www.makeupbynattiestuart.com Open in urlscan Pro
2a09:8280:1::3:bd4  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.makeupbynattiestuart.com/	6 KB 3 KB	411ms 196ms	Document text/html	2a09:8280:1::3:bd4 FLY
General Check archive.org Show headers Download Go to Full URL https://www.makeupbynattiestuart.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:bd4 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/ff37a3cc6 (2024-05-21) / Resource Hash ebff6cc556fe798ffd35caab7e8beac83fdf9faee090d55613c8282733521b5e Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * access-control-request-method * cache-control max-age=0, private, must-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Thu, 23 May 2024 13:03:36 GMT etag W/"8bf86ac20c6cd21071c95489a7156810" fly-request-id 01HYJRSGA5H3MYF3WWNSQHHR3N-ams server Fly/ff37a3cc6 (2024-05-21) vary Accept-Encoding via 2 fly.io x-cache HIT x-request-id e4da4362-e537-462f-b86d-2ef1954edcb8 x-runtime 0.015072
GET H2	200	portfolio-605586bf728af29f93968823469b1483.css www.makeupbynattiestuart.com/assets/	45 KB 8 KB	104ms 103ms	Stylesheet text/css	2a09:8280:1::3:bd4 FLY
General Check archive.org Show headers Download Go to Full URL https://www.makeupbynattiestuart.com/assets/portfolio-605586bf728af29f93968823469b1483.css Requested by Host: www.makeupbynattiestuart.com URL: https://www.makeupbynattiestuart.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:bd4 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/ff37a3cc6 (2024-05-21) / Resource Hash e9821efcd92a6a0e0eb343a077ed1c35c0cbd4519dc9cc27d41000c425a038fc Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 13:03:36 GMT content-encoding zstd via 2 fly.io last-modified Tue, 23 Apr 2024 15:46:07 GMT server Fly/ff37a3cc6 (2024-05-21) fly-request-id 01HYJRSGM3SR1FTDF1WAT1RS7N-ams etag W/"b372-6627d7bf.0" content-type text/css cache-control public, max-age=0, must-revalidate fly-cache-status HIT accept-ranges bytes
GET H2	200	stylesheet-1705e766bdcb23b0d798bf296d9bc06c.css www.makeupbynattiestuart.com/themes/55836f377261691a8c000000/	29 KB 5 KB	475ms 474ms	Stylesheet text/css	2a09:8280:1::3:bd4 FLY
General Check archive.org Show headers Download Go to Full URL https://www.makeupbynattiestuart.com/themes/55836f377261691a8c000000/stylesheet-1705e766bdcb23b0d798bf296d9bc06c.css Requested by Host: www.makeupbynattiestuart.com URL: https://www.makeupbynattiestuart.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:bd4 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/ff37a3cc6 (2024-05-21) / Resource Hash 89df5a19063e42d6804e58922bdec8407fcd6ce61f098f5fa9ff947bc78674e3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-runtime 0.011070 date Thu, 23 May 2024 13:03:36 GMT access-control-request-method * content-encoding gzip last-modified Fri, 03 Feb 2017 06:29:18 GMT server Fly/ff37a3cc6 (2024-05-21) via 2 fly.io fly-request-id 01HYJRSGM3VYMMA5AN647R0SC8-ams vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31557600, public x-request-id 7be4ace3-bfe5-4969-93d9-226999b6e168 expires Fri, 23 May 2025 13:03:36 GMT
GET H2	200	portfolio-5d14a9ecb8bfbc4b8b0060a89488e12d.js Show response www.makeupbynattiestuart.com/assets/	449 KB 142 KB	222ms 222ms	Script application/javascript	2a09:8280:1::3:bd4 FLY
General Check archive.org Show headers Download Go to Full URL https://www.makeupbynattiestuart.com/assets/portfolio-5d14a9ecb8bfbc4b8b0060a89488e12d.js Requested by Host: www.makeupbynattiestuart.com URL: https://www.makeupbynattiestuart.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:bd4 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/ff37a3cc6 (2024-05-21) / Resource Hash 0dce8b69fa1285b6804165ce8aac56d9bcd4e301643262fddea858f8bbd780fa Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 13:03:36 GMT content-encoding zstd via 2 fly.io last-modified Tue, 23 Apr 2024 15:49:25 GMT server Fly/ff37a3cc6 (2024-05-21) fly-request-id 01HYJRSGM39PE07QRR04QWPK2J-ams etag W/"70258-6627d885.0" content-type application/javascript cache-control public, max-age=0, must-revalidate fly-cache-status HIT accept-ranges bytes
GET H2	200	lintel-465e5046fdf6420ec72fd4dac64ef123.css www.makeupbynattiestuart.com/assets/	2 KB 492 B	224ms 224ms	Stylesheet text/css	2a09:8280:1::3:bd4 FLY
General Check archive.org Show headers Download Go to Full URL https://www.makeupbynattiestuart.com/assets/lintel-465e5046fdf6420ec72fd4dac64ef123.css Requested by Host: www.makeupbynattiestuart.com URL: https://www.makeupbynattiestuart.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:bd4 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/ff37a3cc6 (2024-05-21) / Resource Hash 63ab823a0c3f534435972594859b0b2db7059851715f6a65ed10b0a181cc63b0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 13:03:36 GMT content-encoding zstd via 2 fly.io last-modified Tue, 23 Apr 2024 15:46:07 GMT server Fly/ff37a3cc6 (2024-05-21) fly-request-id 01HYJRSGM31V61101SS5TW6MCB-ams etag W/"70a-6627d7bf.0" content-type text/css cache-control public, max-age=0, must-revalidate fly-cache-status HIT accept-ranges bytes
GET H2	200	js Show response www.googletagmanager.com/gtag/	258 KB 91 KB	600ms 62ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-07CMKCZT5P Requested by Host: www.makeupbynattiestuart.com URL: https://www.makeupbynattiestuart.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 80a1cfa928ae90438434660a0589ab79a3650e99a80408d60f3db9e3e674620d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 13:03:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93006 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 23 May 2024 13:03:37 GMT
GET H2	200	heap-3281307358.js Show response cdn.heapanalytics.com/js/	117 KB 38 KB	383ms 228ms	Script application/javascript	18.239.69.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/heap-3281307358.js Requested by Host: www.makeupbynattiestuart.com URL: https://www.makeupbynattiestuart.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.69.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-69-16.ams58.r.cloudfront.net Software nginx / Express Resource Hash 9a8ba3558d99765a9c3039d64a443f7c99adbb929f37a56528cbb2a90bdf524c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 13:03:37 GMT content-encoding br via 1.1 78e03c1b28d33ab75a53563ffdf54ba6.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains server nginx x-amz-cf-pop AMS58-P4 x-powered-by Express etag W/"1d45b-JN0nd6lZGV9CFGKxQUR/WLRzyio" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=120 alt-svc h3=":443"; ma=86400 x-amz-cf-id OvkzOi-xvyt3sj3d5DZpFGJ-f6Lol1vtwcbJ28EPksUG5rTopIfQhQ==
GET H2	200	logo-light-7728724a0b1e98284302233f9a4e682f.png www.makeupbynattiestuart.com/assets/portfolio/	2 KB 2 KB	147ms 117ms	Image image/png	2a09:8280:1::3:bd4 FLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.makeupbynattiestuart.com/assets/portfolio/logo-light-7728724a0b1e98284302233f9a4e682f.png Requested by Host: www.makeupbynattiestuart.com URL: https://www.makeupbynattiestuart.com/assets/portfolio-605586bf728af29f93968823469b1483.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:bd4 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/ff37a3cc6 (2024-05-21) / Resource Hash feaf15c176469993683b47d87ab5d86d8553044402af3bc1a4dbf09c1b7e967f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/assets/portfolio-605586bf728af29f93968823469b1483.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 13:03:36 GMT via 2 fly.io last-modified Tue, 23 Apr 2024 15:46:07 GMT server Fly/ff37a3cc6 (2024-05-21) fly-request-id 01HYJRSH8V18W4ECPZAB2B5CMR-ams etag W/"750-6627d7bf.0" content-type image/png cache-control public, max-age=0, must-revalidate fly-cache-status HIT accept-ranges bytes content-length 1872
GET H2	200	Lintel_Reg-webfont-cf1e768595680dd60353cb7f7ead1962.woff www.makeupbynattiestuart.com/assets/	24 KB 25 KB	138ms 119ms	Font application/font-woff	2a09:8280:1::3:bd4 FLY
General Check archive.org Show headers Download Go to Full URL https://www.makeupbynattiestuart.com/assets/Lintel_Reg-webfont-cf1e768595680dd60353cb7f7ead1962.woff Requested by Host: www.makeupbynattiestuart.com URL: https://www.makeupbynattiestuart.com/assets/lintel-465e5046fdf6420ec72fd4dac64ef123.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:bd4 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/ff37a3cc6 (2024-05-21) / Resource Hash 8d48bc89f0dd2a3145ac445dc41029b4eb4fc08b91aeceb872c5f4a43fa81262 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/assets/lintel-465e5046fdf6420ec72fd4dac64ef123.css Origin https://www.makeupbynattiestuart.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 13:03:36 GMT via 2 fly.io last-modified Tue, 23 Apr 2024 15:46:07 GMT server Fly/ff37a3cc6 (2024-05-21) fly-request-id 01HYJRSHA5PWV5JJ5YEQKJBY6G-ams etag W/"61c0-6627d7bf.0" content-type application/font-woff cache-control public, max-age=0, must-revalidate fly-cache-status HIT accept-ranges bytes content-length 25024
GET H2	200	hd_Screen-Shot-2018-03-12-at-8.03.43-PM.png d2khlf0fizh5q.cloudfront.net/uploads/media_image/tl-image/1a/fa86c0265211e8ba2d6b7351a15ed4/	129 KB 130 KB	642ms 521ms	Image image/png	18.239.102.99 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2khlf0fizh5q.cloudfront.net/uploads/media_image/tl-image/1a/fa86c0265211e8ba2d6b7351a15ed4/hd_Screen-Shot-2018-03-12-at-8.03.43-PM.png Requested by Host: www.makeupbynattiestuart.com URL: https://www.makeupbynattiestuart.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.102.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-102-99.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 960e40c582196715a1e9d88ed8ea4f4e81a5a978e4f05c471efce8030d885f05 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 13:03:38 GMT via 1.1 2efef6dd9770b3981ddd7a213ccc0dda.cloudfront.net (CloudFront) last-modified Tue, 13 Mar 2018 00:04:35 GMT server AmazonS3 x-amz-cf-pop AMS1-P3 etag "bb80f533544ea91283d8645789eb5513" x-cache Miss from cloudfront content-type image/png cache-control max-age=315576000 accept-ranges bytes content-length 132463 x-amz-cf-id cn0GdV6ZuWjdBDIjGEoLKtrPkSLFKlDJCM_P5iKz18aXnPp9FtFWcg==
GET H2	200	h heapanalytics.com/	37 B 262 B	358ms 93ms	Image image/gif	52.72.17.12 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://heapanalytics.com/h?a=3281307358&u=5696555349464080&v=6753487719123187&s=8426695289332132&b=web&tv=4.0&z=0&h=%2F&d=www.makeupbynattiestuart.com&t=Make-Up%20By%20Nattie%20Stuart&ts=1716469417645&ubv=125.0.6422.76&upv=10.0.0&sch=1200&scw=1600&st=1716469417647&ei=238&et=variation Requested by Host: www.makeupbynattiestuart.com URL: https://www.makeupbynattiestuart.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.72.17.12 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-72-17-12.compute-1.amazonaws.com Software nginx / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 13:03:37 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx etag W/"25-4iFqfptz9csCeTUceM5hwzR1zqc" content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate content-length 37
POST H2	204	collect region1.google-analytics.com/g/	0 255 B	61ms 23ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-07CMKCZT5P&gtm=45je45k0v9126127944za200&_p=1716469417224&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1654229388.1716469418&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716469417&sct=1&seg=0&dl=https%3A%2F%2Fwww.makeupbynattiestuart.com%2F&dt=Make-Up%20By%20Nattie%20Stuart&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1732 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-07CMKCZT5P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 13:03:37 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.makeupbynattiestuart.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	favicon.ico d37a3mhaw2w2ie.cloudfront.net/	8 KB 8 KB	211ms 51ms	Other image/x-icon	18.239.50.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d37a3mhaw2w2ie.cloudfront.net/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-118.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash bb1377ad5c4f5f5321c105dabb7df79aa3cc17ea3cb853ad13d247432595ddee Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.makeupbynattiestuart.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 04:16:49 GMT via 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront) last-modified Sun, 21 Dec 2014 20:37:23 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 age 31610 etag "002e89413da3917496a6ad57915c541f" x-cache Hit from cloudfront content-type image/x-icon accept-ranges bytes content-length 8348 x-amz-cf-id V2GzAxfkz4h3CE9FpxczpzPfIjkHZ990dSva0oo1VOjUtWduP62Tlg==

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setupGalleryHomepage function| playVideo function| lazyLoadStackedGallery function| Swipe function| $ function| jQuery function| _ object| image_ids object| heap function| gtag object| dataLayer object| jQuery1102015550807250896193 object| google_tag_manager object| google_tag_data object| gaGlobal

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.makeupbynattiestuart.com/	1969-12-31 23:59:59	Name: _foliohd_rails_session Value: WGRtN3IwbytMVFBqNG5tZEI3ZnROcnFRbnNtZFlaU094eVhKUEVlNUd2bTIzSjYrNXF4K2tkV1NHQ1lHcDRJaXJsdGdUcCtFalpjb2IxMFcyWWVRZ3BLbVR4Zmo0T09OUythckMweEFRMCtrUGQ3clBYaVd1TmJ3NDl2eURkRG8reVhabXk1elBqbmpCWVVaalNqdlMzcUJwTzRtUkREUmZwQitGbmtlZzU0Z2J2ZkcxSE5CSXRFOTdHeWF0djZSNDNPVFZRS05qVU5IYkIvUGxKOEM1bzFwR1d6ZTFlT2ZhVGlRMGVlVk5ZR2xyR2pVeVVVOXp3T1pWVXlQMHRUZlFBT3lPMlFhSlN2aVBOTWpBN3loMEpReEQvbDhYaTdWNEhQMmxMSDVGTGYva1BheCsyNkJ2d2JmRTU5VkRjYjNCeTdlUk5Id1l0bWNMV0hGTEdIOU51dmJGcVhSY09WK3Vtc3VWclg3VVQ0PS0tZ1IwUUFKUGxob0RFb3RQekNMMEJ4Zz09--679f10ad4f9df0ea455b9e23ba0694ec97fb3845
			.makeupbynattiestuart.com/	1970-01-21 06:15:47	Name: _hp2_id.3281307358 Value: %7B%22userId%22%3A%225696555349464080%22%2C%22pageviewId%22%3A%226753487719123187%22%2C%22sessionId%22%3A%228426695289332132%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
			.makeupbynattiestuart.com/	1970-01-21 06:23:49	Name: _ga_07CMKCZT5P Value: GS1.1.1716469417.1.0.1716469417.0.0.0
			.makeupbynattiestuart.com/	1970-01-21 06:23:49	Name: _ga Value: GA1.1.1654229388.1716469418
			.makeupbynattiestuart.com/	1970-01-20 20:47:51	Name: _hp2_ses_props.3281307358 Value: %7B%22ts%22%3A1716469417645%2C%22d%22%3A%22www.makeupbynattiestuart.com%22%2C%22h%22%3A%22%2F%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
d2khlf0fizh5q.cloudfront.net
d37a3mhaw2w2ie.cloudfront.net
heapanalytics.com
region1.google-analytics.com
www.googletagmanager.com
www.makeupbynattiestuart.com
18.239.102.99
18.239.50.118
18.239.69.16
2001:4860:4802:32::36
2a00:1450:4001:82f::2008
2a09:8280:1::3:bd4
52.72.17.12
0dce8b69fa1285b6804165ce8aac56d9bcd4e301643262fddea858f8bbd780fa
63ab823a0c3f534435972594859b0b2db7059851715f6a65ed10b0a181cc63b0
80a1cfa928ae90438434660a0589ab79a3650e99a80408d60f3db9e3e674620d
89df5a19063e42d6804e58922bdec8407fcd6ce61f098f5fa9ff947bc78674e3
8d48bc89f0dd2a3145ac445dc41029b4eb4fc08b91aeceb872c5f4a43fa81262
960e40c582196715a1e9d88ed8ea4f4e81a5a978e4f05c471efce8030d885f05
9a8ba3558d99765a9c3039d64a443f7c99adbb929f37a56528cbb2a90bdf524c
bb1377ad5c4f5f5321c105dabb7df79aa3cc17ea3cb853ad13d247432595ddee
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9821efcd92a6a0e0eb343a077ed1c35c0cbd4519dc9cc27d41000c425a038fc
ebff6cc556fe798ffd35caab7e8beac83fdf9faee090d55613c8282733521b5e
feaf15c176469993683b47d87ab5d86d8553044402af3bc1a4dbf09c1b7e967f