www.makeuptalk.com Open in urlscan Pro
2606:4700:3037::6815:e75 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
Submission: On July 15 via manual (July 15th 2022, 7:29:29 am UTC) from ID — Scanned from DE

Summary HTTP 89 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 22 domains to perform 89 HTTP transactions. The main IP is 2606:4700:3037::6815:e75, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.makeuptalk.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.

This is the only time www.makeuptalk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3037::6815:e75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:41c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	195.15.231.89 195.15.231.89	29222 (INFOMANIA...) (INFOMANIAK-AS)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
5	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 4	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
3	108.157.4.87 108.157.4.87	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	54.77.1.80 54.77.1.80	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	54.194.226.232 54.194.226.232	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	63.34.67.128 63.34.67.128	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
89	28

13 2606:4700:3037::6815:e75 (United States)

ASN13335 (CLOUDFLARENET, US)

www.makeuptalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:41c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.imagearchive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adligature.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.15.231.89 (Carouge, Switzerland)

ASN29222 (INFOMANIAK-AS, CH)
PTR: od-87015e.ch2.infomaniak.ch

dev.jarek.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-87.dus51.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.77.1.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-1-80.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.67.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-67-128.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	makeuptalk.com www.makeuptalk.com	280 KB
12	googlesyndication.com 7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	89 KB
8	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 5705 trends.revcontent.com — Cisco Umbrella Rank: 2047 img.revcontent.com — Cisco Umbrella Rank: 8611 yeet.revcontent.com — Cisco Umbrella Rank: 6206	65 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	189 KB
6	imagearchive.com cdn.imagearchive.com — Cisco Umbrella Rank: 397594	136 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 376	109 KB
5	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3879 cds.connatix.com — Cisco Umbrella Rank: 4175 capi.connatix.com — Cisco Umbrella Rank: 4253	330 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 410 mug.criteo.com — Cisco Umbrella Rank: 2434	1 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1907	70 KB
3	adligature.com cdn.adligature.com — Cisco Umbrella Rank: 74550	175 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	79 KB
2	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	848 B
2	jarek.cc dev.jarek.cc	56 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 399	393 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1558	340 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	1 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 531	61 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 6937	792 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6525	208 B
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2027	435 B
0	rlcdn.com Failed api.rlcdn.com Failed
89	22

	Domain	Requested by
13	www.makeuptalk.com	www.makeuptalk.com
7	www.google-analytics.com	cdn.imagearchive.com www.googletagmanager.com www.google-analytics.com www.makeuptalk.com
6	7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
6	cdn.imagearchive.com	www.makeuptalk.com
5	cdn.ampproject.org	tagan.adlightning.com
5	securepubads.g.doubleclick.net	cdn.adligature.com securepubads.g.doubleclick.net www.makeuptalk.com
4	tpc.googlesyndication.com	tagan.adlightning.com www.makeuptalk.com
4	trends.revcontent.com	assets.revcontent.com
3	tagan.adlightning.com	cdn.adligature.com tagan.adlightning.com
3	cds.connatix.com	www.makeuptalk.com cd.connatix.com tagan.adlightning.com
3	cdn.adligature.com	www.makeuptalk.com cdn.adligature.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	yeet.revcontent.com	assets.revcontent.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googletagmanager.com	cdn.imagearchive.com
2	dev.jarek.cc	www.makeuptalk.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	googleads.g.doubleclick.net	www.makeuptalk.com
1	www.google.com	1 redirects
1	img.revcontent.com	www.makeuptalk.com
1	fonts.googleapis.com	client
1	ads.pubmatic.com	tagan.adlightning.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	capi.connatix.com	www.makeuptalk.com cd.connatix.com
1	assets.revcontent.com	cdn.adligature.com tagan.adlightning.com
1	cd.connatix.com	1 redirects
1	pro.ip-api.com	cdn.adligature.com
1	www.paypalobjects.com	www.makeuptalk.com
0	api.rlcdn.com Failed	ads.pubmatic.com
89	32

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
dev.jarek.cc R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
assets.revcontent.com R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
img.revcontent.com R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
Frame ID: DC4B0D86C259E817712B7E9C27677F59
Requests: 83 HTTP requests in this frame

Frame: https://cds.connatix.com/p/169995/connatix.player.dc.js
Frame ID: 98081147F64A9B0E1F95A671F1873B7C
Requests: 3 HTTP requests in this frame

Frame: https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C7D4A99DD61D11BD8B269F0A619CED67
Requests: 1 HTTP requests in this frame

Frame: https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E741BA75DDF7FDF62AD6BC8990F251C8
Requests: 1 HTTP requests in this frame

Frame: https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DD60DE4A392D04D3F1747B12C428CD58
Requests: 1 HTTP requests in this frame

Frame: https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 42C9E4B51A24205ED7209D9EF21527E1
Requests: 1 HTTP requests in this frame

Frame: https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0558865458F07D88F7EAFB36D94E3563
Requests: 1 HTTP requests in this frame

Frame: https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3FD5D4C9DA25019E497826DA030CF826
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

89 %
HTTPS

50 %
IPv6

22
Domains

32
Subdomains

28
IPs

5
Countries

1666 kB
Transfer

4886 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/aclk?sa=L&ai=C4q7lVBfRYtHWBsmi7_UPjtGfgAz_nOeda-HQ1ffEEJ64iLaDAxABIL295R1glQLIAQKpAni81QyNvW4-4AIAqAMByAMIqgSqAk_QhZS2YqIxXkgGkVP1LlKPVsYR5NKkF5fP7jT2E_VodbZJskcZmFtEV992xvl0gXCxa-Tq3D7mfgER3x2sr6DUeIKsa-J9uvtr4GO-t6SjaKEBbQQutzAx75SZUQblW1M40l4DueK681DM9O7HGt9jlCweOGJ2GLl9KJlQF6Y6tRzYaBd__84m5QeHpGgj8x94E9PRJB5CcWLuPE3dppi4kpGd8RE0Gk5YKA6WWXen34nfPagJPnU2h0gpHSS1dA9kTljbaxsBI3-i2k8mpJUdIL0vgq6NkPctJnj1IsoaW28M9uzmB5mxBo6PrLmzQYGEGcBHtx1SYvEgZ0v6F5xAFkJDuUOSa3-y_Smrz_4hJFVIaQVOczGslA_vfTzYX9iXAlAaYKt0BjTABNC-vbeaBOAEAaAGAoAH9J2YxAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcB0ggRCIDhgBAQARgdMgKqAjoCgECxCcvFQNjTeHIWgAoDmAsByAsB2BMD0BUB-BYBgBcB&ae=1&num=1&cid=CAQSLQCNIrLMtl46K0SPjyhPwem1hKsAz54tmKSEhVbnbPw_g-TboyCfooJQxmBwSBgB&sig=AOD64_3B2xnK7ITX0lTeejtdrjRfQvhwEQ&client=ca-pub-6333675645708644&nx=CLICK_X&ny=CLICK_Y&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)&uaw=UACH(wow64)&uafvl=UACH(fullVersionList)&nb=2&adurl=https://15temmuz.gov.tr/en

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=Aa2KcEYcyz2bfQY157jJkNnXpCoeANRqXxPoK1tItFUhfE28LYTHKpV9TC-G-jHLMpUoJwDBoh_Ux3L_8gmhE2MvLnmp1HlAixXLaOKZfCj44HKTzjKTwmj8u-fUYnI8DkItEaP-iZvwf-fxK_ZIFecuGuUue-0ravQFOOJi6zQj0Cz4alXFPNSE9rjWeJbsDhlQhonSfeSmQ5YZN_3KBxSI7dQi7HLUZ3rVg3kzEg7oA670dKop-cRyt0oisKr5QYIJCLqVtnXiZ3IRnxceeMQe6FZcc_fahkAL4Bb6_Txixu05FhJZzHmbU7f-eDuyHD5__Jk2IKX11frR7tb5c7YVowLJZl1cmlAdO1jzfenwWCHIKR9ec3AgDF5B0U9UP8IeS9xBYQ35vmtQN5iemEhGq-kHm6kvcle1dtXj1Tl5O5oOgID2ALlTnvAjPMkWnHbON_eUfiTclmHorYk_cufhwXXlDrhIaAHpmjG41ehym8I_SaEKjbD129K5jVMm6Ml7J1RNgXWhw9194z4iTPz43-vj5_Lm4ddR6VTEIIDOe2Apn-OXzHlE9t7fqW6uBxtDRJso1qidcq-H0kB0q9lmZ7pTsA4NSJG21xapEYMklwCBOln3tiXLVqxoaVFFJ-4mGhGMjVdgVi5Ddt8tFNdZiJbF3tVJxD5xW_n37M3f7Gl_Z80WPVhKwjeviMcdlf7Fvz4VeZU4LyR663-QOdAzF5htmcL-gSRb_-P4gdDsmwnC1wDNp-31HHEHAOILmnIcVOX7OJDLDhZULDz4f7nHoF-JKsoUJNEcSKGhFnA7ModA-9-V2VpW2Q-mLUFg5yV6RVoz6usfg1IuYWcZ67BurEe6NorJZYYffneCcovsgqa9Lg99Mm0gWdiPbZPnhKlLOumFR1DBplGf6NRdzn5w45-NM8VnQQR-YRTKLMmxpCf_MpN7Vhm2wHGvTlYeXsZIKXQvq_AD_p41AbT6I-eBYV7CUsgy8tyT843Thp44D33OHlkDWgZHSHAgfyxPizD1biZCz43UQlxRq0x399p4m4LoSHCVhEq-ZPYLwIYqcde7lszMMuP5UP9ovoRQRRJZev-vyOn-tkZkzaUfF4ef7VZ_xBjGDb82y9Pvj6lwH76Kj35hvbuiGYU7YnuXR1tgJQXsIFUkBFVgL6UoeuIhs5P6r1L13Quvgv1v9Ik6YdQ7kVFKSwucLCIg3BmGXdl5CDuoUEq0WEWVvXwRrrgM5RgjOva56saQvibzOIXfjHedq4TG9CgYTcn84bTBTEeqJQxzC2vh67HV0DzhSi-Q9rXRBb5tIecRUj5dzNb_7LZ5UO3w7utPAGOZI3nIfyhArY0vb5vFa80xdovW9XDzGKvKmIEgWTTJRDTKMlbiS8Uj1XsqmCID8kZ9qXDPY_IM5koxMCy0lkmBggRX2NiTfndmPekhbxcu2tQbcSUG_VdEZAzd2AmtKo8-DM8JVdsLDTNF-GUgNGvo5vzReT8jftjHBo64okVNrZjdh-Bb8zoPzkQKyvaC08KI0MU7_6Cy2_YXFIuecGz_VWmWlwCWS10kmCSAQ0EV097ezrsPLXThAXDv_iIgj5whsJbxBN48igko9sZhxlOF2rnWxqbmY2EQMIVWhP7YEhnDXaVYOrScgyWCSCCtz8V97CMZUz0L0NpOMYBpWjDlJ3y7whcwjio6othvMTP-r3jpkgbw_ye16L6o6uX5KVcXEQ8G9b2BRXoYkjw

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/169995/connatix.player.dc.js

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 87

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.makeuptalk.com%2F&domain=www.makeuptalk.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=EE9LfXw1N1RFZjBQWEtPNTR5M21lRUhWaG9NM3BhRWxkbUQyMG5ueDZsdzM5WVJCK3gvWUFnczNDZVZCaHJZM2h2YnBqdS9sc1czNlRUcTFNYzVlNlFsT1lTT3lXU3RUeTZhbnIxaUtoUS8vQ3hYVFp4QXBrYk4rMEtnUHYvb0xZUmF3eDVQWVNQbldwWTc2RGk4SGdjR0tUeWowaWxuYWpOd2Z3QS9OaW5Hb3FPOW00ZTc1d3JISmcxbklaV1NxWmw0dHYzMXBkamhGTisvTjNRdW9OMTlKSXpuN0J5YUN1NWNleCtxamttNTlncjlRPXw&cppv=2

89 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.makeuptalk.com/threads/how-to-control-oily-skin.146373/ 72 KB
17 KB 236ms
176ms Document
text/html 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

491f58c7f0d78f3d6ce5b642f360e89aeaf9e9cb993e551e78f207b3fe7f36b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 72b0c966b9f9902e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 15 Jul 2022 07:29:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Fri, 15 Jul 2022 07:29:23 GMT
link: </styles/fonts/fa/fa-regular-400-min.woff2?_v=5.15.3.1657845661>; rel=preload; as=font; crossorigin=anonymous
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31KX8c0%2BA8gYEWRJQF%2F9JeT7zUeH8cV%2FjYsbcd47mhZXukMFLmvKBSKZu7Uyj8MqkcK1Qe%2BVw6%2BOFwGRruBDg5kq3yMRcV6SSj9YADaSFFLx%2FF868jU32V9Ox87eFEYTUuwpf0cYqtoVesPo3o%2Fnpsk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 fa-regular-400-min.woff2
www.makeuptalk.com/styles/fonts/fa/ 12 KB
13 KB 132ms
132ms Font
font/woff2 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuptalk.com/styles/fonts/fa/fa-regular-400-min.woff2?_v=5.15.3.1657845661

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

564f53fcdeddff770057fee8ff6644291b3ee8b97fbf5b08dd860c353dece2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
Origin: https://www.makeuptalk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 12712
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 00:41:09 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "31a8-5e3cd4632a828"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=locfgEN0ZVDU1B41t1OcdG5uPTnRgpz0jQdg9on2pbRgJRK1NFr1dclb2kP24fKyFDUh2E%2BBWdUjgQn82zwj7NoiPF2v24EBrdFX%2FNvH5CqxjuKeb1Xutjn%2BwoJoz4OpqSNWRCHSAeM7He%2Fbx7QaEpM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 72b0c967db5a902e-FRA
expires: Sat, 15 Jul 2023 00:41:20 GMT

GET
H2 200 css.php
www.makeuptalk.com/ 244 KB
38 KB 153ms
153ms Stylesheet
text/css 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuptalk.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=1&d=1657846052&k=9a5d122a484823945790d891a31aa5862d95e0af

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eebc2f47751dd46db4231c5283562e2a4bc026903559d417e3adfe7eda916547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 00:47:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4PX31Hsm10%2BL23KEA%2B0U9U6Eg6xMWWeo%2BGx6iFg6SV%2FuG56XjIdE%2FiVUm8UWf%2FdS9EfWo41fAnEfTV8Y4zgUznWaRQXEoVjjfTp7XsWT9kSVbrLmK1FtPIk2cB8rsPstpIWT6qtX5z0Iv9EPn8YUqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 72b0c967eb5c902e-FRA
expires: Sat, 15 Jul 2023 07:29:23 GMT

GET
H2 200 css.php
www.makeuptalk.com/ 91 KB
15 KB 145ms
145ms Stylesheet
text/css 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuptalk.com/css.php?css=public%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Anf_giftupgrades.less%2Cpublic%3Anotices.less%2Cpublic%3Aregistration_popup.css%2Cpublic%3Ashare_controls.less%2Cpublic%3Asponsor.less%2Cpublic%3Aextra.less&s=2&l=1&d=1657846052&k=ba54dd8da6fa11f59a560265c7997f5f3a3b8785

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ce6f4fc2a5d8c8da97b33ef06a933b9c300c412962bec002aa57e82dec55495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 00:47:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cX8Q6p1QK%2BF0lPIyGcx1dn3hsv4xZe5eWstTCRNfTu%2FBIycw7YDO%2BOErPw1k8l1dUmuPH6sXuSkWYdNfcScyAai53d5tUGjg%2BbwEIqn%2FA1lloqhjA1QyanxUKHFfRG7F2MT3SRVQpIQSyQfmBn1mbNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 72b0c967eb5d902e-FRA
expires: Sat, 15 Jul 2023 07:29:23 GMT

GET
H2 200 preamble.min.js Show response
www.makeuptalk.com/js/xf/ 3 KB
2 KB 116ms
116ms Script
application/javascript 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuptalk.com/js/xf/preamble.min.js?_v=b889a863

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f0d5e29e4408e8ecdccee5e73a185566774f71c7f440cc50ad5c647b127ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Jul 2022 01:05:56 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"cc0-5e3b980fbe500-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuezJrDIgCHkTL2nWkJq%2F%2Fys%2BT7g%2BxoxfijVTLGXf3EOyUws0qaSiEH09W3R1oh1Lx0pEZ%2BQnyTM71ZHZK4VVn6fFojhSx8lBinC77xFrQQpHKFsVHru6NstZPFLvxLuvk85GZHP1OCxq3laP9PEJwc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 72b0c967eb5e902e-FRA
expires: Sat, 15 Jul 2023 00:14:14 GMT

GET
H2 200 51475b643b8202069d409b4a96d8175b.js Show response
cdn.imagearchive.com/makeuptalk/data/js_cache/ 196 KB
70 KB 725ms
668ms Script
application/javascript 2606:4700:20::681a:41c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.imagearchive.com/makeuptalk/data/js_cache/51475b643b8202069d409b4a96d8175b.js

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:41c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeb1c4447ff9a8461be244ad99b077fef210c47b49c09f6691584fa5eeaed4b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000017a43b3d4-0062d11753-2afd6e12-nyc3b
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-hw: 1657870163.dop017.am5.t,1657870163.cds118.am5.shn,1657870163.dop017.am5.t,1657870163.cds135.am5.p
last-modified: Fri, 15 Jul 2022 07:10:33 GMT
server: cloudflare
cache-control: max-age=31536000
etag: W/"51475b643b8202069d409b4a96d8175b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K55VifAKbeZDwm5IkS%2BBihY%2BnoIw3YXhQ%2Bn%2B6CMHw0mOHgA%2FGh9%2BP%2BTt%2FMRvlaeQSH2ZpW0GYivtCWwaNixSIKZBwqxaf1OuMjxxAcWVnOwEx68a7w7XeNOgUagtcQCfv3GFSfhL0imu%2B9sBdF7Sf%2F%2Bj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-rgw-object-type: Normal
cf-ray: 72b0c96949629060-FRA

GET
H2 200 rules.js Show response
cdn.adligature.com/mut/prod/ 21 KB
5 KB 214ms
157ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/mut/prod/rules.js
Requested by: Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 658638541c6c287e88eaf21c8e6cdb76821db08d5b0aaab700a3abedc4b49915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=0t0ZCw==, md5=zmh9AcQJm2HEZE39LWTHng==
date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=34401
x-guploader-uploadid: ADPycdtiX3XYDSYMRk9HlJr_5zpyW0wRr7lpHh7P71wLJrhw0-qOwrqEEASaBlyn8Kbw-EBeIdDEsm53nPsQKA4I9FjrBg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Jun 2022 14:25:39 GMT
server: cloudflare
etag: W/"ce687d01c4099b61c4644dfd2d64c79e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeR9bcnuKTo%2BwKTRUf88%2FqKG0LnTx1lMd%2FCUqhv1PDi9ruTN%2Fjzm6ioRqTCtncX6Yb9a5jqq3E2UeLf6PLXZjkNPcwpT%2FNQtY5BNB7kBh7KRE7EXYzv9PcpakrtsMTUldhERN7HP3xBRjyNFFNCbT%2Fo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1654525539398316
content-type: application/javascript
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
x-goog-stored-content-length: 34401
cf-ray: 72b0c9694bcb91e9-FRA
expires: Fri, 15 Jul 2022 07:39:23 GMT

GET
H2 200 logo-makeuptalk.png
dev.jarek.cc/img/ 9 KB
9 KB 182ms
89ms Image
image/png 195.15.231.89
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.jarek.cc/img/logo-makeuptalk.png

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.15.231.89 Carouge, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

od-87015e.ch2.infomaniak.ch

Software

Apache /

Resource Hash

f89ba21c924038c4c67e6fa525ac75e43aa759e7601b1958bdfaea57de46da20

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: gzip
last-modified: Fri, 21 Aug 2020 16:54:02 GMT
server: Apache
etag: "2490-5ad661577de80-gzip"
vary: Accept-Encoding
content-type: image/png
strict-transport-security: max-age=16000000
accept-ranges: bytes
content-length: 9299

GET
H2 200 50bdb7e1efb6c40f3d53bd91d1217b1b.webp
cdn.imagearchive.com/makeuptalk/data/uploads/ 15 KB
15 KB 137ms
82ms Image
image/webp 2606:4700:20::681a:41c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.imagearchive.com/makeuptalk/data/uploads/50bdb7e1efb6c40f3d53bd91d1217b1b.webp

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:41c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3cde4961767f10244ffe69781424ccb69fc318baa0e2e76d147279c4386fd49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000001795b9860-0062d0c5e2-2afd6e12-nyc3b
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15390
x-hw: 1657870163.dop008.am5.t,1657870163.cds015.am5.shn,1657870163.dop008.am5.t,1657870163.cds257.am5.c
last-modified: Fri, 15 Jul 2022 00:32:59 GMT
server: cloudflare
cache-control: max-age=31536000
etag: "0c5e973e02c06ed26c059e1497b2b029"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U40IpWykstUpdOeAEz7lIcBDSlow6DSrg0JN3Jlqe%2BKK0CSQruGS3iFJypKzO63%2BkGWpjntQ%2FrnyVSUicqBMoFbKdJratB5dtPK44HsVWUFW7AgSzlc%2FF%2BCEHI7FbWc8bI%2Bp2tEFr9StnTHzVKkh%2Be%2BJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 72b0c969496b9060-FRA

GET
H2 200 ea414f636488e16051f9fe2bd3587581.webp
cdn.imagearchive.com/makeuptalk/data/uploads/ 18 KB
18 KB 134ms
78ms Image
image/webp 2606:4700:20::681a:41c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.imagearchive.com/makeuptalk/data/uploads/ea414f636488e16051f9fe2bd3587581.webp

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:41c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e084b1749b790718a5ff7d7d2dbdd577cb69953f1364689133c1688561f5c3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000018b2bf2fa-0062d0c5e1-2afd02cc-nyc3b
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18260
x-hw: 1657870163.dop140.am5.t,1657870163.cds269.am5.shn,1657870163.dop140.am5.t,1657870163.cds226.am5.c
last-modified: Fri, 15 Jul 2022 00:31:22 GMT
server: cloudflare
cache-control: max-age=31536000
etag: "cde6ca0a966ddd6d0adefd58608f467d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uOolY8XAPAa%2BHy32ocTrZaIrp5hiuwKvpRaSCIvVgnZZc5BVD8UxsKndfI1p6PTVtKYrqzBfKB9PnAkYfMrPg46iX9CG6bWZ4QiV22XaH5Q282%2F2KcTR2U4DeTx8gN70HeYzD9vcY7iKI%2F3u44C2je2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 72b0c969496a9060-FRA

GET
H2 200 3adcd3ceb665d4285d27dff443b8eb5f.webp
cdn.imagearchive.com/makeuptalk/data/uploads/ 11 KB
12 KB 131ms
75ms Image
image/webp 2606:4700:20::681a:41c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.imagearchive.com/makeuptalk/data/uploads/3adcd3ceb665d4285d27dff443b8eb5f.webp

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:41c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

271b720349f7784cefd2775fe996809650273173f66356960f0ab88033b09c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000018b439fb2-0062d0cdb8-2afd02cc-nyc3b
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11640
x-hw: 1657870163.dop202.am5.t,1657870163.cds217.am5.shn,1657870163.dop202.am5.t,1657870163.cds078.am5.c
last-modified: Fri, 15 Jul 2022 00:30:36 GMT
server: cloudflare
cache-control: max-age=31536000
etag: "e9dc4956161523959961e06bafa7a3c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDSYy2%2FF5Dm5nOYyxghkhDHRnJ3re%2FdlvbxI8%2BQzVNnwT4r7oL1Hl3BidBRYuEpWZJOFvLMe7eYeiKUw8YGlC%2FhF2tQBSXmCrTpLd9gNJorSbtpen8ImOX6M6%2BNZxpNrDGH%2Bfv%2Bt82zji0ZzALmTJtSC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 72b0c96949689060-FRA

GET
H2 200 09e0edc530d5b514f4fc31e7af200e32.webp
cdn.imagearchive.com/makeuptalk/data/uploads/ 18 KB
18 KB 132ms
77ms Image
image/webp 2606:4700:20::681a:41c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.imagearchive.com/makeuptalk/data/uploads/09e0edc530d5b514f4fc31e7af200e32.webp

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:41c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2e7ae646b91bef8e3ed0ff62a1cbc134baf7e4491792cac5f8ec74bdf1e2451

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000001795b987c-0062d0c5e2-2afd6e12-nyc3b
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18050
x-hw: 1657870163.dop254.am5.t,1657870163.cds151.am5.shn,1657870163.dop254.am5.t,1657870163.cds111.am5.c
last-modified: Fri, 15 Jul 2022 00:32:14 GMT
server: cloudflare
cache-control: max-age=31536000
etag: "944c5bbb3cc7623dc303f4f8fde9736b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMiE0sP0TmZV2Y6IRHWZTMcJSdYIspQ8WvMFsVjsVHGt7vjcX4ex9prZqJGfH1sIih2Y%2BekjPmH1OnYlbKD57w24xV%2F%2BhhcO5SnaO56r%2BnF4yMrpmIP5OE%2B%2FnRJrKGAuXct98716B%2BxrMENsqJUVZTmy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 72b0c969496d9060-FRA

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 42 B
435 B 137ms
23ms Image
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: 3b332fe3ea371
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 42
x-served-by: cache-sjc10034-SJC, cache-hhn4042-HHN
x-timer: S1657870163.465117,VS0,VE0
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 34, 81565

GET
H3 200 jquery-3.5.1.min.js Show response
www.makeuptalk.com/js/vendor/jquery/ 87 KB
32 KB 34ms
34ms Script
application/javascript 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuptalk.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=b889a863

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12997
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Jul 2022 01:05:56 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"15d84-5e3b980fbe500-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZ42yGm4SRLbsFIyrO61X85FFD2FD%2BAbt6V4FORj%2Bz2tQTzP7XYot8aDQpw9wBUCDob6F66ACoSUdq2ufWZ23tW5L5VI%2BARvfWlKdCEyHzzJ%2Fqnr5GahJpL%2FF8cM0ecpFcBHDT%2Bl7Y7QsC3J7CQlmCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 72b0c968c94b91de-FRA
expires: Sat, 15 Jul 2023 00:14:14 GMT

GET
H3 200 vendor-compiled.js Show response
www.makeuptalk.com/js/vendor/ 42 KB
13 KB 49ms
49ms Script
application/javascript 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuptalk.com/js/vendor/vendor-compiled.js?_v=b889a863

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12997
cf-polished: origSize=43704
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Jul 2022 01:05:56 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"aab8-5e3b980fbe500-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P21tic5NtLW0nIiyLG%2BiGSFVH0E12pUmP8EGaBbaRWoBztDfmpYqJ8b38ovrMDzVF2knLS%2BOKI0thAmQG92oWkR5o%2BbQ3EYE1mddt73cevqXFqhbzaRMSIf5myUpKaiTl77FFIcfaFIhrPyitZFiPV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 72b0c968d95891de-FRA
expires: Sat, 15 Jul 2023 00:14:14 GMT

GET
H3 200 core-compiled.js Show response
www.makeuptalk.com/js/xf/ 207 KB
60 KB 316ms
316ms Script
application/javascript 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuptalk.com/js/xf/core-compiled.js?_v=b889a863

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df08b1e1c3f60fb552a49b7456a75e767f9e4fdf3a85881f9d644bf6b5f0d329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=211947
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Jul 2022 01:05:56 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"33beb-5e3b980fbe500-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwjOCpS0ihG70gPzwwe7IIVoYLm%2FPx1IkHyoZWWWjFp7cqalvXwzKSfD9Hxey%2FM6IobUusefjxFnM%2FCLMrHfw%2B0xy9XsAnEikn%2FHCIPySOFyb8i0HOyUTWiqxaJDnB%2FiJZOW3PVVavF7xXDdMdMu488%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 72b0c968e97491de-FRA
expires: Sat, 15 Jul 2023 00:14:14 GMT

GET
H3 200 notice.min.js Show response
www.makeuptalk.com/js/xf/ 3 KB
2 KB 59ms
56ms Script
application/javascript 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuptalk.com/js/xf/notice.min.js?_v=b889a863

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfe3ecad86362036bfbf2e0d2bc27a6a593cb0fff32a97a5b1b5f81b409a3bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12997
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Jul 2022 01:05:56 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"c24-5e3b980fbe500-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcHF08z4jfdtdAKGT%2BxJLGCifiW4IgosYC8oMuONGSSZz6IWo9SMQ6z1DcWpgLOpj3KKbsjb4h%2FvL%2Bw12GE4lKgr1cPKbc9GjBLxIRVXAEVH%2Fb%2BMvrfQh0rlt2EmDCgap2UqVA4QEgxZS8670%2Bm5rEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
cf-ray: 72b0c968e97791de-FRA
expires: Sat, 15 Jul 2023 00:14:18 GMT

GET
H3 200 doubleserve.js Show response
www.makeuptalk.com/js/gb/quick-reg/ 118 B
732 B 59ms
57ms Script
application/javascript 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuptalk.com/js/gb/quick-reg/doubleserve.js?_v=b889a863

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24b85e11eeeb880f880d59585583cc747c9f777480d5330dad40a54390fe109b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12997
cf-polished: origSize=128
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Jul 2022 21:04:30 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"80-5e3518c583380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSG%2FVTpEmC5uVWE%2BgEeA8%2B%2BBGB60llw7o3TmrBDjFAwUIfyWZeF5WpHiBMEccs1x72AnelImJ8RkEecUz2uUuS1I3IGXvDyWw%2FYl8GQCsi9SpRwNtxQzLZkt0fG8G%2Fwa6lBmRGoK2X%2Bwajhj524t4jU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 72b0c968e97991de-FRA
expires: Sat, 15 Jul 2023 00:14:18 GMT

GET
H2 200 bg-makeuptalk.png
dev.jarek.cc/img/ 46 KB
47 KB 149ms
58ms Image
image/png 195.15.231.89
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.jarek.cc/img/bg-makeuptalk.png

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/css.php?css=public%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Anf_giftupgrades.less%2Cpublic%3Anotices.less%2Cpublic%3Aregistration_popup.css%2Cpublic%3Ashare_controls.less%2Cpublic%3Asponsor.less%2Cpublic%3Aextra.less&s=2&l=1&d=1657846052&k=ba54dd8da6fa11f59a560265c7997f5f3a3b8785

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.15.231.89 Carouge, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

od-87015e.ch2.infomaniak.ch

Software

Apache /

Resource Hash

dbdf4760e75f70e0dab5feb6ead8ca2c5047240c879288626fa4034b76e5162e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: gzip
last-modified: Fri, 21 Aug 2020 17:10:38 GMT
server: Apache
etag: "b991-5ad6650d59f80-gzip"
vary: Accept-Encoding
content-type: image/png
strict-transport-security: max-age=16000000
accept-ranges: bytes
content-length: 47533

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f805dc9ad1c7a1ac931caca2e6930f64cba8a81083c5dc72b383829d7559dab

Request headers

Referer
Origin: https://www.makeuptalk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 sprite_sheet_emojione.png
www.makeuptalk.com/styles/default/xenforo/reactions/emojione/ 8 KB
9 KB 118ms
118ms Image
image/png 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.makeuptalk.com/styles/default/xenforo/reactions/emojione/sprite_sheet_emojione.png

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=1&d=1657846052&k=9a5d122a484823945790d891a31aa5862d95e0af

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66d8ca9df101d87223fb5909ae1497d620a7c1bb1dc24e427efc47c2ded9ebf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=1&d=1657846052&k=9a5d122a484823945790d891a31aa5862d95e0af
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 8408
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jun 2020 03:10:50 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "20d8-5a7397dda8280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xL%2FM1UvxnQ6b4csYBjy%2FRaJESMfTTDsdNofojd5o%2BIQkIRdU5fKosd8oIQovcZp6Bn4hPUz3mQdjDdYVUlS9CmDH3v1QXozg8Q8%2BLRlUiH1IKa1HYVe72IhqBXgdHGd29cKCHJ5XCsKhuBOLSfCrg7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 72b0c9697a9891de-FRA
expires: Wed, 12 Jul 2023 21:19:48 GMT

GET
H3 200 sprite_sheet_emojione.png
www.makeuptalk.com/styles/default/xenforo/smilies/emojione/ 78 KB
79 KB 161ms
161ms Image
image/png 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.makeuptalk.com/styles/default/xenforo/smilies/emojione/sprite_sheet_emojione.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

781124b75fc5239ee2b46cb52e1486b4ab17cafc6a68e614ce569b751af1dfd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=1&d=1657846052&k=9a5d122a484823945790d891a31aa5862d95e0af
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 79766
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jun 2020 03:10:50 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "13796-5a7397dda8280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JIZZUXswvCuUAhaGgQKdqBcIwX5pocUUXoxhrfgg%2FofNjzMpbeXEBcwwglh5F4gE2zo3mCBQQOUgyg%2FDdB0z3fEQvVJymIXv4JTbUc8bGA8%2FtevvSqoAPwDLG205BjL8k62sf%2BzVM0lMrrYZ88mE5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 72b0c9697a9991de-FRA
expires: Thu, 25 May 2023 21:07:42 GMT

GET
H3 200 134872.jpg
cdn.imagearchive.com/makeuptalk/data/avatars/s/134/ 1 KB
2 KB 60ms
34ms Image
image/jpeg 2606:4700:20::681a:41c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.imagearchive.com/makeuptalk/data/avatars/s/134/134872.jpg?1651957300

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:41c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9328036b0467c73a57bd1d54557db7ba155abb6cf4aa98483a22cc31ede172ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12997
cf-polished: origSize=1469, status=vary_header_present
cf-ray: 72b0c969eb239265-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1139
x-hw: 1657857166.dop208.am5.t,1657857166.cds006.am5.shn,1657857166.dop208.am5.t,1657857166.cds318.am5.c
last-modified: Sat, 07 May 2022 21:01:41 GMT
server: cloudflare
cache-control: max-age=31536000
etag: "3caf843e84c08920a316c1a4529b74bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQWsyOCD8R%2FbrkLT6AdNY4aZFC9AIBKdX1CBe5i1z1NWI3Krm4Oa9qqxeqX%2F9O4w3blvjrU%2FeXK4Opj57bP8tpu2OsXMR6H04PaC60%2Feqh9qU828yrPFFVennuuHSuefqv97ObVOdv%2BK%2BPpN%2F5myOsiB"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000179725bee-0062d0cdb8-2afd6e12-nyc3b
x-rgw-object-type: Normal
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H3 200 advally-4.26.0.js Show response
cdn.adligature.com/rules.js/ 110 KB
31 KB 60ms
33ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/rules.js/advally-4.26.0.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/mut/prod/rules.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91663be748597f100c7b1422e7c19d71d0fb8329e51c569dcb9b201a9a2d3d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=c8wt8Q==, md5=Xa7i1VyBg69CVzJfSGGLng==
date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5232
cf-polished: origSize=180567
x-guploader-uploadid: ADPycdvwZ38fgeeBQ2qPlDa6wilmMwuLVTbjtvU0cLGx-qDPpTlrwq4aqAOyP5puMpoWsHUBxOkCrs3aPnOurzsWldcL1g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 25 May 2022 19:20:28 GMT
server: cloudflare
etag: W/"5daee2d55c8183af4257325f48618b9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKTdZXMu6YXPrmsEXu3zSshKjK9iO8mtba4tfCGSduox80mrz1%2BwFSVAaSJYe1gw4QcLHfBSwwbr0bpPprNQrhx%2FJDQxEPQP4LLidhbnEHhBb6UcIN2FwWcsmfb4kohd2Q6GPIlIGJuQtdkE73TBu%2F8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653506428895902
content-type: application/javascript
expires: Fri, 15 Jul 2022 07:19:33 GMT
cache-control: public, max-age=7200, s-maxage=7200, must-revalidate
x-goog-stored-content-length: 180567
cf-ray: 72b0c96a78ae9140-FRA
cf-bgj: minify

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 53 B
208 B 80ms
20ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.26.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 876d46e9c7992ee09c57f9ec20d8274ea92a913d083fd066e952bc958dfe2e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 15 Jul 2022 07:29:23 GMT
Content-Length: 53
Content-Type: application/json; charset=utf-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 102ms
35ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.26.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

dcfc3d7fb813983d69c52c54b6f1e5a9de8460a9982a07d7a689b584767d35aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28574
x-xss-protection: 0
server: sffe
etag: "1274 / 543 of 1000 / last-modified: 1657836308"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Jul 2022 07:29:23 GMT

GET
H3 200 prebid-5.20.2.js Show response
cdn.adligature.com/prebid/ 491 KB
140 KB 44ms
44ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/prebid/prebid-5.20.2.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.26.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1184c1089df5a86d99411c598ded1ee7e3a98cb86da0f6db462b63a52dd77977

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=7Yg6wQ==, md5=acLztksmdX0PhCiS7jYhYg==
date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18
cf-polished: origSize=502917
x-guploader-uploadid: ADPycdt-dV5tWIaQ9s1e3YFKb0Zwj-RsYTFVTnC2pKtdgskJT2z1RdLPDt2srddOwopb_DGVW7UmJAtG9C2QrtNVhaCWgg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Jun 2022 15:27:55 GMT
server: cloudflare
etag: W/"69c2f3b64b26757d0f842892ee362162"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpaT56D9TPTPVH5YbUBMvX4gPc1fEur%2BLUfBN2sgq2VvrP5Eue4ivTR%2BZwLfOmCWC3Uv8umYSm9ACL0cVbqnfUIQGG3EQcQUWjFs5nd6dBGV%2FihWtKiwJb%2B4qu%2FsWTI3H5l7bjCyiuCQ%2FuQXgYxNHL8%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
x-goog-generation: 1643647566178087
content-type: application/javascript
expires: Fri, 15 Jul 2022 07:39:05 GMT
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
x-goog-stored-content-length: 502917
cf-ray: 72b0c96ac9499140-FRA
cf-bgj: minify

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86c3e2d263fe07c01867c706a1ef50ee11abd4e73190c153862f85b17bf9a351

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pubads_impl_2022071401.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
129 KB 69ms
22ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068474

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 10:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131659
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 08:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Jul 2023 10:41:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 112 B
118 B 74ms
31ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.makeuptalk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

081e3348c92a80275474ad9b8e751ad4d0c72c8b7c6872320531908e00a3e963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93
x-xss-protection: 0
expires: Fri, 15 Jul 2022 07:29:23 GMT

POST
H3 200 job.php Show response
www.makeuptalk.com/ 14 B
684 B 165ms
164ms XHR
application/json 2606:4700:3037::6815:e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.makeuptalk.com/job.php

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=b889a863

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f779de80f6ebd5d15cb3209e82969f8ad90e4ba02899e24c1796f2c9aca80343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 15 Jul 2022 07:29:23 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoZZ2kgZJ85woCdMyq0%2B7%2BM5%2Fu1yx7tj2YmGw0cBqZ1GERnfybGtYrAlQtAHPkIKfr188lFFf2%2F32xRAD7zokvxWtRJpoovu%2FqcTnMNTXBFzRmktfYF1LSMDwqarVTa5a7KVuVIhkG%2BKJbbOi99mQWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 72b0c96bfe8891de-FRA
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/169995/ Frame 9808
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/169995/connatix.player.dc.js

1 MB
274 KB

28ms
21ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/169995/connatix.player.dc.js
Requested by: Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bc40299eecfc2ec72017458739d03a013a9b4acf2fbe894cd7c3be931e5bdc1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: br
last-modified: Wed, 13 Jul 2022 11:28:21 GMT
age: 158261
etag: "dd96526a507e52a5a6b617edff7ae26b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 279930

Redirect headers

location: https://cds.connatix.com/p/169995/connatix.player.dc.js
date: Fri, 15 Jul 2022 07:29:24 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 154 KB
49 KB 96ms
23ms Script
application/x-javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.26.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: baef494f7ae268d69fe448d07bb3b3e0ac9f863e25fa649e8ffbc29bad7be8be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: gzip
last-modified: Tue, 12 Jul 2022 16:22:40 GMT
server: AmazonS3
x-amz-request-id: WD7AVFAPPE1AYHJW
etag: "38355562882cc79c426e179bf54b2baf"
x-hw: 1657870164.cds126.fr8.hn,1657870164.cds146.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 50174
x-amz-id-2: xeXsQwGTlW0AyxFw+ZomdOyuQSFSXjZplbcWAnfqyw8s6jubcEJ2lQyhek2QPAXSn4tceWiJDX4=

GET
H2 200 op.js Show response
tagan.adlightning.com/advally-culturedmedia/ 48 KB
20 KB 82ms
28ms Script
application/javascript 108.157.4.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-culturedmedia/op.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.26.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-87.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccfe8e72eb6727be1d1ab72c884b7fb99a0f6e4570b2c98f2d4a98fdea691968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: GRSqZs2h5OJpQvXLh8QcAIgqY7J5fqz6
content-encoding: gzip
etag: "7e792f7cf7d20868ded152b2146af1a3"
age: 3527
x-cache: Hit from cloudfront
content-length: 19556
x-amz-meta-git_commit: 92ee7c4
last-modified: Thu, 14 Jul 2022 19:24:55 GMT
server: AmazonS3
date: Fri, 15 Jul 2022 06:30:38 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: 7bpuWOCHD5EymMy9dmSIpgQuefXw4tlVzmJ8JKt2NhZuWPhQ7bkpGA==

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b58d468e50c41483bbc44fdcebcb3dd8ae11d7d8bad36d43d38fcdcad5b321

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 si
capi.connatix.com/tr/ 0
116 B 199ms
140ms Image
application/json 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=e239dfba-81c1-46d6-85d4-55634ed104d2
Requested by: Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:24 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 93ms
29ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.makeuptalk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 80ms
29ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.makeuptalk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 146 KB
31 KB 860ms
860ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=477205039675734&correlator=1906234491241151&eid=31068474%2C31068435&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fifs&iu_parts=70318324%2Cmakeuptalk.com%2CFooter_sticky%2CMiddle_Header%2CFirst_Post%2CInline-1%2CTop_Sidebar%2CBottom_Sidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=728x90%2C728x90%2C728x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600&ifi=1&adks=3229267466%2C1920184863%2C1365439546%2C456553623%2C3970835759%2C438682801&sfv=1-0-38&ecs=20220715&fsapi=false&eri=1&cust_params=usertype%3Dvisitor%26refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1657870164049&lmt=1657870163&dlt=1657870163172&idt=767&adxs=436%2C30%2C31%2C276%2C1270%2C1270&adys=1108%2C171%2C1308%2C2615%2C423%2C845&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.makeuptalk.com%2Fthreads%2Fhow-to-control-oily-skin.146373%2F&frm=20&vis=1&psz=728x-1%7C1540x90%7C1218x125%7C1218x125%7C300x0%7C300x0&msz=728x-1%7C1540x-1%7C1218x-1%7C728x-1%7C300x0%7C300x0&fws=516%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=760596145.1657870164&ga_sid=1657870164&ga_hid=1149424234&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068474

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

cd969d6b4cbc55d218dc86b00b06b18607faadf771be98406882d01ba6c8206b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32132
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.makeuptalk.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C7D4 6 KB
4 KB 112ms
27ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuptalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 07:29:24 GMT
expires: Sat, 15 Jul 2023 07:29:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
350 B 78ms
28ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ESSSJ7RPV3&gtm=2oe7d0&_p=1149424234&_z=ccd.v9B&cid=760596145.1657870164&ul=en-us&sr=1600x1200&_s=1&sid=1657870164&sct=1&seg=0&dl=https%3A%2F%2Fwww.makeuptalk.com%2Fthreads%2Fhow-to-control-oily-skin.146373%2F&dt=How%20to%20control%20oily%20skin%20%7C%20Makeuptalk.com%20-%20Makeup%20forums%20and%20reviews&en=page_view&_fv=1&_ss=1&_ee=1&epn.style_id=2&epn.node_id=3&ep.node_title=Skin%20Care%20Talk&epn.thread_id=146373&ep.thread_title=How%20to%20control%20oily%20skin&ep.thread_author=Rosario
Requested by: Host: cdn.imagearchive.com
URL: https://cdn.imagearchive.com/makeuptalk/data/js_cache/51475b643b8202069d409b4a96d8175b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 07:29:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.makeuptalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
39 KB 103ms
54ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156561563-19&l=dataLayer&cx=c

Requested by

Host: cdn.imagearchive.com
URL: https://cdn.imagearchive.com/makeuptalk/data/js_cache/51475b643b8202069d409b4a96d8175b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96090f4a8cdfb1e9cb558185c76eea00c132c9bd66bc5655bad40e1032bb0338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40322
x-xss-protection: 0
expires: Fri, 15 Jul 2022 07:29:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 82ms
33ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-54483918-14&l=dataLayer&cx=c

Requested by

Host: cdn.imagearchive.com
URL: https://cdn.imagearchive.com/makeuptalk/data/js_cache/51475b643b8202069d409b4a96d8175b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4275ee71057586bf3654c03af49b4e6ab3a879c4a0890c3ea1fb2522e97372f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40303
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jul 2022 07:29:24 GMT

GET
H2 200 b-92ee7c4-e8ebde53.js Show response
tagan.adlightning.com/advally-culturedmedia/ 82 KB
31 KB 27ms
26ms Script
application/javascript 108.157.4.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-culturedmedia/b-92ee7c4-e8ebde53.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-87.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d508125a0b4718c8bf3604cc1e0dc68abeeac50224cfaf7daf8fb78381c43d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:18:55 GMT
content-encoding: gzip
age: 4687830
x-cache: Hit from cloudfront
content-length: 31213
x-amz-meta-git_commit: 92ee7c4
last-modified: Tue, 15 Mar 2022 17:44:53 GMT
server: AmazonS3
etag: "fdab037b5eb5b76ab3f86c2bff6a98e0"
x-amz-version-id: AZUnLpiJifoM6OT5oIZ3tA8SfbC9vx3D
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 4qpzkJQT0c6toW3qzxNPFVn7Age-5OEv5JyTSJTASdUxfrvIi7iKAQ==

GET
H2 200 bl-71da159-c0eb3ca9.js Show response
tagan.adlightning.com/advally-culturedmedia/ 45 KB
19 KB 45ms
45ms Script
application/javascript 108.157.4.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-culturedmedia/bl-71da159-c0eb3ca9.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-87.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc10378bff3015c398bbee5b693ced88aebe34130c859531f974172e80c9961d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 19:25:13 GMT
content-encoding: gzip
age: 43451
x-cache: Hit from cloudfront
content-length: 19343
x-amz-meta-git_commit: 71da159
last-modified: Thu, 14 Jul 2022 19:24:22 GMT
server: AmazonS3
etag: "f67ac0b9d6ea1e82cd3bc13112302289"
x-amz-version-id: gLJSz.Vg9IkxDT6Y7ccnh44sO9iWVhgf
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: kugOWTMj-0Gh-7vFke7FJsLnb4tNQo4jMmPSjpiFPj9NN8-4IJPXxA==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 199 KB
61 KB 77ms
21ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:07:19 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=95954
accept-ranges: bytes
content-type: application/javascript
content-length: 62062
expires: Sat, 16 Jul 2022 10:08:38 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54483918-14&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1996
date: Fri, 15 Jul 2022 06:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 15 Jul 2022 08:56:08 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 30ms
30ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1149424234&t=pageview&_s=1&dl=https%3A%2F%2Fwww.makeuptalk.com%2Fthreads%2Fhow-to-control-oily-skin.146373%2F&ul=en-us&de=UTF-8&dt=How%20to%20control%20oily%20skin%20%7C%20Makeuptalk.com%20-%20Makeup%20forums%20and%20reviews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAAC~&jid=755175693&gjid=224491637&cid=760596145.1657870164&tid=UA-54483918-14&_gid=438767145.1657870165&_r=1&gtm=2ou7d0&z=1656625293

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.makeuptalk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 07:29:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.makeuptalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
28ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1149424234&t=pageview&_s=1&dl=https%3A%2F%2Fwww.makeuptalk.com%2Fthreads%2Fhow-to-control-oily-skin.146373%2F&ul=en-us&de=UTF-8&dt=How%20to%20control%20oily%20skin%20%7C%20Makeuptalk.com%20-%20Makeup%20forums%20and%20reviews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAAC~&jid=404355342&gjid=1490055926&cid=760596145.1657870164&tid=UA-156561563-19&_gid=438767145.1657870165&_r=1&gtm=2ou7d0&z=611338849

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.makeuptalk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 07:29:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.makeuptalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1149424234&t=event&_s=2&dl=https%3A%2F%2Fwww.makeuptalk.com%2Fthreads%2Fhow-to-control-oily-skin.146373%2F&ul=en-us&de=UTF-8&dt=How%20to%20control%20oily%20skin%20%7C%20Makeuptalk.com%20-%20Makeup%20forums%20and%20reviews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=user_type_dimension&_u=4CDAAUABAAAAAC~&jid=&gjid=&cid=760596145.1657870164&tid=UA-54483918-14&_gid=438767145.1657870165&gtm=2ou7d0&cd1=Visitor&z=2082585036

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 01:20:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22138
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1149424234&t=event&_s=2&dl=https%3A%2F%2Fwww.makeuptalk.com%2Fthreads%2Fhow-to-control-oily-skin.146373%2F&ul=en-us&de=UTF-8&dt=How%20to%20control%20oily%20skin%20%7C%20Makeuptalk.com%20-%20Makeup%20forums%20and%20reviews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=user_type_dimension&_u=4CDAAUABAAAAAC~&jid=&gjid=&cid=760596145.1657870164&tid=UA-156561563-19&_gid=438767145.1657870165&gtm=2ou7d0&z=1893299095

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 01:20:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22138
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
269 B 150ms
46ms Fetch
text/html 54.77.1.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=268552

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.1.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-1-80.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.makeuptalk.com
date: Fri, 15 Jul 2022 07:29:24 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 147ms
43ms Fetch 54.77.1.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.1.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-1-80.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.makeuptalk.com
date: Fri, 15 Jul 2022 07:29:24 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/169995/ Frame 9808 0
47 KB 22ms
22ms Other
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/169995/hls.5b3b785f487abbe00eee.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: br
last-modified: Wed, 13 Jul 2022 11:28:21 GMT
age: 158261
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H2 200 player.css
cds.connatix.com/p/169995/ 58 KB
9 KB 23ms
23ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/169995/player.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: br
last-modified: Wed, 13 Jul 2022 11:28:21 GMT
age: 158262
etag: "b07e9f868d1c559a08538d3b52f384bc"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8890

POST pls
capi.connatix.com/core/ Frame 9808 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 85ms
35ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6169face095a4b915e8f4ff8d2eefbefc2b69dd363a0aa1dde0507809066a8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10938
x-xss-protection: 0

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 37 KB
14 KB 266ms
266ms Fetch
text/html 54.77.1.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=268552&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.makeuptalk.com%2Fthreads%2Fhow-to-control-oily-skin.146373%2F&icr_url=&va=0&time=1657870164867&up=pc&bn=chrome&bv=103&widget_width=1220&style_id=0&idhub[pubcid]=36046063-95fd-4612-935e-ca187756b8dd

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.1.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-1-80.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

6eab3b561cffddddd908e4f1a403083e2b9636c39086740c7e7b2f747166cd82

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:25 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 14330

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 79ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 07:29:24 GMT

GET
H3 200 container.html
7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E741 0
0 64ms
22ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuptalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 07:29:24 GMT
expires: Sat, 15 Jul 2023 07:29:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html
7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DD60 0
0 44ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuptalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 07:29:24 GMT
expires: Sat, 15 Jul 2023 07:29:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html
7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42C9 0
0 20ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuptalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 07:29:24 GMT
expires: Sat, 15 Jul 2023 07:29:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html
7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0558 0
0 20ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuptalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 07:29:24 GMT
expires: Sat, 15 Jul 2023 07:29:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html
7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3FD5 0
0 20ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.makeuptalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 07:29:24 GMT
expires: Sat, 15 Jul 2023 07:29:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012206162023000/ 220 KB
61 KB 138ms
28ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/amp4ads-v0.mjs

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ccda9c9480b41d37a1cdbfafa79c8d421e48d7d83aff61e8bfee8ad4fe19dff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61503
x-xss-protection: 0
server: sffe
date: Wed, 13 Jul 2022 16:11:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e288a31ad4797408"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jul 2023 16:11:07 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012206162023000/v0/ 14 KB
5 KB 191ms
81ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f78db6806eeeeec2e31f2b92195a2aa4036cde62ebdef69e9f9a3ebccb53676

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 182436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Wed, 13 Jul 2022 04:48:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "721298833d717b80"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jul 2023 04:48:49 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012206162023000/v0/ 94 KB
28 KB 181ms
71ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/v0/amp-analytics-0.1.mjs

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b068dc04b141b2f04b2efd1bd2afbb373f3789e58b3c06e9952cba16dc59c04f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 330545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28867
x-xss-protection: 0
server: sffe
date: Mon, 11 Jul 2022 11:40:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee36630e23640250"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Jul 2023 11:40:20 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012206162023000/v0/ 5 KB
2 KB 189ms
80ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/v0/amp-fit-text-0.1.mjs

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9127df7bc100bed74cbfd58a7a8b1568fb65a4543578fc4fcfcb3cadba1897dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 330545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Mon, 11 Jul 2022 11:40:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3179f93f2cca7cd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Jul 2023 11:40:20 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012206162023000/v0/ 40 KB
13 KB 186ms
77ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/v0/amp-form-0.1.mjs

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-culturedmedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

217f23a918fb509b032f5ae12f5f6e978a68b51ab28db90ecbe2424bafdf5c8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 330545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12955
x-xss-protection: 0
server: sffe
date: Mon, 11 Jul 2022 11:40:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5d5600af20d5aaa0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Jul 2023 11:40:20 GMT

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8e6e9d27015c5867a2e1739df58211d5f3b5976bedd21f2a19914e63434a2ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 8152685561481828366
tpc.googlesyndication.com/daca_images/simgad/ 65 KB
65 KB 99ms
28ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8152685561481828366

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20c2b6ac15abc511398ec52dd26a9462d09900b3744366b2d0d8c6e1241899a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 08:32:58 GMT
x-content-type-options: nosniff
age: 82587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66538
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 07:26:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jul 2023 08:32:58 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 2 KB
2 KB 98ms
27ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 44977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 15 Jul 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
319 B 96ms
25ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 05:50:56 GMT
x-content-type-options: nosniff
server: cafe
age: 5909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 16 Jul 2022 05:50:56 GMT

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 72ms
71ms Fetch 54.77.1.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.1.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-1-80.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.makeuptalk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.makeuptalk.com
date: Fri, 15 Jul 2022 07:29:25 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 121ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 05:54:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 15 Jul 2022 07:29:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Jul 2022 07:29:25 GMT

GET articleCirculation.delivery.js
assets.revcontent.com/master/ 0
0

GET brandWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 0
0

GET defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 0
0

GET feedWidget.delivery.js
assets.revcontent.com/master/ 0
0

GET commonModal.delivery.js
assets.revcontent.com/master/ 0
0

GET
H2 200 /
img.revcontent.com/ 1 KB
1 KB 84ms
23ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:29:25 GMT
last-modified: Thu, 02 Jun 2022 15:22:42 GMT
etag: "1654183362"
x-hw: 1657870165.cds108.fr8.hn,1657870165.cds260.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1351

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

129ms
79ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
Protocol: H2
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date: Fri, 15 Jul 2022 07:29:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 65ms
64ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-d9hVBfRYtHWBsmi7_UPjtGfgAz_nOeda-HQ1ffEEJ64iLaDAxABIL295R1glQLIAQKpAni81QyNvW4-4AIAqAMByAMIqgSnAk_QhZS2YqIxXkgGkVP1LlKPVsYR5NKkF5fP7jT2E_VodbZJskcZmFtEV992xvl0gXCxa-Tq3D7mfgER3x2sr6DUeIKsa-J9uvtr4GO-t6SjaKEBbQQutzAx75SZUQblW1M40l4DueK681DM9O7HGt9jlCweOGJ2GLl9KJlQF6Y6tRzYaBd__84m5QeHpGgj8x94E9PRJB5CcWLuPE3dppi4kpGd8RE0Gk5YKA6WWXen34nfPagJPnU2h0gpHSS1dA9kTljbaxsBI3-i2k8mpJUdIL0vgq6NkPctJnj1IsoaW28M9uzmB5mxBo6PrPuxcBMV9w4WddN_834M9sT3ngRNn_InpEk1YVSqEqY842-M50JmcZaXpWBueM34USQWz1iai0jCih_ABNC-vbeaBOAEAaAGAoAH9J2YxAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCS0wnSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTA9AVAYAXAbIXHgocCAASFHB1Yi02MzMzNjc1NjQ1NzA4NjQ0GJyfGw&sigh=xwehvgX22XY&uach_m=[]&cid=CAQSLQCNIrLMtl46K0SPjyhPwem1hKsAz54tmKSEhVbnbPw_g-TboyCfooJQxmBwSBgB&cbvp=2
Requested by: Host: www.makeuptalk.com
URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

OPTIONS
H/1.1 200
OK widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 236ms
59ms Preflight 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.makeuptalk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 15 Jul 2022 07:29:26 GMT
Server: openresty
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 0

POST
H/1.1 204
No Content widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 50ms
50ms Fetch 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://www.makeuptalk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
Date: Fri, 15 Jul 2022 07:29:26 GMT
x-envoy-upstream-service-time: 1
Server: openresty
Connection: keep-alive
vary: Origin

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 99ms
33ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.makeuptalk.com%2F&domain=www.makeuptalk.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.makeuptalk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.makeuptalk.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 15 Jul 2022 07:29:26 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1220
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.makeuptalk.com%2F&domain=www.makeuptalk.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=EE9LfXw1N1RFZjBQWEtPNTR5M21lRUhWaG9NM3BhRWxkbUQyMG5ueDZsdzM5WVJCK3gvWUFnczNDZVZCaHJZM2h2YnBqdS9sc1czNlRUcTFNYzVlNlFsT1lTT3lXU3RUeTZhbnIxaUtoUS8vQ3hYVFp4QXBrYk4rMEtnUH...

353 B
621 B

82ms
29ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EE9LfXw1N1RFZjBQWEtPNTR5M21lRUhWaG9NM3BhRWxkbUQyMG5ueDZsdzM5WVJCK3gvWUFnczNDZVZCaHJZM2h2YnBqdS9sc1czNlRUcTFNYzVlNlFsT1lTT3lXU3RUeTZhbnIxaUtoUS8vQ3hYVFp4QXBrYk4rMEtnUHYvb0xZUmF3eDVQWVNQbldwWTc2RGk4SGdjR0tUeWowaWxuYWpOd2Z3QS9OaW5Hb3FPOW00ZTc1d3JISmcxbklaV1NxWmw0dHYzMXBkamhGTisvTjNRdW9OMTlKSXpuN0J5YUN1NWNleCtxamttNTlncjlRPXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ae1bc4d944ed72d4f560dabc9dad1794809c6f6b26131577e8285156f7b03649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 07:29:26 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3033
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Jul 2022 07:29:26 GMT
location: https://mug.criteo.com/sid?cpp=EE9LfXw1N1RFZjBQWEtPNTR5M21lRUhWaG9NM3BhRWxkbUQyMG5ueDZsdzM5WVJCK3gvWUFnczNDZVZCaHJZM2h2YnBqdS9sc1czNlRUcTFNYzVlNlFsT1lTT3lXU3RUeTZhbnIxaUtoUS8vQ3hYVFp4QXBrYk4rMEtnUHYvb0xZUmF3eDVQWVNQbldwWTc2RGk4SGdjR0tUeWowaWxuYWpOd2Z3QS9OaW5Hb3FPOW00ZTc1d3JISmcxbklaV1NxWmw0dHYzMXBkamhGTisvTjNRdW9OMTlKSXpuN0J5YUN1NWNleCtxamttNTlncjlRPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.makeuptalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1639
content-length: 482
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
340 B 175ms
74ms XHR
application/json 63.34.67.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.67.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-67-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0c823d1ac72bca7c80ebc6794ee1d54eb2d095527e5a2ef20a3bdde710faac68

Request headers

Referer: https://www.makeuptalk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 07:29:26 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.makeuptalk.com
cache-control: no-cache
x-server: 10.45.31.81
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
393 B 144ms
45ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 9ae962c04c255f6bb740a8c24618f2db807691ddd7a27773ab3803b11ad3bcb6

Request headers

Referer: https://www.makeuptalk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Jul 2022 07:29:26 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.makeuptalk.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 14 Aug 2022 07:29:26 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 102ms
60ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCe1mCK6F09dOvSelhN2S5Wm6hHFZR6kOEkQSwpfIpxWAR4D7JWPx-xBave1LDyMlyyEJxWd8czW4q5H8iwjMI1OnpAIpJAfHqr8KlQhdtqDNp4iCIvi1yYuiuq0zhCgwpCA8Dy2EB4uad0HMahuEfgd59379kTZp02oPsZLU26xL_srtWU108vw1EEk3hdWDIfSbD72h30Gen0bcaMHgNTI6GabJ7FxGiu-UmYiU_thXSJplU3Fb9mQKxS7anLATRBJV86pJXPGyiePvETlNiSJps0N5UM5IPJAiuyrLiErK_sbw4DFI8xHrL0uxA9OXmT7pZWwy8BiZgr-aGTFwlpmbOFLl9-eVH6GbB6HQ-1JAAEseXICD6u-ZHtCrbIgpvCmwZhCRTlLBKfuH5-NAN-YHSMLhrpQgiK2mxBpqBMJ1kWxX5qh9tuc5ZNe92qWl5YWUJIoADjup09YnfeSVtMh6HWGwJTxX4ziaSIzegOTgY3fkdQeRL2bkgB2b2PBklL5IQRAN_LziZFPGnRUM7Otp7x4rlPrQ6J92yDUeqLcdb32eEXJeSB0NxP1vp3o-No-o8JL8006LQlVaeg-u8IJF4nPuYnJXnbeJjtxEetimjMw-moxorwkjEXkux5apNVCKuFI36-6_dqGtU_sXd-urnQpVtkVI9ZyD8fOnPAZtHTUMo0PazyALiMG8zlb2wJmcu8EJ313B2-S5udLgDHtDl0UAmSDAJj3ykAU2gFZlXrsFr39zymUrknCwYVNYT5pKm8MDxfwJ3fw4JxKYk_FZzAnLMChTQtefIIykF-fwpplCbDmXDqYk8Di6wGJ-SNwJdy6bQmgUYt5TbNInSaTWnINj0KWTTxZzyoXU9caxBcrvYFj5Kn4dNuRVEvyH8kfgtQxYHlGjMuAAF9AHZM7Jxj2XWG03t2--6NrSfwkHJxU1gZxfcek1b5mMBtjQKfWGi1EwImOalQ04hipqMXfXjHIXHzwYe9cJpmmOm-RsNGzos6WEXRpj2k3gtdfz7lT9mvN0JbBI9D_oMgwYQY1BIimEBdH-_PAEhhxtDi9HkxYoPncCC_LMuCCdy9kXZo0Duhxh-Buw&sai=AMfl-YSM2pXhXXhKPTISAGFsgx9sLoRru6skSylOoWcVE-p_9lDp-DEZHSMFw4JCeBZM-RALEEDo_Mm_9LoPuM_L0WNUs1amWAfH12jNM4JLakR5nRpk_3_g-jawhg&sig=Cg0ArKJSzCh1YspuLN_REAE&cid=CAQSLQCNIrLMtl46K0SPjyhPwem1hKsAz54tmKSEhVbnbPw_g-TboyCfooJQxmBwSBgB&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=2848&tls=3848&g=100&h=100&tt=3848&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=438682801

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 07:29:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 210ms
26ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 15 Jul 2022 07:29:26 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1372
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 28ms
28ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ESSSJ7RPV3&gtm=2oe7d0&_p=1149424234&_z=ccd.v9B&cid=760596145.1657870164&ul=en-us&sr=1600x1200&_s=2&sid=1657870164&sct=1&seg=0&dl=https%3A%2F%2Fwww.makeuptalk.com%2Fthreads%2Fhow-to-control-oily-skin.146373%2F&dt=How%20to%20control%20oily%20skin%20%7C%20Makeuptalk.com%20-%20Makeup%20forums%20and%20reviews&en=user_type_dimension&_ee=1&epn.style_id=2&epn.node_id=3&ep.node_title=Skin%20Care%20Talk&epn.thread_id=146373&ep.thread_title=How%20to%20control%20oily%20skin&ep.thread_author=Rosario&ep.User%20Type=Visitor&_et=4
Requested by: Host: cdn.imagearchive.com
URL: https://cdn.imagearchive.com/makeuptalk/data/js_cache/51475b643b8202069d409b4a96d8175b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.makeuptalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 07:29:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.makeuptalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: capi.connatix.com
URL: https://capi.connatix.com/core/pls?v=169995

Domain: assets.revcontent.com
URL: https://assets.revcontent.com/master/articleCirculation.delivery.js

Domain: assets.revcontent.com
URL: https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js

Domain: assets.revcontent.com
URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js

Domain: assets.revcontent.com
URL: https://assets.revcontent.com/master/feedWidget.delivery.js

Domain: assets.revcontent.com
URL: https://assets.revcontent.com/master/commonModal.delivery.js

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13781

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.makeuptalk.com/	1969-12-31 23:59:59	Name: xf_csrf Value: T0nDOw_FMbFq1QdM
www.makeuptalk.com/	1969-12-31 23:59:59	Name: xf_session Value: aSzIZbZo4GGFU95zdEC2KFQs7Hg5_vYO
www.makeuptalk.com/	1969-12-31 23:59:59	Name: xf_page_views Value: 1
.makeuptalk.com/	1970-01-20 22:02:22	Name: _ga_ESSSJ7RPV3 Value: GS1.1.1657870164.1.0.1657870164.0
.makeuptalk.com/	1970-01-20 22:02:22	Name: _ga Value: GA1.2.760596145.1657870164
.makeuptalk.com/	1970-01-20 04:32:36	Name: _gid Value: GA1.2.438767145.1657870165
.makeuptalk.com/	1970-01-20 04:31:10	Name: _gat_gtag_UA_54483918_14 Value: 1
.makeuptalk.com/	1970-01-20 04:31:10	Name: _gat_gtag_UA_156561563_19 Value: 1
www.makeuptalk.com/	1970-01-20 05:14:22	Name: _pbjs_userid_consent_data Value: 3524755945110770
.makeuptalk.com/	1970-01-20 08:50:22	Name: _pubcid Value: 36046063-95fd-4612-935e-ca187756b8dd
.makeuptalk.com/	1970-01-20 13:52:46	Name: __gads Value: ID=4d33002ba872b953:T=1657870164:S=ALNI_MYz_v5W0V_GaF7QoSquumos8gIcSA
.doubleclick.net/	1970-01-20 04:31:13	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 13:52:46	Name: IDE Value: AHWqTUlc87sNdik1vc2amPXI18sz3-ixQgqU80ezrvgS3I_ptI6f8_Fks7kNCamA
www.makeuptalk.com/	1970-01-20 04:31:13	Name: _lr_retry_request Value: true
www.makeuptalk.com/	1970-01-20 05:14:22	Name: _lr_env_src_ats Value: false
www.makeuptalk.com/	1970-01-20 05:57:34	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-15T07%3A29%3A26%22%7D
.makeuptalk.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1657956566835
.makeuptalk.com/	1970-01-20 13:52:46	Name: cto_bundle Value: dh4FtV9UQmp5SGJram81JTJGVURCYzNYdGJ0RERMdVolMkZKQjNCOG9QRXgzUFc2T09Ia09ENiUyRnQ5a291YmY2Mk1LcnFCYzVhMSUyRjVRRjF1RUVWenpuNVhZQkczMjJOVDdxalVzZjZERGklMkJjRThyaVpVdlI0dXd4SkQxJTJCc2pEWkR6bEpTQmhxcw
.makeuptalk.com/	1970-01-20 13:52:46	Name: cto_bidid Value: S2smol9WUmVhRXVTQ0syTkhrcTJ3YSUyQlBCSDF6ZTNqdXZsZEphS0Z1RkQ0UlpVYzRBZ2NuaUVLcVpObUxhNWhNaFYwR05ONkIzZnRyM0pXYm95MWZrbiUyQkZBdnclM0QlM0Q

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://tagan.adlightning.com/advally-culturedmedia/op.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tagan.adlightning.com/advally-culturedmedia/b-92ee7c4-e8ebde53.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://tagan.adlightning.com/advally-culturedmedia/op.js Message: Refused to load the script 'https://assets.revcontent.com/master/articleCirculation.delivery.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://tagan.adlightning.com/advally-culturedmedia/op.js Message: Refused to load the script 'https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://tagan.adlightning.com/advally-culturedmedia/op.js Message: Refused to load the script 'https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://tagan.adlightning.com/advally-culturedmedia/op.js Message: Refused to load the script 'https://assets.revcontent.com/master/feedWidget.delivery.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://tagan.adlightning.com/advally-culturedmedia/op.js Message: Refused to load the script 'https://assets.revcontent.com/master/commonModal.delivery.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://tagan.adlightning.com/ Message: Refused to frame 'https://tpc.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tagan.adlightning.com/ Message: Refused to frame 'https://www.google.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 34) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://tpc.googlesyndication.com') does not match the recipient window's origin ('null').
other	warning	URL: https://cdn.ampproject.org/rtv/012206162023000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://www.makeuptalk.com/threads/how-to-control-oily-skin.146373/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://www.makeuptalk.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13781 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7ace0defd06c7e753edd0edcd8e63a7d.safeframe.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
api.rlcdn.com
assets.revcontent.com
capi.connatix.com
cd.connatix.com
cdn.adligature.com
cdn.ampproject.org
cdn.imagearchive.com
cds.connatix.com
dev.jarek.cc
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
id.crwdcntrl.net
img.revcontent.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pro.ip-api.com
securepubads.g.doubleclick.net
tagan.adlightning.com
tpc.googlesyndication.com
trends.revcontent.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.makeuptalk.com
www.paypalobjects.com
yeet.revcontent.com
api.rlcdn.com
assets.revcontent.com
capi.connatix.com
108.157.4.87
142.250.185.226
15.197.193.217
151.101.130.137
151.101.2.133
151.101.2.137
151.139.128.11
178.250.2.146
195.15.231.89
23.35.236.201
2606:4700:20::681a:41c
2606:4700:3037::6815:e75
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::200e
2a00:1450:4001:829::2001
2a00:1450:4001:831::2004
2a02:2638::1c
2a06:98c1:3121::3
51.77.64.70
54.194.226.232
54.77.1.80
63.34.67.128
081e3348c92a80275474ad9b8e751ad4d0c72c8b7c6872320531908e00a3e963
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0c823d1ac72bca7c80ebc6794ee1d54eb2d095527e5a2ef20a3bdde710faac68
1184c1089df5a86d99411c598ded1ee7e3a98cb86da0f6db462b63a52dd77977
20c2b6ac15abc511398ec52dd26a9462d09900b3744366b2d0d8c6e1241899a2
217f23a918fb509b032f5ae12f5f6e978a68b51ab28db90ecbe2424bafdf5c8c
24b85e11eeeb880f880d59585583cc747c9f777480d5330dad40a54390fe109b
271b720349f7784cefd2775fe996809650273173f66356960f0ab88033b09c30
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3ccda9c9480b41d37a1cdbfafa79c8d421e48d7d83aff61e8bfee8ad4fe19dff
3d508125a0b4718c8bf3604cc1e0dc68abeeac50224cfaf7daf8fb78381c43d4
4275ee71057586bf3654c03af49b4e6ab3a879c4a0890c3ea1fb2522e97372f9
491f58c7f0d78f3d6ce5b642f360e89aeaf9e9cb993e551e78f207b3fe7f36b1
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
564f53fcdeddff770057fee8ff6644291b3ee8b97fbf5b08dd860c353dece2da
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2
5f805dc9ad1c7a1ac931caca2e6930f64cba8a81083c5dc72b383829d7559dab
6169face095a4b915e8f4ff8d2eefbefc2b69dd363a0aa1dde0507809066a8af
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
658638541c6c287e88eaf21c8e6cdb76821db08d5b0aaab700a3abedc4b49915
66d8ca9df101d87223fb5909ae1497d620a7c1bb1dc24e427efc47c2ded9ebf5
6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eab3b561cffddddd908e4f1a403083e2b9636c39086740c7e7b2f747166cd82
6f78db6806eeeeec2e31f2b92195a2aa4036cde62ebdef69e9f9a3ebccb53676
781124b75fc5239ee2b46cb52e1486b4ab17cafc6a68e614ce569b751af1dfd9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86c3e2d263fe07c01867c706a1ef50ee11abd4e73190c153862f85b17bf9a351
876d46e9c7992ee09c57f9ec20d8274ea92a913d083fd066e952bc958dfe2e88
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8ce6f4fc2a5d8c8da97b33ef06a933b9c300c412962bec002aa57e82dec55495
9127df7bc100bed74cbfd58a7a8b1568fb65a4543578fc4fcfcb3cadba1897dc
9328036b0467c73a57bd1d54557db7ba155abb6cf4aa98483a22cc31ede172ac
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
96090f4a8cdfb1e9cb558185c76eea00c132c9bd66bc5655bad40e1032bb0338
9ae962c04c255f6bb740a8c24618f2db807691ddd7a27773ab3803b11ad3bcb6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0
ae1bc4d944ed72d4f560dabc9dad1794809c6f6b26131577e8285156f7b03649
aeb1c4447ff9a8461be244ad99b077fef210c47b49c09f6691584fa5eeaed4b7
b068dc04b141b2f04b2efd1bd2afbb373f3789e58b3c06e9952cba16dc59c04f
b3cde4961767f10244ffe69781424ccb69fc318baa0e2e76d147279c4386fd49
b91663be748597f100c7b1422e7c19d71d0fb8329e51c569dcb9b201a9a2d3d7
baef494f7ae268d69fe448d07bb3b3e0ac9f863e25fa649e8ffbc29bad7be8be
bc40299eecfc2ec72017458739d03a013a9b4acf2fbe894cd7c3be931e5bdc1c
bfe3ecad86362036bfbf2e0d2bc27a6a593cb0fff32a97a5b1b5f81b409a3bb6
c2e7ae646b91bef8e3ed0ff62a1cbc134baf7e4491792cac5f8ec74bdf1e2451
ccfe8e72eb6727be1d1ab72c884b7fb99a0f6e4570b2c98f2d4a98fdea691968
cd969d6b4cbc55d218dc86b00b06b18607faadf771be98406882d01ba6c8206b
dbdf4760e75f70e0dab5feb6ead8ca2c5047240c879288626fa4034b76e5162e
dc10378bff3015c398bbee5b693ced88aebe34130c859531f974172e80c9961d
dcfc3d7fb813983d69c52c54b6f1e5a9de8460a9982a07d7a689b584767d35aa
df08b1e1c3f60fb552a49b7456a75e767f9e4fdf3a85881f9d644bf6b5f0d329
e084b1749b790718a5ff7d7d2dbdd577cb69953f1364689133c1688561f5c3ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b58d468e50c41483bbc44fdcebcb3dd8ae11d7d8bad36d43d38fcdcad5b321
eebc2f47751dd46db4231c5283562e2a4bc026903559d417e3adfe7eda916547
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1
f779de80f6ebd5d15cb3209e82969f8ad90e4ba02899e24c1796f2c9aca80343
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f89ba21c924038c4c67e6fa525ac75e43aa759e7601b1958bdfaea57de46da20
f8e6e9d27015c5867a2e1739df58211d5f3b5976bedd21f2a19914e63434a2ba
f8f0d5e29e4408e8ecdccee5e73a185566774f71c7f440cc50ad5c647b127ce3
fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e

www.makeuptalk.com Open in urlscan Pro 2606:4700:3037::6815:e75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

89 Requests

89 %HTTPS

50 %IPv6

22 Domains

32 Subdomains

28 IPs

5 Countries

1666 kBTransfer

4886 kBSize

19 Cookies

2 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.makeuptalk.com Open in urlscan Pro
2606:4700:3037::6815:e75 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

89 %
HTTPS

50 %
IPv6

22
Domains

32
Subdomains

28
IPs

5
Countries

1666 kB
Transfer

4886 kB
Size

19
Cookies

89 HTTP transactions
6 data transactions