news.doitmakeup.com Open in urlscan Pro
2606:4700:10::ac43:29d1  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request japlif-cp-fb Show response news.doitmakeup.com/en/	132 KB 34 KB	558ms 430ms	Document text/html	2606:4700:10::ac43:29d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:29d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfa5667696cc83b0f7a254304b2d7c4f1c38c9a1a3ae486a294093ffc2d5eae4 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-credentials true access-control-allow-headers DNT,Set-Cookie,Cookie,Accept,Content-Type,X-Requested-With,X-Api-Key,Cache-Control,Accept-Encoding,Accept-Language,Pragma,Origin,Vary,X-XSRF-TOKEN,CF-IPCountry access-control-allow-methods GET, POST, PUT access-control-allow-origin * access-control-max-age 1728000 alt-svc h3=":443"; ma=86400 cache-control max-age=2678400, no-transform, public cf-cache-status DYNAMIC cf-ray 7e97abc559d16973-FRA content-encoding gzip content-length 33843 content-type text/html; charset=UTF-8 date Thu, 20 Jul 2023 02:11:00 GMT server cloudflare x-frame-options SAMEORIGIN x-hw 1689819060.cds317.am5.h2,1689819060.cds310.am5.sc,1689819060.cds310.am5.p x-tag post-14571 x-yoto NCI-0.2.63
GET H2	204	dye gtrack.news.doitmakeup.com/	0 128 B	346ms 217ms	Image text/plain	2606:4700:10::ac43:29d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gtrack.news.doitmakeup.com/dye?type=html&h=news.doitmakeup.com&lo=en&cc=DE&ly=default&yv=d78a1f585&pid=14571&pn=0&pd=0&ard=0 Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:29d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:00 GMT cache-control no-store, max-age=0 cf-cache-status DYNAMIC server cloudflare cf-ray 7e97abc93f1068eb-FRA alt-svc h3=":443"; ma=86400
GET H2	204	dye track.news.doitmakeup.com/	0 128 B	454ms 222ms	Image text/plain	2606:4700:10::6816:13ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.news.doitmakeup.com/dye?type=html&h=news.doitmakeup.com&lo=en&cc=DE&ly=default&yv=d78a1f585&pid=14571&pn=0&pd=0&ard=0 Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:13ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:00 GMT cache-control no-store, max-age=0 cf-cache-status DYNAMIC server cloudflare cf-ray 7e97abc98ea8bc04-FRA alt-svc h3=":443"; ma=86400
GET H2	200	image-g21S0uEj2fuyVc8I.jpg posts-cdn.kueez.net/zKAHuLyBZb5oG90X/	53 KB 53 KB	225ms 114ms	Image image/jpeg	2606:4700:10::ac43:1fbc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://posts-cdn.kueez.net/zKAHuLyBZb5oG90X/image-g21S0uEj2fuyVc8I.jpg Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1fbc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7bb6069454f7cdd9a4017f8e063f622479d9de4d3efd176e3502da1cfec5d5c9 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:00 GMT cf-cache-status HIT x-amz-request-id RZ0NNTPQMRAN4ZNM age 101413 cf-polished origSize=54299 alt-svc h3=":443"; ma=86400 content-length 54291 x-amz-id-2 WT6xeV7iPWazNyn6/Y44EsHWu3X4qHDqru6KKHvqAIStsRaEy60HFl4ub1JQyxz8ViptU+5j4HI= cf-bgj imgq:100,h2pri last-modified Fri, 07 Jul 2023 18:28:09 GMT server cloudflare etag "03aaadcf01f78bd30cbfd4651bcb295b" vary Accept-Encoding content-type image/jpeg cache-control max-age=2600000 accept-ranges bytes cf-ray 7e97abc93eae9025-FRA
GET H2	200	face.min.css static-cdn.kueez.net/d78a1f585/assets/common/css/vendor/font-awsome/css/	2 KB 876 B	384ms 272ms	Stylesheet text/css	2606:4700:10::6816:1795 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-cdn.kueez.net/d78a1f585/assets/common/css/vendor/font-awsome/css/face.min.css Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d644d044d92347b3636ff957a08955c27cc8b0fe73cde505b8789c220be7bb9 Request headers Referer https://news.doitmakeup.com/ Origin https://news.doitmakeup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:00 GMT content-encoding br cf-cache-status MISS x-amz-request-id D93ZDXRRYVMN61EM alt-svc h3=":443"; ma=86400 x-amz-id-2 svyE2rEI2v+aFg5WpOdWgZkMP8iLfyJrRFnE2qDtx1LXVHln6Z5gkPOYNLO3c3eZhF0mJRjHbIY= last-modified Tue, 18 Jul 2023 16:35:52 GMT server cloudflare etag W/"d740165eb74596f0716a7597693279a9" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * access-control-expose-headers x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods cache-control max-age=2600000,public cf-ray 7e97abc8cc11bbc7-FRA
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	207ms 95ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,500,700,900&display=swap Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fe40532b9e4926cc8e3adb97b53155f4ad33f3da8b178672a7ff5b7417f3fe83 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://news.doitmakeup.com/ Origin https://news.doitmakeup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 20 Jul 2023 02:11:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 20 Jul 2023 01:45:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 20 Jul 2023 02:11:00 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 696 B	207ms 95ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,700,900&display=swap Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d5c0110614cb4d4897d0397604ba66de756d2f3ca31d8f075fde6b9c6f13aabe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://news.doitmakeup.com/ Origin https://news.doitmakeup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 20 Jul 2023 02:11:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 20 Jul 2023 02:11:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 20 Jul 2023 02:11:00 GMT
GET H2	200	choice.js Show response quantcast.mgr.consensu.org/choice/nCMHNG-AK-juF/kueez.com/	7 KB 2 KB	268ms 144ms	Script application/javascript	2600:9000:225b:c00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/nCMHNG-AK-juF/kueez.com/choice.js Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ff2e5fb825b8e45d2414b34ab898daba16da7a3bda060aff476dd00f2787bfd3 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:10:15 GMT content-encoding br via 1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront) last-modified Wed, 17 Aug 2022 15:01:50 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 50 x-amz-server-side-encryption AES256 etag W/"76766cb35aac1ef77bb5b31e0db91326" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 cross-origin-resource-policy cross-origin x-amz-cf-id yVWvqYrs-sqy8qKRh-CVZ01B6Tue70ByfJvCoY-aG-kJCz8gp_CLQQ==
GET H2	200	quant.js Show response secure.quantserve.com/	22 KB 9 KB	270ms 40ms	Script application/javascript	2620:116:800d:21:e365:4988:e8a7:3270 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:00 GMT content-encoding gzip etag "sLp6xTjO7svFVaOemhLWUQ==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Thu, 27 Jul 2023 02:11:00 GMT
GET H2	200	cmp2.js Show response quantcast.mgr.consensu.org/tcfv2/	178 KB 44 KB	232ms 108ms	Script text/javascript	2600:9000:225b:c00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/cmp2.js Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 01:56:41 GMT content-encoding br via 1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 860 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 19 Jul 2023 15:20:42 GMT server AmazonS3 etag W/"1746c81073fb3adcecce59e604b48427" access-control-max-age 86400 access-control-allow-methods GET content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control max-age=3600 x-amz-meta-qc-ineu True vary Accept-Encoding x-amz-cf-id hrPB66iiRasUVVQLrvHW5Th9Joxn5QJROWQlNWCgGkGNdMWzNsy7QQ==
GET H2	200	app.css kcdn.kueez.net/doitmakeup/1678182188656/css/	181 KB 31 KB	447ms 321ms	Stylesheet text/css	2606:4700:10::ac43:1fbc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kcdn.kueez.net/doitmakeup/1678182188656/css/app.css Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1fbc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a865da8437a7c3251dcf8016b92ab7d936045b2de0109910db3c3a5a856896c Request headers Referer https://news.doitmakeup.com/ Origin https://news.doitmakeup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:00 GMT content-encoding br cf-cache-status REVALIDATED x-amz-request-id NN4R34D561KVNDJE cf-polished origSize=186118 alt-svc h3=":443"; ma=86400 x-amz-id-2 EUp69gBqkm9kC908cIFlyksxGFjenxMv9uukMlyZs7EJ2Itmms1WyoaLQHvCkkASBZPJWxFGPiU= cf-bgj minify last-modified Tue, 07 Mar 2023 09:43:27 GMT server cloudflare etag W/"f3988ade2630f11e7c9522018e980716" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * access-control-expose-headers x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods cf-ray 7e97abc93a4c4d73-FRA
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	81 KB 28 KB	243ms 116ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d6da97edd19656f68716209159324331e7b44d2e455294b852a8cebbb0df9a8f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:00 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28053 x-xss-protection 0 server cafe etag 724 / 19558 / 31076217 / config-hash: 1636169572614523722 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 20 Jul 2023 02:11:00 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	244 KB 59 KB	227ms 108ms	Script application/javascript	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 01:11:44 GMT content-encoding gzip via 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront) last-modified Wed, 19 Jul 2023 19:22:42 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P3 age 3556 x-amz-server-side-encryption AES256 etag W/"4c32a3d3ddb526b72e7dd25429eaaa2b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id BCqs38u8Z7ezfDzegiU14YBZQqYUn6VFhoc9uiNRCJneoBvIKiN_KQ==
GET H2	200	jquery-3.3.1.min.js Show response static-cdn.kueez.net/d78a1f585/assets/common/js/vendor/	85 KB 31 KB	202ms 96ms	Script application/javascript	2606:4700:10::6816:1795 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-cdn.kueez.net/d78a1f585/assets/common/js/vendor/jquery-3.3.1.min.js Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Referer https://news.doitmakeup.com/ Origin https://news.doitmakeup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:00 GMT content-encoding br cf-cache-status HIT x-amz-request-id YY8FKMA2AT92ZTSE age 15319 alt-svc h3=":443"; ma=86400 x-amz-id-2 jiYXKedi96GbkSjxV8U3R88sUV4b5rBz7oXqG+pAF4CV6fcwvs+cRX8IkFLRhe8lGC1SZ2Podk0= last-modified Tue, 18 Jul 2023 16:35:52 GMT server cloudflare etag W/"a09e13ee94d51c524b7e2a728c7d4039" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * access-control-expose-headers x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods cache-control max-age=2600000,public cf-ray 7e97abc8cc12bbc7-FRA
GET H2	200	doitmakeup.default.js Show response static-cdn.kueez.net/d78a1f585/assets/doitmakeup/js/	564 KB 238 KB	933ms 827ms	Script application/javascript	2606:4700:10::6816:1795 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-cdn.kueez.net/d78a1f585/assets/doitmakeup/js/doitmakeup.default.js Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2061b8710917f1f965929f895b51bad8488ad2329e25161bef366b58a23a4ed Request headers Referer https://news.doitmakeup.com/ Origin https://news.doitmakeup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:01 GMT content-encoding br cf-cache-status MISS x-amz-request-id D93ZCD89608D6QTF alt-svc h3=":443"; ma=86400 x-amz-id-2 F7p+v3Q9hvwCp6HQoNxfYLD25TWluXqfKwCJio0v9eop8xJ7lMywQGxHvc7BE3dXACxVXs1Q29E= last-modified Tue, 18 Jul 2023 16:35:22 GMT server cloudflare etag W/"63bf934a0497f6ff02fb7ebdf30a48a4" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * access-control-expose-headers x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods cache-control max-age=2600000,public cf-ray 7e97abc8cc14bbc7-FRA
GET H2	200	prebid.js Show response static-cdn.kueez.net/d78a1f585/assets/common/js/publish/	521 KB 153 KB	203ms 97ms	Script application/javascript	2606:4700:10::6816:1795 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-cdn.kueez.net/d78a1f585/assets/common/js/publish/prebid.js Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef44654b8f934b2bc752083cdd45160d7fdbdbd9e4a9730450bb319c30f7faf8 Request headers Referer https://news.doitmakeup.com/ Origin https://news.doitmakeup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:00 GMT content-encoding br cf-cache-status HIT x-amz-request-id VB236X75VW1DWB2T age 101392 alt-svc h3=":443"; ma=86400 x-amz-id-2 CnXw4PVSxExiRuAj1p9d7LkvHLRR4xxhNc77rthz+dJWFGk4gceknvFzyn7sV+ildsFTe5U065s= last-modified Tue, 18 Jul 2023 16:35:52 GMT server cloudflare etag W/"7d4416626581a704cf298dfa1df64a02" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * access-control-expose-headers x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods cache-control max-age=2600000,public cf-ray 7e97abc8cc15bbc7-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	210 KB 75 KB	207ms 96ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-J6RDRPTE00 Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 72bfdf1466afc9d3510a5930d002ee6531cfd35491f56370139e222ae85dce63 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76355 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 20 Jul 2023 02:11:00 GMT
GET H2	200	head-logo.png kcdn.kueez.net/doitmakeup/1678182188656/img/	5 KB 5 KB	466ms 345ms	Image image/png	2606:4700:10::ac43:1fbc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kcdn.kueez.net/doitmakeup/1678182188656/img/head-logo.png Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1fbc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c082c2115e7e433ed7221a0dc4bd167a741b5daf42661ba366da996a0260cc94 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:00 GMT cf-cache-status MISS last-modified Tue, 07 Mar 2023 09:43:18 GMT server cloudflare x-amz-request-id D93G8DZYXYYPJG0R etag "d03784058bb444f4fda1ea84bf4e38bb" vary Accept-Encoding content-type image/png accept-ranges bytes cf-ray 7e97abc939ac3606-FRA alt-svc h3=":443"; ma=86400 content-length 5042 x-amz-id-2 tRjyKSbW7rWo54PQFsicqkjGKo7mqztmG5VllzM0ru+j/ynSqagoNT9fAtPaI+xCu/PmchZDUNQ=
GET H2	200	bootstrap.min.js Show response static-cdn.kueez.net/d78a1f585/assets/common/js/	59 KB 16 KB	539ms 455ms	Script application/javascript	2606:4700:10::6816:1795 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-cdn.kueez.net/d78a1f585/assets/common/js/bootstrap.min.js Requested by Host: news.doitmakeup.com URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ddc752c921c073e6558c329f8392d42d6fbda4c690fcba532a66392d3ea0b87 Request headers Referer https://news.doitmakeup.com/ Origin https://news.doitmakeup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:01 GMT content-encoding br cf-cache-status MISS x-amz-request-id D93SQ3KJYNKBFXMQ alt-svc h3=":443"; ma=86400 x-amz-id-2 hmyAxOsFCwCEVYy4ye/2tUCyvrE5aAqF/Ngk4VdMzErEA2HmbOBLtF/95em7okGtAMb4KPISeig= last-modified Tue, 18 Jul 2023 16:35:52 GMT server cloudflare etag W/"466028b5fcb807dd28ffc6fbde0f86cf" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * access-control-expose-headers x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods cache-control max-age=2600000,public cf-ray 7e97abc8cc17bbc7-FRA
GET DATA	200 OK	truncated /	100 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2eba9c91b824dbd87e60c31aa8beced03d7f21c6fbe38807a8825170c05d2b25 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170201/	391 KB 125 KB	42ms 40ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170201/pubads_impl.js?cb=31076217 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64d89a9176baec46740ac08b00de5f127d7f25b831a6776b435f094fbcf3fa63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 23:36:02 GMT content-encoding br x-content-type-options nosniff age 9298 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127558 x-xss-protection 0 server cafe etag 10063239434271581716 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Thu, 18 Jul 2024 23:36:02 GMT
GET DATA	200 OK	truncated /	515 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a77eaaef19da297f84e0525bed6e789298d7631e5db89666df3458abbc70c708 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/svg+xml;charset=UTF-8
GET H2	200	thumbnail.png kcdn.kueez.net/doitmakeup/1678182188656/img/	14 KB 14 KB	260ms 259ms	Image image/webp	2606:4700:10::ac43:1fbc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kcdn.kueez.net/doitmakeup/1678182188656/img/thumbnail.png Requested by Host: kcdn.kueez.net URL: https://kcdn.kueez.net/doitmakeup/1678182188656/css/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1fbc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2a06967038adaefd64a86de70ee96184c45be6157e0c611dec5b362c39a3ecb Request headers accept-language de-DE,de;q=0.9 Referer https://kcdn.kueez.net/doitmakeup/1678182188656/css/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:01 GMT cf-cache-status REVALIDATED x-amz-request-id 1DGGMWNN7BQK4MWR cf-polished origFmt=png, origSize=16204 content-disposition inline; filename="thumbnail.webp" alt-svc h3=":443"; ma=86400 content-length 14004 x-amz-id-2 gJK+Dn96u8yoPBwNoxRQj5KPU3ud8dLls4FNqgUZ67WtXs2RsYgDwKurA9lIPOPF6zQdGnK1fYY= cf-bgj imgq:100,h2pri last-modified Tue, 07 Mar 2023 09:43:15 GMT server cloudflare etag "84b5aa515d15609cc6665ae7a5c50e30" vary Accept content-type image/webp accept-ranges bytes cf-ray 7e97abcb4b543606-FRA
GET H2	200	inet Show response gtrack.kueez.net/	20 B 102 B	179ms 157ms	XHR text/plain	2606:4700:10::ac43:1fbc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gtrack.kueez.net/inet Requested by Host: static-cdn.kueez.net URL: https://static-cdn.kueez.net/d78a1f585/assets/doitmakeup/js/doitmakeup.default.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1fbc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ca5a1cdf97cb07f4a1c6d032fc4fb26ed02c8334f2baa6daf81f70b7fd0dc52 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers access-control-allow-origin * date Thu, 20 Jul 2023 02:11:01 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 7e97abcf78014d73-FRA alt-svc h3=":443"; ma=86400
GET H2	200	fa-brands-400.woff2 static-cdn.kueez.net/d78a1f585/assets/common/css/vendor/font-awsome/webfonts/	73 KB 73 KB	438ms 437ms	Font application/font-woff2	2606:4700:10::6816:1795 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-cdn.kueez.net/d78a1f585/assets/common/css/vendor/font-awsome/webfonts/fa-brands-400.woff2 Requested by Host: static-cdn.kueez.net URL: https://static-cdn.kueez.net/d78a1f585/assets/common/css/vendor/font-awsome/css/face.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473 Request headers Referer https://static-cdn.kueez.net/d78a1f585/assets/common/css/vendor/font-awsome/css/face.min.css Origin https://news.doitmakeup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:02 GMT cf-cache-status MISS x-amz-request-id 2ZVGJQVBTFVVQGA2 alt-svc h3=":443"; ma=86400 content-length 74508 x-amz-id-2 kn8bNc1giz/RklHcZhx6s4yAwidokDBYRVzobe6hvEwqwEw4PIxD0FiC054IywWesGnwbOSetxM= last-modified Tue, 18 Jul 2023 16:35:52 GMT server cloudflare etag "7559b3774a0625e8ca6c0160f8f6cfd8" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/font-woff2 access-control-allow-origin * access-control-expose-headers x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods cache-control max-age=2600000,public accept-ranges bytes cf-ray 7e97abcf89b0bbc7-FRA
GET H2	200	fa-solid-900.woff2 static-cdn.kueez.net/d78a1f585/assets/common/css/vendor/font-awsome/webfonts/	74 KB 74 KB	447ms 447ms	Font application/font-woff2	2606:4700:10::6816:1795 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static-cdn.kueez.net/d78a1f585/assets/common/css/vendor/font-awsome/webfonts/fa-solid-900.woff2 Requested by Host: static-cdn.kueez.net URL: https://static-cdn.kueez.net/d78a1f585/assets/common/css/vendor/font-awsome/css/face.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0 Request headers Referer https://static-cdn.kueez.net/d78a1f585/assets/common/css/vendor/font-awsome/css/face.min.css Origin https://news.doitmakeup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:11:02 GMT cf-cache-status MISS x-amz-request-id 2ZVZV23NM3WXBSXS alt-svc h3=":443"; ma=86400 content-length 75440 x-amz-id-2 7d+2uoyP5IKp9VbAbsnwEEq4YdxXuSZsQRKtrd/xVqstY+y9HaLQXK05WrxpcAhFtlKVsxF65+8= last-modified Tue, 18 Jul 2023 16:35:52 GMT server cloudflare etag "b5cf8ae26748570d8fb95a47f46b69e1" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD content-type application/font-woff2 access-control-allow-origin * access-control-expose-headers x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods cache-control max-age=2600000,public accept-ranges bytes cf-ray 7e97abcf89b3bbc7-FRA
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 31 KB	133ms 41ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://news.doitmakeup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Sat, 15 Jul 2023 18:31:37 GMT x-content-type-options nosniff age 373164 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 14 Jul 2024 18:31:37 GMT
GET H2	200	cmp2.js Show response quantcast.mgr.consensu.org/tcfv2/	178 KB 44 KB	44ms 43ms	Script text/javascript	2600:9000:225b:c00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=kueez.com Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/nCMHNG-AK-juF/kueez.com/choice.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 01:56:41 GMT content-encoding br via 1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 861 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 19 Jul 2023 15:20:42 GMT server AmazonS3 etag W/"1746c81073fb3adcecce59e604b48427" access-control-max-age 86400 access-control-allow-methods GET content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control max-age=3600 x-amz-meta-qc-ineu True vary Accept-Encoding x-amz-cf-id cAAr2BelNaXoKVbqVS_w4Pj7o5STA4aV2exIZZz0adLGRPs33ALqjQ==
GET H2	200	rules-p-nCMHNG-AK-juF.js Show response rules.quantcount.com/	160 B 633 B	161ms 39ms	Script application/javascript	2600:9000:20c3:dc00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-nCMHNG-AK-juF.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:dc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 741fde18265487dcf39661cf014695770e37d47fd51d66211a2466d53c9598e8 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 02:00:51 GMT via 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-C1 age 617 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 160 last-modified Thu, 13 Oct 2022 22:31:13 GMT server AmazonS3 etag "ffb75dcae26fbe565f43deb742e16b40" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id UrvJUspkp4kLWBMfd9zX-7cQDbOubvp4zd9a70fsuuw4WTJVDYANdg==
GET H2	200	cmp-list.json Show response test.cmp.quantcast.com/GVL-v2/	10 KB 3 KB	159ms 41ms	XHR application/json	2600:9000:225e:ea00:3:a4cd:8380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.cmp.quantcast.com/GVL-v2/cmp-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=kueez.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:ea00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 591effbd3500c19e856eed429dccb39e7a42b77b214cf8eaabb657821406604e Request headers Accept application/json, text/plain, */* Referer https://news.doitmakeup.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 03:00:43 GMT x-amz-version-id IG36Y9nZkMAq0uDyI6_EbCtqVaht4e_n content-encoding gzip via 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 83419 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 13 Jul 2023 19:52:29 GMT server AmazonS3 etag W/"ad9ea659adb4323526e3614837d845a7" access-control-max-age 86400 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control max-age=172800 vary Accept-Encoding x-amz-cf-id oYGe4t7nYyMioEvt1A4lXbvUC2WrQ4tZOwkXRSoL31P48--W85fIdw==
GET H2	200	cmp2ui-en.js Show response cmp.quantcast.com/tcfv2/47/	248 KB 60 KB	179ms 45ms	Script text/javascript	2600:9000:225b:e400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=kueez.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:e400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 15:21:35 GMT content-encoding br via 1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 38967 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Wed, 19 Jul 2023 15:20:10 GMT server AmazonS3 etag W/"556bc7ca21432cc0628ff6f67a5e09bc" access-control-max-age 604800 access-control-allow-methods GET content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control max-age=172800 vary Accept-Encoding x-amz-cf-id UvWdkO0efwR28Ru6xUYQJSv_Me7mZvqAdWGoyDrDzF6j9ZfSi_0agQ==
GET H2	200	vendor-list-trimmed-v1.json Show response cmp.quantcast.com/GVL-v2/	355 KB 43 KB	176ms 44ms	XHR application/json	2600:9000:225b:e400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=kueez.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:e400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2599d6db77edd5d83a4e9ad218c9460ae499e3ff9019cdce6bf6f229a3f77c66 Request headers accept-language de-DE,de;q=0.9 Referer https://news.doitmakeup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 03:00:42 GMT content-encoding br via 1.1 89efe3a7854e47cf7f1fe47e28e39348.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 83421 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING last-modified Wed, 28 Jun 2023 15:58:34 GMT server AmazonS3 etag W/"7627aa0ffd91ae8f4e90145601487f02" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control max-age=86400 access-control-allow-credentials true vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id XD9q-ARuRTZbFJ6QxwTW4FBkzXr12Et1sIV6ZqlaG6gGhx1sjhByxw==
GET H2	200	google-atp-list.json Show response cmp.quantcast.com/tcfv2/	151 KB 37 KB	216ms 85ms	XHR application/json	2600:9000:225b:e400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/tcfv2/google-atp-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=kueez.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:e400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b Request headers Accept application/json, text/plain, */* Referer https://news.doitmakeup.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 15:21:35 GMT content-encoding gzip via 1.1 89efe3a7854e47cf7f1fe47e28e39348.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 38968 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 19 Jul 2023 03:00:26 GMT server AmazonS3 etag W/"1dbfd79d4ea7f69c0c42a2f6065532e7" access-control-max-age 86400 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control max-age=172800 vary Accept-Encoding x-amz-cf-id hwJkZsmyvdL0m3pGRglEZnJAhDWKmlC1YhZXBIwjbbs_jxtFvsNXvA==
GET H2	200	/ Show response audit-tcfv2.cmp.quantcast.com/	2 B 101 B	154ms 40ms	XHR text/plain	35.157.8.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22nCMHNG-AK-juF%22%2C%22domain%22%3A%22news.doitmakeup.com%22%2C%22publisher%22%3A%22Kueez%20Network%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.47%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22uEuDB59uHx7lkb1GsoEM4Q%22%2C%22clientTimestamp%22%3A1689819062239%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-t8ojwvgf0u53fwe8dx9z%22%7D Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.8.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-8-26.eu-central-1.compute.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://news.doitmakeup.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers access-control-allow-origin * date Thu, 20 Jul 2023 02:11:02 GMT content-length 2 content-type text/plain; charset=utf-8

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| yotoApp object| yotoUtils object| dataLayer function| gtag object| googletag function| UAParser function| deferStyles object| asyncStyleSheets object| ggeac object| google_tag_data object| google_js_reporting_queue function| $ function| jQuery undefined| google_measure_js_timing function| a0c function| a0a function| a0D object| adsbygoogle object| pbjs object| _taboola function| __tcfapi object| pbjsChunk object| mnet object| bootstrap object| _qevents object| google_tag_manager function| quantserve function| __qc object| ezt object| _qoptions object| gaGlobal object| regeneratorRuntime function| __tcfapiui function| __uspapi

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.news.doitmakeup.com/	1970-01-20 13:23:42	Name: kls_abtv Value: a
			.news.doitmakeup.com/	1970-01-20 22:09:15	Name: yoto_uid Value: a11a20323ee518e1:1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Message: The resource https://quantcast.mgr.consensu.org/tcfv2/cmp2.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Message: The resource https://posts-cdn.kueez.net/zKAHuLyBZb5oG90X/image-g21S0uEj2fuyVc8I.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://news.doitmakeup.com/en/japlif-cp-fb?utm_source=fb1 Message: The resource https://c.amazon-adsystem.com/aax2/apstag.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

audit-tcfv2.cmp.quantcast.com
c.amazon-adsystem.com
cmp.quantcast.com
fonts.googleapis.com
fonts.gstatic.com
gtrack.kueez.net
gtrack.news.doitmakeup.com
kcdn.kueez.net
news.doitmakeup.com
posts-cdn.kueez.net
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static-cdn.kueez.net
test.cmp.quantcast.com
track.news.doitmakeup.com
www.googletagmanager.com
2600:9000:20c3:dc00:6:44e3:f8c0:93a1
2600:9000:225b:c00:9:46dc:4700:93a1
2600:9000:225b:e400:9:46dc:4700:93a1
2600:9000:225e:ea00:3:a4cd:8380:93a1
2606:4700:10::6816:13ef
2606:4700:10::6816:1795
2606:4700:10::ac43:1fbc
2606:4700:10::ac43:29d1
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:80b::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
35.157.8.26
52.222.208.154
0d644d044d92347b3636ff957a08955c27cc8b0fe73cde505b8789c220be7bb9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
2599d6db77edd5d83a4e9ad218c9460ae499e3ff9019cdce6bf6f229a3f77c66
2a865da8437a7c3251dcf8016b92ab7d936045b2de0109910db3c3a5a856896c
2ddc752c921c073e6558c329f8392d42d6fbda4c690fcba532a66392d3ea0b87
2eba9c91b824dbd87e60c31aa8beced03d7f21c6fbe38807a8825170c05d2b25
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
591effbd3500c19e856eed429dccb39e7a42b77b214cf8eaabb657821406604e
64d89a9176baec46740ac08b00de5f127d7f25b831a6776b435f094fbcf3fa63
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936
72bfdf1466afc9d3510a5930d002ee6531cfd35491f56370139e222ae85dce63
741fde18265487dcf39661cf014695770e37d47fd51d66211a2466d53c9598e8
7bb6069454f7cdd9a4017f8e063f622479d9de4d3efd176e3502da1cfec5d5c9
9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a
9ca5a1cdf97cb07f4a1c6d032fc4fb26ed02c8334f2baa6daf81f70b7fd0dc52
a77eaaef19da297f84e0525bed6e789298d7631e5db89666df3458abbc70c708
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
c082c2115e7e433ed7221a0dc4bd167a741b5daf42661ba366da996a0260cc94
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cfa5667696cc83b0f7a254304b2d7c4f1c38c9a1a3ae486a294093ffc2d5eae4
d5c0110614cb4d4897d0397604ba66de756d2f3ca31d8f075fde6b9c6f13aabe
d6da97edd19656f68716209159324331e7b44d2e455294b852a8cebbb0df9a8f
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2a06967038adaefd64a86de70ee96184c45be6157e0c611dec5b362c39a3ecb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef44654b8f934b2bc752083cdd45160d7fdbdbd9e4a9730450bb319c30f7faf8
f2061b8710917f1f965929f895b51bad8488ad2329e25161bef366b58a23a4ed
f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c
fe40532b9e4926cc8e3adb97b53155f4ad33f3da8b178672a7ff5b7417f3fe83
ff2e5fb825b8e45d2414b34ab898daba16da7a3bda060aff476dd00f2787bfd3