cb044f3eb54be1951b1758
ce1aac0c461963d02f3b14497032a7f1f1352c5d64f727e3644a0aaef08ff877
ce270c9952a278a73384c409e1bc02e7b5367767702a1d87d5105b9aef3e91ae
cf106ddb920508507c27bd1fded19bcb7cf865ef330e49b0f8df876e19e23ca9
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf470514851f088f42ee22450764368775be4bae7b5af2c25668faf13bc195ab
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfabd0a5afa6076aba37b51231bfc537ba1aa9cb83b9f14bb938de8e00db7828
d0dbd401bb62e7a53dbdcb3924a23f676ecf8ed5675d11947208d76a74b708ce
d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21
d1a91ee2c662edbb612f73ff8f00178f42eea90c96ee9c837b78a33086ffbc2c
d1fd6ca1309796782973dadf6f79768b17d8e3904fdf546f131f46f5cc7bec44
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d31223f18c49ab37f228ae8f3c0b687a9cb0c05c371724f4cbd7aad6cc4542c7
d335bc307971ab0aaa0ddc3d5374f7bb9640dddbe77533831aef185b4d1cdb30
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d36d3105e4f61aaea6f9aa3dd2ad471b1fbd5cb038e31f50da6bbf2ea9faa059
d3dba596b660652951e5ea23772ca72eb18be97d7f81e21cb65d845af7bb397b
d3f5d2edb1d7efe3e24417b3a48999d2090f8b7cab6a0f773e4075b33122de03
d41232914110d95654ae2bc395a7f3a69e0122ae1e9a10779e04aafff95165bd
d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d
d542f80e9048b08b7ef8009c5f888ed2365f42b20543a15b4457d067e2ae4a8a
d5c523dc5508d4a460252e6f1038603166541443cc8b98dc3ae2f9859e1a901b
d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec
d8979fc4115bb665e2d98d532d4c70ea960c3f7585f269b52eea8ac6640a0336
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
da2cc9b499be1080e005553fb99c124cc4e1e3bbffeaae7a86f507c3e5b512ef
dca30f13a0b0df646e93ec171d01b368dcb2680fb0e19f0871786889ea444169
dcab25a0426be1dd0c6bc6dbae1dbe3175b11325928a56808a73933a314ba221
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd577d73843dcd584216be5020ce9ba9a50a34fe598bd17e2d266a78d5322cc8
dd61da406f098f861a0c9524f9c6bd9cf10c6e96cf653f71f399ba0f67d7ab35
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfae44c53d705556eb16900720cfed3feefb0675aadacbc80fe4b5dda22b1e1b
e0ec04a708c2a53fb990c74bb5d0c278ba14eda619bd5e35752e279f4f84dd74
e1e1e7c897ae098db7b17d01d365660d4418f994f3b78843bef9b3c6f20e448a
e22c719e588ab16bc1bdf8e2c4f80091d9202a4682953dded9d67b67ce31aecd
e23db34d14d622bb6aeb7c7efa2e14d9c543d148b4364266730ac5bb1d26240b
e2c728752da90c7d2a77a2fb19c432e4f7ee62b75d322b50890b167d6ba4bd5a
e349c1140ed87747021cce86bf47256193e87df8229303c085e5d107197b6aca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52840d7832029058f1cfba7004e1a570daf1b6803f046abd8310aa36fe34edd
e537bd04ec8a852ccb4f9c183905564881ab5d74e4c55a867c39c5847ae08005
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
e7e3cc7d8f8bd15f6015db6858751e9ce19b8097dc4259cf9d81c657cf37349d
e87206265f9258c0d7b5eac8b0eec391e1f649bfb0b5a20346d864364a135ce1
e886206a116159b38d0d6828ace34e6f21274729825a6d92a71dee2c2dec4b65
e990aab2edded61f9eb6740fb5eb28fff4d69462b96ebe371b700e6bb319bd45
e9fd25aa3e17a2594fa6d5f50f6bc55ac2c44b2296d3d96cc1c4e9463a4b3a91
ea8788a247680bb2b778f7a7825d1ee88fae6fae76518b8da3cb01d3abf83308
eb4e849f96f50649d674f5a281b50f52c42a1495031cbf834d7160eda110172f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed9ef6b6f7b65ab5ae280b4e082da7a12060c2ede37b4612f343bea3994811de
edb92fdbb337fa1c6c7b2c63381bcc201243b3c78db49148dadff01f443fadef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1daccd18337081e387516cf3ac8f678b66492ff9a9b1b5f11ecf1d361fb6b4
efe86bd42cc0348a33bfe2f0c63f7062ec5ec3262199a040a1a0936982e06c66
f0254f664aaf6f2c172fadda0971ad2bb5dcd106617750a78c49a4f0cab1fad0
f048866db522bc805c2b6d236ab68294c57641b83c656eae40ed400510da3bfd
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f1251842b74330773699f769f12f2634b163cd84d9f232668c59bb92d71b001c
f2297a33e24eb2e8b24768fefff82d7c7d6930d19a5ebc86c63f838dc808d41c
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681
f5dff53e17b2a4af2b3467bf749dd0a23129d08a5b492098e2d487b6c9c08252
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35
f870aac248502ab1730be779e943fc2042093f69bbc0b37e3533da11055575de
f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc
fa9b24f32547c7a8634822a7a062292f8e472dd99bd3c08ece7802ccaf27b0cb
fbdb7ee4ec4c78dae6c055edee73bee912597437048ad67daf903560f90c7417
fc680c24e2b848d44cbbbee20309665a60bdaa5120ee5657d52d89d2a1797cec
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
ff864cd2bc3d86eae7baa487d447f3075587725f27086a114052c4269c1b0130